Loading ...
Sorry, an error occurred while loading the content.

clamd with clamsmtp vs mailscanner

Expand Messages
  • Muhammad Yousuf Khan
    i wanted to have an experienced suggestion from Pros. i have been going through from different steps deploying clamav and spamassassin, one is mailscanner
    Message 1 of 11 , Jan 31, 2013
    • 0 Attachment
      i wanted to have an experienced suggestion from Pros. i have been
      going through from different steps deploying clamav and spamassassin,
      one is "mailscanner" and seccond one is "clamd with clamsmtp"
      in your expert opinion which one is the right track to choose. like
      which one is efficient in perspective of hardware utilization /
      resources utilization , complexity and more appropriate approach
      towards stable deployment.

      Thanks
    • Noel Jones
      ... Neither. If you only want to do virus scanning, use the clamav-milter included with clamav. Mailscanner is not recommended for use with postfix.
      Message 2 of 11 , Jan 31, 2013
      • 0 Attachment
        On 1/31/2013 5:59 AM, Muhammad Yousuf Khan wrote:
        > i wanted to have an experienced suggestion from Pros. i have been
        > going through from different steps deploying clamav and spamassassin,
        > one is "mailscanner" and seccond one is "clamd with clamsmtp"
        > in your expert opinion which one is the right track to choose. like
        > which one is efficient in perspective of hardware utilization /
        > resources utilization , complexity and more appropriate approach
        > towards stable deployment.
        >
        > Thanks
        >


        Neither. If you only want to do virus scanning, use the
        clamav-milter included with clamav.

        Mailscanner is "not recommended" for use with postfix. clamsmtp is
        more complicated than using the bundled clamav-milter.

        clamav-milter integrates easily with postfix, is reliable, and has
        fewer third-party dependencies compared to the other choices.


        Also consider using the add-on Sanesecurity anti-spam signatures for
        clamav. I've found them to be quite useful with very low false
        positives.
        http://www.sanesecurity.com/



        -- Noel Jones
      • Muhammad Yousuf Khan
        ... since i am new and just trying to explore things so would you please share why not mailscanner? for my learning Thanks,
        Message 3 of 11 , Jan 31, 2013
        • 0 Attachment
          On Thu, Jan 31, 2013 at 5:33 PM, Noel Jones <njones@...> wrote:
          > On 1/31/2013 5:59 AM, Muhammad Yousuf Khan wrote:
          >> i wanted to have an experienced suggestion from Pros. i have been
          >> going through from different steps deploying clamav and spamassassin,
          >> one is "mailscanner" and seccond one is "clamd with clamsmtp"
          >> in your expert opinion which one is the right track to choose. like
          >> which one is efficient in perspective of hardware utilization /
          >> resources utilization , complexity and more appropriate approach
          >> towards stable deployment.
          >>
          >> Thanks
          >>
          >
          >
          > Neither. If you only want to do virus scanning, use the
          > clamav-milter included with clamav.
          >
          > Mailscanner is "not recommended" for use with postfix. clamsmtp is
          > more complicated than using the bundled clamav-milter.
          >
          since i am new and just trying to explore things so would you please
          share why not mailscanner? for my learning

          Thanks,




          > clamav-milter integrates easily with postfix, is reliable, and has
          > fewer third-party dependencies compared to the other choices.
          >
          >
          > Also consider using the add-on Sanesecurity anti-spam signatures for
          > clamav. I've found them to be quite useful with very low false
          > positives.
          > http://www.sanesecurity.com/
          >
          >
          >
          > -- Noel Jones
        • Noel Jones
          ... mailscanner manipulates the postfix queue in an unsafe manner, with a very real possibility of silently lost or truncated messages. This is unfortunate,
          Message 4 of 11 , Jan 31, 2013
          • 0 Attachment
            On 1/31/2013 7:21 AM, Muhammad Yousuf Khan wrote:
            >> Mailscanner is "not recommended" for use with postfix. clamsmtp is
            >> more complicated than using the bundled clamav-milter.
            >>
            > since i am new and just trying to explore things so would you please
            > share why not mailscanner? for my learning
            >

            mailscanner manipulates the postfix queue in an unsafe manner, with
            a very real possibility of silently lost or truncated messages.
            This is unfortunate, since mailscanner has an impressive feature set.

