Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Free mail scanning tool (was Re: NAI WebShield SMTP does not scan base64 encoding)

From: dfs () ROARINGPENGUIN COM (David F. Skoll)
Date: Thu, 22 Jun 2000 20:36:58 -0400

chris.paget () ANALYSYS COM wrote:


The actual viruses are being picked up.  The problem is that I wish to
block ALL scriptable files, so that in the time between a virus
outbreak and an updated DAT being released, my network is not at risk.


I have just released a free tool to do this, at
http://www.roaringpenguin.com/mimedefang/

It runs on UNIX/Linux and requires Sendmail.  However, if you are using
Exchange, you can put a Linux box as a "sentinel" in front of the
Exchange server to do the scanning, and then relay the mail to
Exchange.  If you run DNS on the sentinel box and are creative with DNS
MX records, you can even do this with no changes to your Exchange box,
and no apparent external changes.

MIME Defang is not exactly efficient -- a new Perl process for each
incoming message -- but for low-volume sites (< 8000 messages a day),
it's not too bad.

(I *think* my tool is fairly bullet-proof, but I'm sure BUGTRAQ readers
will point out any problems. :-))

--
David.
Previous By Date Next
Previous By Thread Next

Current thread: