|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: clamav
From: mouss (usebsd
free.fr)
Date: Sat Feb 04 2006 - 08:49:07 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Tom Lee a écrit :
>
> However, I noticed that the following line has to be commented out
> content_filter = scan:[127.0.0.1]:10025
>
yes. otherwise this would be applied to all traffic. if you don't want
to filter outbound mail, then use Wietse recommendation (this is also
documented in the FILTER README).
but do it in main.cf, so that it applies to the before-filter smtpd (the
one listening on port 25 for instance).
> In other words, content_filter should be empty. otherwise, it will scan
> all outgoing mails.
>
> The reason for such a setting is to limit the use of resources for the
> mail server.
> all clients has antivirus installed on the PC with antivirus, it will
> scan all sending out emails.
> no need to scan twice again inthe server side.
>
If the clients anti-virus is well maintained (updated often enough) and
not disabled, then you can indeed skip scanning of outbound mail.
On the other hand, if you don't have scarse resources, scanning them on
the gateway gives an additionnal level of security (this way, if one of
the AV's misses a virus, it may be caught by the other). defense in depth...
This also protects against cases when the client AV is disabled, either
manually by the user (be that voluntary or accidental. imagine a scam
that tells the user "this nice sw only works if you do this and that")
or because of a bug after a an AV or system update (winXP SP2 comes to
mind, when it broke many AVs and required downloading patches).
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]