Hello,
At
http://crawler.rmf.pl/exim/ I've put my own humble attempt to get rid
of viruses and binary attachments in my users' e-mail. The filter consists
of two parts - an exim system filter rule (filter) and some perl code
that performs actual scanning (exim.pl). As of speed - this is perl.
It is not supposed to be fast, and it is not. But on a dual PIII/500
with 512MB RAM and a RAID controller it performs quite good for a system
that couples with about 600-700MB of traffic per day. As we are a radio
station, this code sometimes scans 10MB+ mails (I doubt I'll ever force
users not to send those broadcast-quality WAVE files via e-mail) and it
seems to be robust enough for a production server. Excuse me the style,
it is written; I'm not a computer scientist, not even a programmer; just
a system administrator. I'll greatly appreciate any feedback, comments,
especialy related to security - I've tried to make this hack as secure
as possible avoiding places where shell expansions could occur but
it is very possible I didn't notice something important. Also please
excuse the fact, that the non-delivery notifications are in Polish;
I hope that English versions will help you to understand them.
One more thing - the virus-scanning part uses uvscan from NAI to do its
job. And yet another thing - the idea of scanner and style of the
notofication messages are based on the filter that is used at BBC Radio,
UK.
Greetings,
--
Lukasz Grochal, network administrator
Radio Muzyka Fakty, Sp. z o.o. al. Waszyngtona 1, 30-204 Krakow
tel., fax: +48 12 4252625 e-mail: l.grochal@???