            From http://www.postfix.org/addon.html#content:

            "mailscanner system, works with Postfix and other MTAs. WARNING:
            This software uses unsupported methods to manipulate Postfix queue
            files directly. This will result in corruption or loss of mail. The
            mailscanner authors have sofar refused to discuss a proper access
            API or protocol".


            I'm sure there are lots of "works for me" reports. There are also
            documented cases of silent failure in the list archive.
          • Scott Kitterman
            ... What third party dependency does clamsmtp require that isn t also required by clamav-milter? Scott K
            Message 5 of 11 , Jan 31, 2013
            • 0 Attachment
              On Thursday, January 31, 2013 06:33:45 AM Noel Jones wrote:
              > On 1/31/2013 5:59 AM, Muhammad Yousuf Khan wrote:
              > > i wanted to have an experienced suggestion from Pros. i have been
              > > going through from different steps deploying clamav and spamassassin,
              > > one is "mailscanner" and seccond one is "clamd with clamsmtp"
              > > in your expert opinion which one is the right track to choose. like
              > > which one is efficient in perspective of hardware utilization /
              > > resources utilization , complexity and more appropriate approach
              > > towards stable deployment.
              > >
              > > Thanks
              >
              > Neither. If you only want to do virus scanning, use the
              > clamav-milter included with clamav.
              >
              > Mailscanner is "not recommended" for use with postfix. clamsmtp is
              > more complicated than using the bundled clamav-milter.
              >
              > clamav-milter integrates easily with postfix, is reliable, and has
              > fewer third-party dependencies compared to the other choices.

              What third party dependency does clamsmtp require that isn't also required by
              clamav-milter?

              Scott K
            • Noel Jones
              ... Other than the obvious? -- Noel Jones
              Message 6 of 11 , Jan 31, 2013
              • 0 Attachment
                On 1/31/2013 8:26 AM, Scott Kitterman wrote:
                > On Thursday, January 31, 2013 06:33:45 AM Noel Jones wrote:
                >> On 1/31/2013 5:59 AM, Muhammad Yousuf Khan wrote:
                >>> i wanted to have an experienced suggestion from Pros. i have been
                >>> going through from different steps deploying clamav and spamassassin,
                >>> one is "mailscanner" and seccond one is "clamd with clamsmtp"
                >>> in your expert opinion which one is the right track to choose. like
                >>> which one is efficient in perspective of hardware utilization /
                >>> resources utilization , complexity and more appropriate approach
                >>> towards stable deployment.
                >>>
                >>> Thanks
                >>
                >> Neither. If you only want to do virus scanning, use the
                >> clamav-milter included with clamav.
                >>
                >> Mailscanner is "not recommended" for use with postfix. clamsmtp is
                >> more complicated than using the bundled clamav-milter.
                >>
                >> clamav-milter integrates easily with postfix, is reliable, and has
                >> fewer third-party dependencies compared to the other choices.
                >
                > What third party dependency does clamsmtp require that isn't also required by
                > clamav-milter?
                >
                > Scott K
                >


                Other than the obvious?




                -- Noel Jones
              • Thomas Leuxner
                ... That is a tad bit vague. When I looked at the milter some (long) time ago, it was far less intuitive than a dedicated SMTP interface. It also gave very
                Message 7 of 11 , Jan 31, 2013
                • 0 Attachment
                  * Noel Jones <njones@...> 2013.01.31 18:23:

                  > Other than the obvious?

