[Dovecot] Virusscanning

Steffen Kaiser skdovecot at smail.inf.fh-brs.de
Wed Apr 14 14:16:46 EEST 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 14 Apr 2010, Sven wrote:

> I see a leakage with on-access virus scanning while using IMAP. Imagine users 
> are sharing mailboxes, one uploading malware via imap, others downloading it 
> via imap.
> Another one is the above mentioned virus scanner update.
> Scanning in the MUA is nice but can't deliver 99% sureness. I can't control 
> every client.
> In my next setup there will be a SSL/SASL only configuration. So proxies will 
> have problems and are one more possible point of failure (and need 
> maintenance).

> The only solution i see for this is a general AV-daemon or something like 
> dazuko to scan whole disk activity. Weekly scans of the whole filesystem are 
> usefull anyway.
> Or some dovecot filter plugin.

You've mentioned to not scan on the mail server, didn't you?

Well, the protocol-aware firewall can act as proxy itself, hence, decrypt 
the connection itself and forwards the commands as plain text.
Or use another Dovecot instance for proxying and decrypting and put the 
scanner in between the Dovecot proxy and the backend Dovecot.

Regards,

- -- 
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBS8WkI7+Vh58GPL/cAQKCoQf/a75CgIwRiRbmu2uB+TErgdCK4mGxsiRC
PotZ2oCs8D0jkPEOclkGHECEwCCq7WY0TRjDveHcIXjbn4YVjKJECu4bHfEpfoxo
3Bns+Z9g/NqZupbp7m8JFnJagYdp4dhbHqvQPC44DTzLgO5gdnM5+z3KsVh7c/lN
pSk7zxrvoxI96H73mWzs3mM63WS/4ZWC/1ACZMKGX7zQcKiwWCJwMLrXL0/EKjdW
jyzJ/iqluCKSKZVIEXI6I29CBWrLqVwFlJNxUBi8HsY/uACfHGNL9KrvNnGEUfUW
07TErTobeatm6LnTUOJcyEK8Yu9FPX79w0lo2O6x24o8UIiojtc6jw==
=isH/
-----END PGP SIGNATURE-----


More information about the dovecot mailing list