On 22/08/04 18:49 +0530, Sameer D. Sahasrabuddhe wrote:
I know I can always google for virus scanners available for linux based email gateways, but what I want to know is people's experience with them.
I use Postfix + amavisd-new + clamav. amavisd-new is a wrapper around a large number of antivirus packages. clamav from http://www.clamav.net/ is a GPLed antivirus scanner, and even though the number of signatures is apparently smaller than the commercial ones, the list is highly up to date for modern viruses.
How easy / difficult is it to set them up for a large organisation?
The setup itself is trivial. Depending on your mail volume, you may want to farm the scanner to another system altogether. Another trick to reduce the load is to use Postfix 2.x which has a built in MIME parser and block attachments with specific extensions (.pif, .com, .exe, .vbs, etc).
How effective are they? How frequently can you update them?
Clamav recommends that you update once every two hours (thats the default as well). If you want to update more frequently, they request that you provide a mirror.
Is there an auto-learning phase involved? What are the pro's and cons of such auto-learning scanners?
No autolearning phase.
Devdas Bhagat