RE: [fw-wiz] Antivirus on a free UN*X (Linux/*BSD) platform

From: David Lang (david.lang@digitalinsight.com)
Date: 01/07/03


From: David Lang <david.lang@digitalinsight.com>
To: Bojan Zdrnja <Bojan.Zdrnja@FER.hr>
Date: Tue Jan  7 19:35:17 2003

slightly off topic, is there any firewall besides checkpoint that uses
this 'industry standard' CVP? (last time I looked a couple years ago there
was not)

there are several ways to have a firewal configured to route all e-mail
through an external filter, either on the same box or on a different box.
going all the way back to the FWTK smap that puts the incoming main as a
file in a directory that then gets scooped up to be sent, in between you
can apply any other filter programs that you want. you can also configure
sendmail/postfix/whatever to take all mail it receives on port 25 and send
it to an external box and only deliver mail from that box to the
recipiant.

David Lang

 On Tue, 7 Jan 2003, Bojan Zdrnja wrote:

> Date: Tue, 7 Jan 2003 10:49:38 +0100
> From: Bojan Zdrnja <Bojan.Zdrnja@FER.hr>
> To: 'Meco' <meco1974@libero.it>, 'Josh Welch' <jwelch@buffalowildwings.com>
> Cc: firewall-wizards@honor.icsalabs.com
> Subject: RE: [fw-wiz] Antivirus on a free UN*X (Linux/*BSD) platform
>
>
>
> > -----Original Message-----
> > From: firewall-wizards-admin@honor.icsalabs.com
> > [mailto:firewall-wizards-admin@honor.icsalabs.com]On Behalf Of Meco
> > Sent: 6. siječanj 2003 23:36
> > To: Josh Welch
> > Cc: firewall-wizards@honor.icsalabs.com
> > Subject: Re: [fw-wiz] Antivirus on a free UN*X (Linux/*BSD) platform
> >
> >
> > But I would like to do it in a _transparent_ way, because:
> > 1) The mail system in not in house (it is outsourced). I
> > don't want
> > to change this, because we don't have a big IT staff, and don't have
> > time to do system administration a mail system.
> > 2) People in my company are permitted to use their
> > home/email (and I
> > don't want to change this policy), with their po3/imap/smtp services,
> > where they receive personal email & virus. :(
> >
> > I want a TRANSPARENT antivirus check.
>
> The best solution for you in this case is to use a firewall which supports
> CVP (Content Vectoring Protocol).
> In this case it'll probably be Checkpoint FW-1, which has CVP configured to
> send SMTP traffic to some anti-virus server which supports CVP (ie. Trend
> Micro or Kaspersky). This works completely transparent to end user, however
> I think that this combination will check only SMTP, HTTP and FTP - leaving
> POP3 or IMAP not checked!
>
> Best regards,
>
> Bojan Zdrnja
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
>



Relevant Pages