Not to waste anyone's time, but I posted this on SA list and a Sophos site, but, came up with zip. Not even a "do-dah". Beyond "experiences"
any leads to general "how to: guides that work in practice? >> SOHO system, on virtual machines. Fairly recent versions. Running openSUSE Leap 15.1. Due to some recent malware (in attachments, obvious stuff) wanted to add AV scanning. I gather "Amavis-new" is the hot ticket these days, I deal with Sophos products and would like to use their linux product to do the scanning. Seems to be precious little on how to do that. Any experiences? --------------------------------- j4computers, llc Stone Ridge, NY 12484 845-687-3734 www.j4computers.com --------------------------------- |
On 23/11/2020 16:34, Joe Acquisto-j4 wrote: > Not to waste anyone's time, but I posted this on SA list and a Sophos site, but, came up with zip. Not even a "do-dah". Beyond "experiences" > any leads to general "how to: guides that work in practice? > >>> SOHO system, on virtual machines. Fairly recent versions. Running openSUSE Leap 15.1. > Due to some recent malware (in attachments, obvious stuff) wanted to add AV scanning. I gather "Amavis-new" is the hot ticket these days, > > I deal with Sophos products and would like to use their linux product to do the scanning. Seems to be precious little on how to do that. > > Any experiences? None with Sophos products on Linux. But I use amavis as content-filter and it in turns calls SA (which presumably you already know about) and ClamAV. ClamAV works well provided you add various 3rd-party signatures. I know of two tools to assist with these: https://github.com/extremeshok/clamav-unofficial-sigs and the newer https://github.com/rseichter/fangfrisch. |
In reply to this post by Joe Acquisto-j4
Joe,
> Due to some recent malware (in attachments, obvious stuff) wanted to add AV scanning. I gather "Amavis-new" is the hot ticket these days, > I deal with Sophos products and would like to use their linux product to do the scanning. Seems to be precious little on how to do that. I am using amavis with clamav. Sorry, no additional commercial virus scanners, but I noticed that amavis.conf contains setups for a lot of commercial virus scanners. May be worth a look. Michael |
michael Schumacher wrote:
> Joe, > >> Due to some recent malware (in attachments, obvious stuff) wanted to add AV scanning. I gather "Amavis-new" is the hot ticket these days, >> I deal with Sophos products and would like to use their linux product to do the scanning. Seems to be precious little on how to do that. > > I am using amavis with clamav. Sorry, no additional commercial virus scanners, but I noticed that amavis.conf contains setups for a lot of commercial virus scanners. May be worth a look. > > Michael > > FWIW, I was going to say my impression is amavis-new was the hot ticket several years ago, but is losing market share to rspamd. https://rspamd.com/doc/modules/external_services.html says rspamd has been tested with Sophos (via SAVDI). My amavisd.conf says it works with Sophie (unmaintained since 2004), Sophos SAVE via SAVI-Perl (https://metacpan.org/release/SAVI-Perl from 2005), and as a last resort Sophos sweep. |
> michael Schumacher wrote:
>> Joe, >> Due to some recent malware (in attachments, obvious stuff) wanted to add AV > scanning. I gather "Amavis-new" is the hot ticket these days, >>> I deal with Sophos products and would like to use their linux product to do > the scanning. Seems to be precious little on how to do that. >> >> I am using amavis with clamav. Sorry, no additional commercial virus > scanners, but I noticed that amavis.conf contains setups for a lot of > commercial virus scanners. May be worth a look. >> >> Michael >> >> > > FWIW, I was going to say my impression is amavis-new was the hot ticket > several years ago, but is losing market share to rspamd. > https://rspamd.com/doc/modules/external_services.html says rspamd has > been tested with Sophos (via SAVDI). My amavisd.conf says it works with > Sophie (unmaintained since 2004), Sophos SAVE via SAVI-Perl > (https://metacpan.org/release/SAVI-Perl from 2005), and as a last resort > Sophos sweep. I'll have a look, thanks. The links to those references on the amavis docs page seem to be out of date, as they lead to dead ends, far as I could tell. --------------------------------- j4computers, llc Stone Ridge, NY 12484 845-687-3734 www.j4computers.com --------------------------------- |
In reply to this post by Richard Siddall
Hi Richard, Amavisd-new can be extended to support SAVDI. I am using it in one of my installation. Just google search amavisd + savdi, there are numerous documentation on how to do so. Kind regards On Tue, Nov 24, 2020, 9:07 PM Richard Siddall <[hidden email]> wrote: michael Schumacher wrote: |
Free forum by Nabble | Edit this page |