UPGRADE? Re: [Avcheck] Version 0.9
Michael Tokarev
mjt@tls.msk.ru
Mon, 29 Jul 2002 21:50:05 +0400
Allen Bolderoff wrote:
[]
> OK, am I right to assume that, I can drop in upgrade 0.7 with 0.9, as long
> as infected is updated to handle Klez variant?
The only real change since 0.7 was (if you're using avp):
- avcheck now prints more verbose diagnostic when it sees an
unexpected response from avp, so you'll see what's wrong.
Useful mostly for those who just installed the whole thing,
to diagnose problems.
- handling of additional avp's return code, produced when avp
encounters some new format it isn't aware of yet (like new
msoffice documents in 3.0 series of avp) - this case will be
handled just like there was no viruses found.
Both changes are quite minor. I recommend to upgrade because of
the second change, so you'll have less chances to have deferred
uncheckable messages. You may not encounter any, or may got some,
depending on your users.
Concerning klez and variants, I'd recommend to block those at
smtp level (using body_checks in postfix) and not bother even
checking those (and accepting into your machine). Let the other
system send any bounces... ;)
> It appears to be working, I am just unsure if there will be repurcussions.
Since all the changes are cosmetic, I don't expect any problems
when upgrading (at the end, there is only one executable that
even should not be restarted). But there should be no issues
keeping 0.7 version too, for now.
/mjt