Windows worms and mail server config

Doncho N. Gunchev mr700 at globalnet.bg
Fri Jan 30 12:37:03 UTC 2004 

On Friday 30 January 2004 03:23, Pedro Fernandes Macedo wrote:
> After those recent freaking virii around , I'm trying to find a way to
> block them...
> What's the best way to do this?
> I want to avoid sending unnecessary bounces (specially because I'm the
> postmaster for a domain that has about 1300 users and lots of virii
> bounces dailly , which are almost driving me mad, so I want to avoid
> unnecessary pain to other domain admins) ...
> Should I just reject messages containing the damned extensions
> (scr,com,pif,bat) or should I accept them , scan them using some
> antivirus and then drop the bounces of infected messages? The second
> option leaves the risk of someone sending a valid pif or bat file that
> has "format c: /X /Q"  , "deltree c: /y" or something like that , but
> leaves the valid e-mails coming... (even though I believe that normal
> windoze users dont send this kind of attachment)...

    There's no universal solution - depends on what you need. If it's a
corporate email you can probably stop all windows executable files...

>
> Right now my server is a standard redhat 9 at work and a FC1 at home ,
> both using sendmail... How can I do this?

    Give MailScanner (and probably SpamAssasin) a try. I found MailScanner
very configurable and working great with sendmail.

> (hints for qmail and postfix are welcome also , as we're thinking about
> switching from sendmail to qmail or postfix)
>
> Thanx...
>
> Pedro Macedo

    MailScanner does work with postfix, but I don't like the way it does.
    At the moment I'm testing sagator with postfix and amavisd. Sagator
is a python script and is not as good as MailScanner(perl) is. The
reason to give it a try is that it works as postfix 'content_filter' and
does not start 2 mailservers (as MailScanner does).
    For postfix there is avcheck-0.9pre2.tar.gz, but it looks a bit death
from 2003-07-27... there are patches at the maillist...
    I wan to entirely switch from sendmail to postfix, and have no much
experience with it yet, so I ask for your help. I'm interesded in
MailScanner alternative for postfix - links, documentation, examples...

-- 
Regards,
  Doncho N. Gunchev
  GPG-Key-ID: 1024D/DA454F79
  Key fingerprint = 684F 688B C508 C609 0371  5E0F A089 CB15 DA45 4F79

More information about the fedora-list mailing list