Tuesday, July 19, 2005

Setting up virus scanner for mail server

This task is quite simple and the tools are readily available on the internet. In the spirit of Open Source, may of the tools are made free and come with source code. Binary version for may distros are available too. It's only a matter of choice and how we're going to set things up.

Clam antivirus is one of the best antiviri around. So far she can detect almost 97% of Windows viri and worms. Those viri are always reached our computers over network and internet. The main medium is email. I personally got in average 5 to 10 emails containing virus. That's why, antivirus is really important these days.

This is a script invoked by procmail to scan and send a notice to the sender if the mail contains virus. trasscan comes with clamav package.

Setting up procmailrc for scanning

# procmail configuration for TrashScan:
# ZapCoded by Trashware; 13.10.2002

# [ ... ]

# ----------------------------------------------------------------------------- #
# Virus scan section ... #
# ----------------------------------------------------------------------------- #

# 1. Run TrashScan
* multipart
* !^X-Virus-Scan:
| /usr/local/sbin/trashscan

# 2. Filter tagged virus mails
* ^X-Virus-Scan: Suspicious

The last line will delete the mail containing virus.

No comments: