E-Mail Virus Scanning Options on Unix/Linux
The Goal
I'd like something that will plug into our existing
Exim/Procmail/SpamAssassin setup at WCNet (and elsewhere) to handle
scanning for common viruses without a ton of overhead or expensive
software licenses. The software should ideally work on Solaris,
Linux, and FreeBSD.
The Players
From what I can tell so far, the following are things to look at:
- Sophos
Anti-Virus - a commercial product that handles virus scanning on a
ton of platforms. There's a lot of free stuff that makes use of this
too, mostly becuaes the've published their API and a SDK.
- Sophie - A daemon
that makes use of libsavi which is provided by Sohpos.
Sophie clients communicate with the server using a local unix socket.
- AMaViS - A Mail Virus
Scanner. It has been around a while and supports all popular MTAs.
It has a good community of support. Makes use of various back-end
virus software, such as Sophos. The author's RubiCon presentation
is interesting.
- exiscan - An
Exim-specific scanner. For Exim version 3, there is a Perl package.
For Exim version 4, there is a patch to the Exim source that makes use
of Exim's local_scan() API. Ultimately, exiscan will call an
external virus scanner.
- Clam
Antivirus - A relative new-comer, Clam is a multi-threaded scanner
written in C. It uses the freely available virus signatures from the
OpenAntivirus project.
Clam has handy auto-update facility and a patch to add Clam support to
AMaViS.
- F-Prot -
Virus scanning for Linux and Windows. There's a per-server license
cost of roughly $300 or $450 annually.
My Testing
nothing yet
Jeremy@Zawodny.com
Last modified: Sun May 26 12:32:28 PDT 2002