sslug-teknik team mailing list archive
-
sslug-teknik team
-
Mailing list archive
-
Message #60872
Re: Linux programmer til virus check
Har du hørt om MailScanner?
http://www.sng.ecs.soton.ac.uk/mailscanner/
----------------------------------------------------------------------------
---------------------
HOWTO mailscanner for sendmail
==============================
by Thomas Chung (tchung AT openwebmail.org)
Last Update: 2002-09-23
1. Download virus scanner software
fp-linux_sb.rpm from http://www.f-prot.com/download/getfplinfree.html
2. Rename software for future reference
mv fp-linux_sb.rpm f-prot-3.12a-1.i386.rpm
3. Install virus scanner software
rpm -Uvh f-prot-3.12a-1.i386.rpm
4. Create Daily Cron Job to update virus definition automatically
cd /etc/cron.daily
ln -s /usr/local/f-prot/check-updates.sh f-prot.cron
5. Download mail scanner software
mailscanner-3.22-10.i386.rpm from
http://www.sng.ecs.soton.ac.uk/mailscanner/downloads.shtml
6. Install mail scanner software
rpm -Uvh mailscanner-3.22-10.i386.rpm
and remove "Sophos.autoupdate" from /etc/cron.daily which is unnecessary
since we installed f-prot instead.
7. Change mailscanner config file for f-prot (by default, sophos is used)
vi /usr/local/MailScanner/etc/mailscanner.conf
1) Virus Scanner = f-prot
2) Sweep = /usr/local/f-prot/f-protwrapper
8. Start mailscanner service:
service mailscanner start
9. That's it! Now if you receive any email with suspicious attachment, you
will be notified by email
as an example shown below:
=====
This is a message from the MailScanner E-Mail Virus Protection Service
----------------------------------------------------------------------
The original e-mail attachment "07 ¤£¤@¼Ë Different.pif"
was believed to be infected by a virus and has been replaced by this warning
message.
If you wish to receive a copy of the *infected* attachment, please
e-mail helpdesk and include the whole of this message
in your request. Alternatively, you can call them, with
the contents of this message to hand when you call.
At Sun Jul 21 16:06:35 2002 the virus scanner said:
/var/spool/MailScanner/incoming/g6LN6K421609/07 ¤£¤@¼Ë Different.pif
Infection: W32/Klez.H@mm
Shortcuts to MS-Dos programs are very dangerous in email in 07 ¤£¤@¼Ë
Different.pif
Note to Help Desk: Look on the MailScanner in
/var/spool/MailScanner/quarantine (message g6LN6K421609).
--
Postmaster
Minor URL Issue in Virus Report
================================
To correct the URL for mailscanner web site in Open Wembail message,
1) cd /usr/local/MailScanner/etc
2) add "http://" in front of "www.mailscanner.info" in following files
- sender.error.report.txt
- sender.filename.report.txt
- sender.virus.report.txt
More tweak on /usr/local/MailScanner/etc/mailscanner.conf
=========================================================
1) If you don't want to deliver the email with virus removed to recipients
Deliver To Recipients = no
2) If you don't want to notify the infected message to sender
Notify Senders = no
3) If you don't want to keep (quarantine) the infected message
Action = delete
----------------------------------------------------------------------------
-----
----- Original Message -----
From: "Carsten Brink" <cbrink@xxxxxxx>
To: <sslug-teknik@xxxxxxx>
Sent: Saturday, February 22, 2003 6:50 AM
Subject: [TEKNIK] Linux programmer til virus check
> Jeg har en redhat 7.2 server stående koblet optil vores netværkpå
arbejdet. Vores teledata afdeling som er meget windos baseret er meget
bekymret over, at der ikke er virus beskyttelse på maskinen (at de er
ligeglade med de fem unix maskiner jeg har står som et mysterium). Derfor
vil jeg høre om der nogle der har erfaring med virus check programmer til
Linux. Personligt ville jeg selvfølgelig helst have freeware, men også hvis
der skal betalles licens for det hører jeg gerne om erfaringer samt
referencer til produkterne
>
> Med venlig hilsen
> Carsten
>
>
>
>
>
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.455 / Virus Database: 255 - Release Date: 2/13/2003
References