Prevent mail server poisoning firewall debut

  

Mail virus flooding is also annoying. Although mail is rarely used as a normal communication device today, mail is still dominant at work, especially important. The file transfer, so the security of the mail is very important, but how can we prevent it?

First of all, please allow me to post the links of several anti-drug articles that I can see online:

1.Linuxforum article in the meta

linux (redhat7.1) + MTA (qmail) scan mail virus and reject the virus mail software installation configuration article!

2.Linuxforum mail The first article in the server version of the first article:

**AMaViS** a UNIX mail gateway to check the virus.

3. Shuimu Tsinghua FreeBSD version of an article

Freebsd install Drwebforqmail

4.Linuxforum mail server version refined article second

Procmail filter mail virus

In foreign countries, the article on mail server anti-virus is down, I will not quote it, only link these articles is to let the technology like (not just to achieve the purpose) Netizens are easy to learn and research!

Let me first introduce the techniques used in the above articles:

First:

Before saying it Lead a link:

This is also a thread on Linuxforum. I hope you can take a closer look. After reading it, you should be able to understand how TREND's ANTI-VIRUS works! I introduced the first article. The method works the same way as TREND's ANTI-VIRUS, which uses an anti-virus SMTP gateway instead of the original SMTP service, and then forwards the normal mail to the original SMTP. This will inevitably lead to a problem that the original ESMTP function is gone: such as SMTP_AUTH. The solution can be used in the above discussion, that is: add a level before the anti-virus gateway, of course, this level supports SMTP_AUTH, forwarded to the anti-virus gateway, and then kill the poison and then go to the final SMTP on. :) Too much trouble, but there is no way, of course, if you do not have SMTP AUTH at all, it will not be so troublesome, as long as the virus gateway is transferred to the real SMTP.

This article uses H+BEDV's MailGate, which is the same commercial software as Trend's ANTI-VIRUS.

This article provides a hbedv.key file. After testing, any product of the company can be registered as an official version. The expiration date is May 31, 2003, and there is nearly one year, good, huh, huh. .

Second:

The software used in this article is: AMaViS+McAfee, AMaVis is an opensource software, McAfee is a commercial anti-virus software, although it is a trial version, but the article The author said that this McAfee anti-virus software has been used for a long time without any problems, and can always update the virus database.

AMaVis is a virus gateway that can be applied to all kinds of mainstream MTAs (so it may not be suitable, so call it), can be used for sendmail, qmail, postfix, exim, etc., you can view it in detail. Documentation. For qmail, AmaVis is a direct replacement for qmail-queue. After my tests, I feel that AmaVis is somewhat inefficient.

Need to introduce another opensource software: qmail-scanner. Qmail-scanner is written specifically for qmail, AmaVis can be used for various MTAs, for qmail, both are doing actions on qmail-queue. The difference is that qmail-scanner does not replace qmail-queue, but uses a QMAILQUEUE quilt to selectively replace qmail-queue. I think qmail-queue is better than AmaVis.

Part 3:

drweb is not a common thing, it is a product of a Russian company. It is arrogant that it does not have an English version of the website. It takes me to find a product list on the website. Great strength. Its software runs in a server-client mode. The server is a virus scanner running in the background. It should be more efficient than the command-line virus scanning tool. The client is another software for one server. When a packet passes, it directly submits a scan to its server. It supports Sendmail, Exim, QMail, Postfix, CommunigatePro, Samba, and ZMailer. There are FreeBSD, Linux, and Solaris versions, respectively. Replace qmail-queue.

Later, I looked at the qmail-scanner documentation and said that it supports several third-party software such as Sophie and Trophie to implement the DAEMON virus scanning tool. Maybe it can be a fight with drweb. .

Copyright © Windows knowledge All Rights Reserved