                  That is a tad bit vague. When I looked at the milter some (long) time ago, it was far less intuitive than a dedicated SMTP interface. It also gave very little to no messages indicating it actually processed mail. I went with clamsmtp at that time which never failed me and ran without any hiccups happily ever after. It even provides the ability to trigger event driven actions - whether you need that feature or not. I'm lacking background on milter interfaces vs. SMTP servers, but my gut feeling is that the latter is far more scalable.

                  Regards
                  Thomas
                • Noel Jones
                  ... Hash: SHA1 ... Mostly I was referring to mailscanner as having more third-party dependencies, but clamsmtp has the obvious dependency of itself, whereas
                  Message 8 of 11 , Jan 31, 2013
                  • 0 Attachment
                    -----BEGIN PGP SIGNED MESSAGE-----
                    Hash: SHA1

                    On 1/31/2013 1:40 PM, Thomas Leuxner wrote:
                    > * Noel Jones <njones@...> 2013.01.31 18:23:
                    >
                    >> Other than the obvious?
                    >
                    > That is a tad bit vague. When I looked at the milter some
                    > (long) time ago, it was far less intuitive than a dedicated
                    > SMTP interface. It also gave very little to no messages
                    > indicating it actually processed mail. I went with clamsmtp at
                    > that time which never failed me and ran without any hiccups
                    > happily ever after. It even provides the ability to trigger
                    > event driven actions - whether you need that feature or not.
                    > I'm lacking background on milter interfaces vs. SMTP servers,
                    > but my gut feeling is that the latter is far more scalable.
                    >
                    > Regards Thomas
                    >

                    Mostly I was referring to mailscanner as having more third-party
                    dependencies, but clamsmtp has the obvious dependency of itself,
                    whereas clamav-milter is included with & maintained by the clamav
                    team.

                    The postfix <> milter interface is dirt-simple to set up, and
                    doesn't suffer from the double-hop performance penalty of a proxy.
                    That said, I expect real-world performance to be close enough
                    that it's not a deciding factor.

                    With milter, you also get the (questionable, but important to some
                    folks) ability to specify a default action when the back end breaks.
                    http://www.postfix.org/postconf.5.html#milter_default_action

                    You're right that clamav-milter doesn't spam your logs with
                    unnecessary "Still working! Clean mail!" messages; that's probably
                    a good thing. You can always turn on debugging during
                    install/testing to see if it's really working.

                    The clamav-milter is also not particularly flexible. Its "virus"
                    actions are limited to "reject" or "quarantine" (hold), globally
                    configured.
                    When I need something more flexible, I prefer amavisd-new, which
                    is high-performance, high-reliability, very flexible, and can be
                    used as a proxy or milter.

                    I think that's enough on this subject.


                    -- Noel Jones
                    -----BEGIN PGP SIGNATURE-----
                    Version: GnuPG v2.0.17 (MingW32)
                    Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

                    iQEcBAEBAgAGBQJRCtPbAAoJEJGRUHb5Oh6guFYH/RPohx0DYo72o3LuucngVSiD
                    ijTtlz73t6nKF9J8AF/r8Ck3bMzcRJgTtAuAbCbTTuDUb9K7oTpztlUs1qfhZ8iB
                    JD2ucZZmRXHOGsKbTXO8qyXOqfHQJQOKpn56WJ0DpFb8QfbztOfPXJyOeGrVC4/g
                    KfBKK6szz0RiKJ2oK1rzKbFvruywOYiw2bRzECaIoGrzj0Fu3w/zZ0WrRPMMFh/X
                    yp2bclAUU9IqslZPJ1WxbkPWbQWhbcXdoP34Zb5ZA2m+jX+pZ9JpdxoFhAQIv2Du
                    jsghgUSgqr+1GV/WnQAzIr9LDp4Uw0KkTdWS/ItrRnNk0MjKUAmvrJUoaHSjMkU=
                    =eBXU
                    -----END PGP SIGNATURE-----
                  • John Allen
                    ... Why not use Amavis-new as the mail scanner. It will handle the hand off to spamassassin and clamav and the return of scanned mail to postfix and there are
                    Message 9 of 11 , Jan 31, 2013
                    • 0 Attachment

