[nSLUG] Mail Server Anti-Virus (Exim)

George White aa056 at chebucto.ns.ca
Mon Jun 9 13:52:10 ADT 2003

On Sun, 8 Jun 2003 bdavidso at supercity.ns.ca wrote:

> [...] 
> The nice part is that I get notified when a virus is found, so I know if
> one of my users is "infected" and can contact them and help them deal
> with it.  I think I had two or three out of about one thousand users who
> got infected with Sobig.C before our scanner was updated and started
> catching it.
> And, of course, both of these programs are free.
> <Pet peeve>
> Why on earth don't the big ISP's (Eastlink, Aliant, etc) do this
> automatically and for free?  It's not just good customer service, it
> actually reduces the traffic and load on the mail server.  When it is so
> easy and free to block all this crap, I think it is almost criminally
> negligent for ISP's to help spread it.  If I had a buck for every virus
> that our system blocks that passed through Eastlink's mail servers, well,
> I wouldn't be rich but I could afford a much nicer computer!
> </peeve>

Talk to the politicians, CRTC, and anyone else who will listen.  This
is only one example of the failure by big commercial IS[not]P's to
implement sound security practices.

> Now the bad news:  The main server for clamav updates has been unreachable
> for the past three days!  There are a couple of mirrors, but the standard
> freshclam tool has just the one path hard-coded in it.  There is a newer
> version in the clamav "snapshot" which automatically tries the mirrors,
> too, so it is probably useful to install that.  It can be found in:
> http://clamav.essentkabel.com/snapshot/

I've noticed that McAfee and Microsoft become unreachable when everyone on
the net is trying to get the same update/patch.  Just another example of
why the current Win32 practiced (e.g., write shoddy code and then patch
whenever someone finds a way to break it) are so bad. 

George White <aa056 at chebucto.ns.ca> 
Head of St. Margarets Bay, Nova Scotia

More information about the nSLUG mailing list