NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2006-02

Re: clamav

From: Tom Lee (tom_lee01hotmail.com)
Date: Thu Feb 02 2006 - 14:09:20 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>
>A before queue (proxy) content filter doesn't require the mail to pass
>through Postfix twice, so it should be more efficient. More importantly,
>it allows you to reject messages based on their content, which isn't
>possible with after queue content filters.

before queue filter has the above advantages.
I just checked more documents and find SMTPD_PROXY_README mentioned two
disadvantage for using "before queue filter".

clamsmtp author also mentioned:
  "Before-queue filters make a poor choice for anti-virus scanners."
  from the link:
   http://memberwebs.com/nielsen/software/clamsmtp/postfix.html

>However, the proxy filter
>needs to function as a truly transparent proxy, and I doubt clamsmtp
>qualifies.

it said it can be worked out.
http://memberwebs.com/nielsen/software/clamsmtp/transparent.html

>
>Read FILTER_README. You probably want to use clamsmtp over plain
>command-driven clamav, but that depends on your requirements.

yes, I will use clamsmtp. thanks.

>
> > > Why did you install Postfix from source? There ARE rpms...
> >
> > there are two reasons:
> > 1) I want to make the postfix small in size by removing unneeded
> > supporting package in the compilation.
>
>What makes you think the size of Postfix will change in any significant
>way if you opt out on a few feature, and what makes you think this even
>matters? You are attempting to optimize a non-problem.
>
> > 2) postfix 2.3 uses devoct to smtp authentification, I used postfix
> > 2.2 sasl. doing yum upgrade will upgrade the version to 2.3 in the
> > future and I want to stick with postfix 2.2 and sasl.
>
>This is false. In Postfix 2.3 Dovecot authentication is an option, but
>Cyrus SASL support is still there.

we don't know if redhat will make dovecot authentication by default in
postfix 2.3 RPM.
thanks.

Tom

>
>--
>Magnus Bäck
>magnusdsek.lth.se

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]