[PLUG] A dilema
Paul Johnson
baloo at ursine.ca
Tue Dec 9 18:59:02 UTC 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, Dec 09, 2003 at 01:46:29PM -0800, AthlonRob wrote:
> Is this server running an email server, as well? While not quite on the
> business/ethical side of things... but rather on the technical end - you
> could quite effectively use this to filter incoming content or viruses.
I've documented how to do this with only free (IIRC) tools.
http://ursine.ca/~baloo/clamd-exiscan.txt
> Even if you aren't running the SMTP stuff yourself, you can capture POP3
> and scan it.
Fetchmail is your friend. It makes it so you can work with mail like
it's being received via SMTP.
> If you're running the SMTP stuff yourself, go get AMaViSd-New and
> ClamAV. As we discussed in the "Damned ISPs" thread, it's pretty easy
> to silently force all outbound SMTP connections through the scanning
> SMTP server.
iptables is your friend. Also good in combination with adzapper and
squid to set up a transparent, caching and adzapping proxy.
> If you aren't running a transparent Squid proxy on their gateway, you
> may look in to that. It will speed up web browsing for them and offer
> an easy alternative to local ad-zapping software. They could also
> filter out sites they don't want their customers connecting to.
Until a couple years ago, adzapper's license absolutely prohibited
using the software for censorship purposes. It's now under the BSD
license, but the developer still tells you not to use it for
censorship.
http://adzapper.sourceforge.net/
> There's also an OAV software program called 'Squid-vscan' which will
> allow you to scan all HTTP traffic for viruses.
Ooh, that sounds like a good idea. Debian package?
- --
.''`. Paul Johnson <baloo at ursine.ca>
: :' :
`. `'` proud Debian admin and user
`- Debian - when you have better things to do than fix a system
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/1ovCUzgNqloQMwcRAkD8AKDck6nSrFBXHpmnE5E6e49KEmb/4ACeMHrj
CQanLdlRUjOS9ry34BfY/Fo=
=bbPV
-----END PGP SIGNATURE-----
More information about the PLUG
mailing list