[15441] in bugtraq
Free mail scanning tool (was Re: NAI WebShield SMTP does not scan
daemon@ATHENA.MIT.EDU (David F. Skoll)
Fri Jun 23 16:10:21 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <3952B12A.D5C452EE@roaringpenguin.com>
Date: Thu, 22 Jun 2000 20:36:58 -0400
Reply-To: dfs@ROARINGPENGUIN.COM
From: "David F. Skoll" <dfs@ROARINGPENGUIN.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
chris.paget@ANALYSYS.COM wrote:
> The actual viruses are being picked up. The problem is that I wish to
> block ALL scriptable files, so that in the time between a virus
> outbreak and an updated DAT being released, my network is not at risk.
I have just released a free tool to do this, at
http://www.roaringpenguin.com/mimedefang/
It runs on UNIX/Linux and requires Sendmail. However, if you are using
Exchange, you can put a Linux box as a "sentinel" in front of the
Exchange server to do the scanning, and then relay the mail to
Exchange. If you run DNS on the sentinel box and are creative with DNS
MX records, you can even do this with no changes to your Exchange box,
and no apparent external changes.
MIME Defang is not exactly efficient -- a new Perl process for each
incoming message -- but for low-volume sites (< 8000 messages a day),
it's not too bad.
(I *think* my tool is fairly bullet-proof, but I'm sure BUGTRAQ readers
will point out any problems. :-))
--
David.
