[OT] Virus Scanning E-Valulation
Matthew Bowman
mbowman at UDCOM.COM
Mon Mar 31 20:31:02 IST 2003
Hello All,
I have been evaluating Sophos, F-Prot and Clam on our server running
MailScanner.
MS 4.13-4
SA 2.43
RH 7.2 w/ sendmail updated
Based on 136 files in /var/spool/MailScanner/quarantine, each of the 3
programs reported the following:
clamscan -r .
----------- SCAN SUMMARY -----------
Known viruses: 7495
Scanned directories: 114
Scanned files: 136
Infected files: 0
Data scanned: 25.83 Mb
Used threads: 2
I/O buffer size: 131072 bytes
Time: 1.735 sec (0 m 1 s)
sweep -f -di .
136 files swept in 4 seconds.
No viruses were discovered.
End of Sweep.
f-prot -auto -disinf .
Files: 136
MBRs: 0
Boot sectors: 0
Objects scanned: 293
Infected: 78
Suspicious: 0
Disinfected: 0
Deleted: 0
Renamed: 0
Example of f-prot output:
var/spool/MailScanner/quarantine/20030331/h2VJKYg01851/message->CADDZ3NN.scr
Infection: W32/Klez.H at mm
Virus-infected files in archives cannot be deleted.
What is everyone else using for their scanner 'options' at the command
line and scan e-mails through mailscanner?
Are the options that I am using to evaluate wrong in anyway?
Thanks
Matthew K Bowman
Sys Admin
UDCom
More information about the MailScanner
mailing list