# Postfix Free Antivirus soft?

## Yamakasi

Hi everybody,

I was looking for a good and free antivirus software for my mail server. 

Thanks

----------

## kashani

http://mailtools.anomy.net/

you can use anomy to delete or defang attachments depending on your preference. It's low tech, but pretty effective for being cheap.

kashani

----------

## rizzo

Or you could just use procmail and sort of roll-your-own anti-virus scheme.  Well I guess not so much anti-virus as anti-virus-carrying-types-of-documents.  Use procmail to drop or reject any VBS, EXE, DOC, XLS attachments, etc.  IMHO, the only attachments you need to allow through are pictures.  Although some dumbasses like to send DOCs for whatever reason.  Our company president writes his email in a Word DOC and then mails that DOC as an attachment instead of just writing the email in the email message.  Jackasses.

----------

## Xor

to disallow almost anything like pictures, plaintext and pdfs might be a real safe... but not doable in some environments.... there is a project called openantivirus (check freshmeat)

but I don't know how good the engine is.... or the patterns (but the get updated)...

----------

## psp

I've been looking into this recently....

The best (non-java) solutions I could find was using: postfix + amavis_ng + clamantivirus OR postfix + reconfigured messagewall. The solution I'm most comfortable with currently is the latter.

I've setup messagewall as a content filter (not the method the author envisioned, but allows me to selectively filter mail) for postfix. But I have not had time to extensively test this solution. I'm in the process of documenting the setup properly.

I also use postfix's header and body filtering...

The great thing is that both these solutions use the openantivirus (java based) virus pattern file.

----------

## Xor

Do you have the anti-virus loaded as daemon (scanning per socket) or do you start it for each mail (overkill)?

do you have any idea how good antivirus is in matter of identifing viruses? Can it compete with this closed-source/no-we-don't-support-glibc-2.3.1 stuff?

this might sound silly, but I though there would also be a non-java "daemon"? I don't like the idea to run java on production systems....

regards

xor

----------

## Xor

Found something....

It's _not_ completly free... but almost...

First you have to get the TrendMicro Scan Engine here http://www.trendmicro.com/ftp/products/engine/vsapi6150rh.tar.Z

don't forget to retrieve the latest patterns! (put in /etc/iscan)

then you have to go to here http://www.vanja.com/tools/

and get trophie... after that stuff is running you can get virge (also from vanja.com) and read the README.POSTFIX

now you got a fully working, almost free antivirus.... without java  :Smile: 

----------

## Yamakasi

Thanks Xor

I will try this as soon as possible and give u some updates.

----------

## kerframil

Xor/Yamakasi,

did you get this working? I couldn't (I though it was something to do with a gcc-3.2/gcc-2.9.5 ABI conflict between trophie and the virus sigs and have posted something in the Portage & Programming forum on that). I would certainly buy the commercial scanner package, if I could assure myself that this thing can actually work in Gentoo! Any tips?

----------

## Xor

I compiled the stuff under debian/gcc 2.95 - so I can't say if there are any problems under gentoo

----------

