[Avcheck] Undelivered Mail Returned to Sender (fwd)

Marcio Merlone mm@surf.com.br
Wed, 12 Feb 2003 17:07:21 -0200 

Em Wed, 12 Feb 2003 21:11:40 +0300, Michael Tokarev <mjt@tls.msk.ru>
escreveu:

> Marcio Merlone wrote:
> > Em Wed, 12 Feb 2003 18:31:41 +0100 (CET), Dani Pardo
> This is an off-topic, but anyway, it is somehow related - avcheck is
> designed to help finding viruses in email.  Take a look at dsbl.org or
> monkeys.com insecure system (open proxy, relays, formmails etc) lists.
> Just try and see how it will work.  I'm putting great efforts keeping
> list of abuseable systems up to date, thanks to many people worldwide.
> Most significant problem with [a]dsl/broadband networks is a great
> number of insecure open proxies which are abused by spammers, and very
> big persentage of such a systems are blocklisted already, in
> list.dsbl.org and proxies.relays.monkeys.com.

Here in Brasil, there are many dynamic ip adsl, what makes more
difficult to fight spam, since the ip I block today will be assigned to
a non-spammer customer of mine tomorrow.. :(

> > Are you an avcheck developer also? Michael Tokarev told will not
> > have time to make avcheck work with clam soon... :(
> 
> Umm...  In fact, almost all my time now is spent working with (or
> rather against) abuse of various insecure systems, to make blocking of
> whole networks unnecessary, see above... ;)

That is a nice task, and yet as I said, ungrateful. This smtp-gw I
mentioned received 80.000 messages until now today, 35.000 blocked as
spam.

> Either way, adding support for another virusscanner _that runs in
> daemon mode_ is very easy.  I can't make promise, but I want to
> look at clam this week or so - if someone will not do this before.
> But there is a question: is clam able to decode MIME structure?

Haha! That's why avcheck is faster than amavis, it does less! It does
not decode MIME! :)

Easy! It is just a joke! :)

According to http://clamav.elektrapro.com/doc/html/node2.html

Features

    * GNU GPL license
    * POSIX compliant, portable
    * Secure
    * Very fast
    * Multi-threaded
    * User friendly
    * On-access scanning (Linux only)
    * Detects over 7000 viruses, worms and trojans
    * Supports compressed files and archives
    * Built-in support for RAR (2.0), Zip, Gzip



No mention about MIME de/encoding.

> Avcheck itself is a very tiny glue, it does not look at nor
> decode message structure - wich is done in avp and drweb (and
> in some other virusscanners too).  If clam has no support for
> this task, I'm afraid you'll need amavis or something like that.

What if another piece of software gluing avcheck with clamav in order
to make MIME decode? Dont know what sw, but I can search for... google
is our friend!

avcheck|mimedecoder|clamscan

--

    Marcio Merlone