                      On 31/01/2013 6:59 AM, Muhammad Yousuf Khan wrote:
                      i wanted to have an experienced suggestion from Pros. i have been
                      going through from different steps deploying clamav and spamassassin,
                      one is "mailscanner" and seccond one is "clamd with clamsmtp"
                      in your expert opinion which one is the right track to choose. like
                      which one is efficient in perspective of hardware utilization /
                      resources utilization , complexity and more appropriate approach
                      towards stable deployment.
                      
                      Thanks
                      
                      Why not use Amavis-new as the mail scanner. It will handle the hand off to spamassassin and clamav and the return of scanned mail to postfix and there are several very good "How to"s on setting it up.

                      Today's mighty Oak is yesterday's nut that held it's ground. - Margaret Bailey

                      Sent using Mozilla Thunderbird



                    • Muhammad Yousuf Khan
                      Thanks all for all your support :) its been very helpful
                      Message 10 of 11 , Jan 31, 2013
                      • 0 Attachment
                        Thanks all for all your support :) its been very helpful

                        On Fri, Feb 1, 2013 at 1:29 AM, John Allen <john@...> wrote:
                        >
                        > On 31/01/2013 6:59 AM, Muhammad Yousuf Khan wrote:
                        >
                        > i wanted to have an experienced suggestion from Pros. i have been
                        > going through from different steps deploying clamav and spamassassin,
                        > one is "mailscanner" and seccond one is "clamd with clamsmtp"
                        > in your expert opinion which one is the right track to choose. like
                        > which one is efficient in perspective of hardware utilization /
                        > resources utilization , complexity and more appropriate approach
                        > towards stable deployment.
                        >
                        > Thanks
                        >
                        > Why not use Amavis-new as the mail scanner. It will handle the hand off to
                        > spamassassin and clamav and the return of scanned mail to postfix and there
                        > are several very good "How to"s on setting it up.
                        >
                        > Today's mighty Oak is yesterday's nut that held it's ground. - Margaret
                        > Bailey
                        >
                        > Sent using Mozilla Thunderbird
                        >
                        >
                        >
                      • Scott Kitterman
                        ... Personally, I use clamsmtp for virus scanning only and amavisd-new if the requirement is for both virus and spam scanning. They all have their advantages.
                        Message 11 of 11 , Jan 31, 2013
                        • 0 Attachment
                          On Thursday, January 31, 2013 03:29:31 PM John Allen wrote:
                          > On 31/01/2013 6:59 AM, Muhammad Yousuf Khan wrote:
                          > > i wanted to have an experienced suggestion from Pros. i have been
                          > > going through from different steps deploying clamav and spamassassin,
                          > > one is "mailscanner" and seccond one is "clamd with clamsmtp"
                          > > in your expert opinion which one is the right track to choose. like
                          > > which one is efficient in perspective of hardware utilization /
                          > > resources utilization , complexity and more appropriate approach
                          > > towards stable deployment.
                          > >
                          > > Thanks
                          >
                          > Why not use Amavis-new as the mail scanner. It will handle the hand off
                          > to spamassassin and clamav and the return of scanned mail to postfix and
                          > there are several very good "How to"s on setting it up.

                          Personally, I use clamsmtp for virus scanning only and amavisd-new if the
                          requirement is for both virus and spam scanning. They all have their
                          advantages.

                          It also depends a bit on what O/S distribution you're using. In
                          Debian/Ubuntu, none of the people who maintain clamav use the milter so it
                          gets very light testing at the distribution level.

                          Scott K
                        Your message has been successfully submitted and would be delivered to recipients shortly.