qSheff and qscanq detaches incoming mail as a message body and attachments using ripmime. They scans these files agains viruses via a command-line virus scanner i.e. clam. If antivirus program cannot find any virus within the files, they passed the mail to qmail-queue. If, on the other hand, antivirus program does find any virus within the mail, they returns an error message to qmail-smtpd, indicating some viri activity has been recorded in the incoming mail. qmail-smtpd returns the "Permanently Rejected" error message to the smtp client.
Zabit scans the files detached by qSheff or qscanq (via ripmime) and checks to see whether these files include keywords and attachment names contained in zabit configuration file. For the matching mails, it returns error messages.
If you have a virus scanner installed and you want to use both zabit and your virus-scanner on the same setup, zabit-wrp is your friend. zabit-wrp first runs zabit, if it returns error, it returns the error; if not, it runs the virus scanner returns any error messages returned by virus scanner program. This way, your mails can be both checked agains virus and spammer activity. The reason zabit is run before virus scanner is that it can scan names and extentions on attachments names. Files with *.pif extension can be blocked without further investigation by virus scanners so that the system resources are used much more wisely.
http://www.enderunix.org/zabit
-- LucaGibelli - 11 Feb 2007
Edit | Attach | Print version | History: r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r1 - 2007-02-11 - 00:17:20 - LucaGibelli
Main Web
Create New Topic
Index
Search
Changes
Notifications
RSS Feed
Statistics
Preferences
Main |
|
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback