On Mon, 26 Aug 2002 rogertomlinson@??? wrote:
> A much simpler and easier solution is to avoid RAV and use Vexira MailArmor
> instead. With Vexira MailArmor you setup **any** Linux server as a proxy server
> and virus scan and forward mail to the backend Exim server. You can read more
frankly, not intending to step op anyone's toes, but... why exactly
would anyone want to run some binary-only *crap* (not directly
referring to vexira, but referring to every proprietary product which
these companies who are riding this linux wave, and speaking from
experience) as a *listener* for a quite important service, instead
running something you (hopefully) trust and can examine, if you have
any doubt ?
i've checked quite a number of virus scanning in the last couple of
months. the above rule-of-thumb is #1 on my list to examine; "does it
want to be a listener ? phew, one less to struggle with."
what exactly are you going to do when someone discovers a hole wide
enough to push the eiffel tower through in vexira's (insert xxx here)
smtp listener ?
my view is that any virus scanner which is even a tad bit more than a
library you can interface with (see sophie, trophie and the kinds), if
it wants to be anything more than just a scanning engine, is to be
avoided like plague. if one is lucky enough to use something that can
be interfaces with with some glues like sophie/trophie, wisest choice
is to use those. with eyes wide open...
(the above is coming from a very frustrating experience trying to
breach a product i'm using, being unsuccesful [so far], but this
unsuccesfulness isn't the above said product's programmer's advantage,
but a limitation in currently used filesystems. the holes are there,
though. [no, it's not vexira. vexira fell off at question number
one]).
