Reducing Load on Amavisd-new/Spamassassin/Antivir
Alexander Dalloz
ad+lists at uni-x.org
Wed Mar 2 17:16:45 UTC 2005
Am Mi, den 02.03.2005 schrieb Dale Sykora um 18:00:
> Alexander,
> This thread caused an idea to pop into my head. What if virus scanners
> would digitally sign outgoing messages as virus free such that incoming
> mail handlers could verify the message+signatures and not have to scan
> for virii? Then active lists like fedora-list could scan once at the
> server and all the recipients would only have to check the signature.
> Dale
The idea is not that bad, to rely on a trusted central virus scanning
service. On the other hand, while speaking about mailing list, I would
really wish all would catch out virus / worm mails and not let them go
through to the subscribers, rather than to just tag them as clean or
infected. Red Hat handles this pretty well I feel while for instance
through the Cyrus lists spam and I think even worms are getting through.
The problem with your idea about tagging mail as clean is that "the bad
side" will fake such signatures. So in general it is no good idea to
trust mail header tags in general like mail body signature strings.
While saying that, I believe to remember that DSPAM is using signatures.
But as I never used that tool I can't say how they operate with them and
how reliable such a sig is.
Alexander
--
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.10-1.14_FC2smp
Serendipity 18:06:03 up 9 days, 5:14, load average: 0.08, 0.22, 0.29
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20050302/5fc62218/attachment-0001.sig>
More information about the fedora-list
mailing list