[Dovecot] Virusscanning
Ken A
ka at pacific.net
Tue Apr 13 17:01:23 EEST 2010
On 4/13/2010 6:21 AM, Andreas Schulze wrote:
> Am 13.04.2010 20:37 schrieb Noel Butler:
>> So, you want postfix to accept the virus, send it to dovecot's deliver
>> which then calls a virus scanner and finds it infected and deletes it,
>> that makes absolutely no sense
> ACK.
>
> but imagine:
>
> MTA delivers a mail where the virusscanner finds nothing. Mail gets delivered.
> Some time later there is a scannerupdate. Now the scanner would find a malicious content.
>
> So I may instantly scan the complete mailstore each time a new pattern arrives
> or scan only each accessed mail with the latest pattern. This seems smarter to me.
>
With this logic, you should virus scan at every point along the chain.
That is overkill for such a i/o intensive operation like virus scanning.
Let the MTA scan it, and the MSA (or client's network) scan it before
opening.
Ken
> For this scenario I would like to see a concept for datainspection/datamodification in dovecot.
> What about when dovecot would act as a milter client?
> Sounds strange but the problems are the same, why not use existing solutions ?
>
--
Ken Anderson
Pacific Internet - http://www.pacific.net
More information about the dovecot
mailing list