[SEMI-OFFTOPIC] two antivirus

[Ricky Boone]

On Fri, Jun 7, 2024 at 3:23 PM Rick Gutierrez <xserverlinux at gmail.com> wrote:
>
> Hi ricky thnk  for the interest in this email,  on the other hand, I'm
> not really looking for F-secure as the only option, rather I was
> wondering what antivirus outside of Avast or Clamav they used in
> conjunction with mailscanner to add more protection to emails.

Okay.  From that, it looks like the supported list of virus scanners
could be found here, but I would need to defer to the community for
any additional experience with them.

https://github.com/MailScanner/v5/blob/master/common/etc/MailScanner/virus.scanners.conf

I will say, however, that while adding multiple virus engines is good
to help layer your security, it will add additional complexity and
scanning times for your email, which can be an issue for some users
that expect email to be realtime.  Something to think about.

You may also want to consider additional signatures for ClamAV, not
relying only on the official ones.  It can increase your chance of
false-positives, which you will need to either maintain a whitelist
for or similar maintenance, but I have found many malicious emails
with these.  Fangfrisch (https://rseichter.github.io/fangfrisch/) is a
good tool to help select and organize many of these.  One source in
particular that I find helpful is twinclams
(https://github.com/splunk/twinclams), which is fairly active and
accurate.

> I'm going to take a look, I'm not sure if this would work on Rocky Linux 8/9.

Based on their supported operating systems list, it looks like both
should be supported.