Re: [Exim] Virus scanning architecture

Pàgina inicial
Delete this message
Reply to this message
Autor: Michael J. Tubby B.Sc. G8TIC
Data:  
A: exim-users
Assumpte: Re: [Exim] Virus scanning architecture
----- Original Message -----
From: "Elena Blanco" <elena.blanco@???>
To: <exim-users@???>
Sent: Wednesday, January 03, 2001 3:44 PM
Subject: [Exim] Virus scanning architecture


> Could I please pick your collective brains on an aspect of virus scanning?
>
> I have been asked to provide a virus scanning service that is available
> for use by any mail servers in the Oxford domain that want to use it.
> Now it's pretty straight forward to get messages into a virus-sweeping
> box and run the anti-virus software on each message BUT I have a
> problem re-injecting the scanned message for delivery. The requirement
> is to send the scanned message back to the host that sent it for virus
> scanning in the first place (with an appropriate header indicating that
> it has been scanned obviously). Since all but 4 of the mail servers
> that can potentially use this service are servers that are NOT under my
> control, how do I get the virus-scanning box to send the message back
> to the last server that appears in the received headers so that that
> host is responsible for spooling and delivering the clean message? Are
> there any compelling reasons not to use this kind of architecture other
> than the fact that it sounds hideous?
>
> Elena
>


Suggest you look at "Knowledge Checker" by Imhotek (www.imhotek.com)
its an Exim plug-in system message filter, written in PERL, which integrates
with either Sophos Antivirus or Norton NAV.

The default mode is "pass thru" where it will check a mail message and its
(nested) attachments and decide whether to let it pass or reject it. Rejects
can be sent to the originator, the intended recipipient and/or
(configuirable)
others.

I'm pretty sure that it could be "bent" with a minor tweek to provide the
virus
scanning service you require.


Mike