Am Mi, den 02.03.2005 schrieb Dale Sykora um 18:00:
Alexander,
This thread caused an idea to pop into my head. What if virus scanners would digitally sign outgoing messages as virus free such that incoming mail handlers could verify the message+signatures and not have to scan for virii? Then active lists like fedora-list could scan once at the server and all the recipients would only have to check the signature.
Dale
The idea is not that bad, to rely on a trusted central virus scanning service. On the other hand, while speaking about mailing list, I would really wish all would catch out virus / worm mails and not let them go through to the subscribers, rather than to just tag them as clean or infected. Red Hat handles this pretty well I feel while for instance through the Cyrus lists spam and I think even worms are getting through. The problem with your idea about tagging mail as clean is that "the bad side" will fake such signatures. So in general it is no good idea to trust mail header tags in general like mail body signature strings. While saying that, I believe to remember that DSPAM is using signatures. But as I never used that tool I can't say how they operate with them and how reliable such a sig is.
Alexander
Hi guys,
First, thanks a lot for the interest in this thread.
i remember some times on the samba-list, when some worms where around, i had about 75 viruses PER HOUR. And they did not filter anything....
so, i do my very best to answer all your questions:
1) i don't use clam, i use antivir (h+b edv)
2) the machine is a old p3/866 mhz with 128 mb ram only, running fc3 (a granny machine...)
3) mail quantity is about 300-400 per day. Average use is according to tload between 0.90 and 3.50 (peaks) avg about 1.3 *ouch*
4) spamassassin is running as daemon (3 childprocesses)
5) amavisd-new is running as dameon (3 childprocesses)
Roger
