From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1RX1Z8-0001sW-Nz for garchives@archives.gentoo.org; Sun, 04 Dec 2011 02:12:30 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id EFF8321C05F; Sun, 4 Dec 2011 02:12:16 +0000 (UTC) Received: from mail2.viabit.com (mail2.viabit.com [65.246.80.16]) by pigeon.gentoo.org (Postfix) with ESMTP id B68CA21C024 for ; Sun, 4 Dec 2011 02:10:49 +0000 (UTC) Received: from [172.17.29.6] (unknown [65.213.236.242]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail2.viabit.com (Postfix) with ESMTPSA id 2A15837ADA for ; Sat, 3 Dec 2011 21:10:49 -0500 (EST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=orlitzky.com; s=mail2; t=1322964649; bh=zuz0dylPOyNkXcAJKeAOyMxVDre84gcdRxUL0+ztFbo=; h=Message-ID:Date:From:MIME-Version:To:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; b=xb+aqtxR4nvWOJWxq2OKQQrtPlUl16gimR97lbeKv5yZZDuz13cWFyCiTd+CI1YDc 8WjVY43AVshFE6MMxdPr+p4FIy/snim5WFNkPCC4c2l7TIEI23cbb2Bk3Bobg5JxZo 2b25kJZYQwitfbo/D2Gy1nfXm9gXlxMP1OlW2jqQ= Message-ID: <4EDAD6A8.3040805@orlitzky.com> Date: Sat, 03 Dec 2011 21:10:48 -0500 From: Michael Orlitzky User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:8.0) Gecko/20111202 Thunderbird/8.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] clamav and spamassassin References: <4EDAA89F.3090308@orlitzky.com> <4EDACE76.9060400@orlitzky.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Archives-Salt: bb215ddd-f869-4c95-a332-f4dd60c76915 X-Archives-Hash: eef1bf54b0e24c6681037b4920945ac6 On 12/03/2011 08:57 PM, Grant wrote: >>> Very cool. I found out clamscan and avgfree scan the filesystem so I >>> thought I should set it up, but if it's not necessary I won't bother. >>> All of my mail users are on Gentoo so do I need to bother having >>> clamav scan my incoming mail? >> >> >> Well, they aren't going to get infected with anything, but ClamAV could >> still keep the virus message (which is obviously unwanted) out of their >> inbox. There are also some third-party signatures[1] for ClamAV that catch >> scam/phishing mail. > > There is info on Linux viruses here: > > http://en.wikipedia.org/wiki/Linux_malware > > I shouldn't be concerned about that? > The "big" risk (although still negligible) is that someone will mail your users an executable that does something bad. But, you would have to save it under /home, chmod +x it, and then run it manually for it to be dangerous. If you use portage to install packages, you should not ever need to chmod +x anything. It's a big red flag and normal users don't even need to know how to do it. Mount /home noexec for extra safety. Note that antivirus wouldn't help anyway if your users are going to do whatever the email says without question =)