antispamsniper.com Forum Index antispamsniper.com
The reliable anti-spam protection
 
 FAQFAQ   SearchSearch     ProfileProfile   Log inLog in   RegisterRegister 

Antivirus capabilities in AntispamSniper?

 
Post new topic   Reply to topic    antispamsniper.com Forum Index -> General questions
View previous topic :: View next topic  

Are you interested in ClamAV integration for AntispamSniper?
Yes. Definitivelly.
25%
 25%  [ 1 ]
Yes, but I prefer another antivirus than ClamAV.
0%
 0%  [ 0 ]
Maybe. I do not now.
25%
 25%  [ 1 ]
No. Never.
50%
 50%  [ 2 ]
Total Votes : 4

Author Message
nikkho



Joined: 06 Sep 2011
Posts: 8

PostPosted: Tue Sep 06, 2011 12:03 pm    Post subject: Antivirus capabilities in AntispamSniper? Reply with quote

Currently AntispamSniper does a good job while protecting us from spam, and physhing in the Pro version.

Unfortunatelly there is some malware coming in emails, that would be nice for AntispamSniper to fight against.

You can refer for instance to the open source ClamAV, that provides a DLL (libclamav.dll) for easily integrating it in AntispamSniper, and so protecting users not only against spam, but also against malware, trojans, and virus.

It can be compilable in 32 and 64 bit flavours, so seems a good choice.

You think it would be worth having it implemented?
Back to top
View user's profile Send private message
Sacles



Joined: 09 Nov 2007
Posts: 51
Location: Belgium (near Li?ge)

PostPosted: Wed Sep 07, 2011 6:07 am    Post subject: Reply with quote

Hello,

AntisapmSniper is an antispam, it is not un antivirus.

There are many anti-virus that control messages.
Back to top
View user's profile Send private message
nikkho



Joined: 06 Sep 2011
Posts: 8

PostPosted: Wed Sep 07, 2011 10:54 am    Post subject: Reply with quote

The problem, as I see it, is that spam and malware are quite related.
Supose a contact of yours, having compromised its security, and sending malware to its contacts (where you are). It will not be spam, since is a contact from you, but indeed it is.

So having a malware detection feature in Antispamsniper, even if simple, will reduce those apams/malware sent by known contacts.
Back to top
View user's profile Send private message
Sacles



Joined: 09 Nov 2007
Posts: 51
Location: Belgium (near Li?ge)

PostPosted: Wed Sep 07, 2011 11:51 am    Post subject: Reply with quote

For testing, I have an account that gets a lot of spam.

After several years I have never seen a malware in an email.

Malware often hide in attachments (although I never met either).

The job of an anti-virus is blocking malware, including in the mail.

Personally, I use ESET NOD32. Needless to add yet another control
Back to top
View user's profile Send private message
vetaltm
Author


Joined: 05 Feb 2006
Posts: 739

PostPosted: Wed Sep 07, 2011 1:37 pm    Post subject: Re: Antivirus capabilities in AntispamSniper? Reply with quote

Take a look at the antivirus plug-in for TheBat that uses ClamAV:
http://guti.isgreat.org/static.php?page=TBClamAV
Back to top
View user's profile Send private message Send e-mail
nikkho



Joined: 06 Sep 2011
Posts: 8

PostPosted: Wed Sep 07, 2011 6:04 pm    Post subject: Reply with quote

Getting malware in email, is not so common, but in my case, I would say I am getting about 1 a week. That is where an integrated solucion makes sense.

I am aware of TBClamAV plugin... In fact I am the author! Thank you for suggesting anyway.
Back to top
View user's profile Send private message
vetaltm
Author


Joined: 05 Feb 2006
Posts: 739

PostPosted: Wed Sep 07, 2011 8:02 pm    Post subject: Reply with quote

Thanks for the suggestion, Javier. I have some thoughts about the integrated solution:

- An antivirus engine needs regular updates of virus definitions. It can be an issue if a user runs TheBat rarely, and has no time to wait until the updates are downloaded. To resolve this it is necessary to install an antivirus checker as a dedicated service + antivirus plug-in in TheBat, i.e. just like with any other antivirus.

- The full featured antivirus with enabled real-time protection doesn't allow users to run the malicious executables attached to messages, and also protects the email client against any other kinds of infections. This is the most important advantage of a full antivirus versus a simple email scanner.

- TheBat implements a dedicated API for antivirus plug-ins, with additional features like curing or deleting the attached objects. So in any case it is necessary to implement the integration in a separate module, having different functionality and settings.

I think that the fully integrated solution has no value for the users, which already have some antivirus. A scanner like yours is useful for those who need only email scanner, i.e. advanced users. As your plug-in already covers their needs, I think that it is not necessary to implement the same for antispam module.
Back to top
View user's profile Send private message Send e-mail
nikkho



Joined: 06 Sep 2011
Posts: 8

PostPosted: Sun Sep 11, 2011 2:33 pm    Post subject: Reply with quote

Thank you very much for your detailed explanation and concerns vetaltm.

If keeping signatures updated is a concern, what about some kind of optional integration with online services such as VirusTotal (http://www.virustotal.com/advanced.html) just in the way other online services are used for spam checking?

It could be quite fast, considering that if the hash has already been analized and reported as malware, mark it as spam.
Back to top
View user's profile Send private message
vetaltm
Author


Joined: 05 Feb 2006
Posts: 739

PostPosted: Sun Sep 11, 2011 4:25 pm    Post subject: Reply with quote

VirusTotal API has restrictions:
- "it is limited to at most 20 requests of any nature in a given 5 minutes time frame."
- "The API must not be used in commercial products or services, it can not be used as a substitute for antivirus products and it can not be integrated in any project that may harm the antivirus industry directly or indirectly".

In fact the plug-in already checks the hashes of attached files and other content via online service - SpamNet. It includes the hashes of attachments and text of messages with spam, phishing or viruses.
Back to top
View user's profile Send private message Send e-mail
nikkho



Joined: 06 Sep 2011
Posts: 8

PostPosted: Sun Sep 11, 2011 5:39 pm    Post subject: Reply with quote

Good to know that SpamNet is able to deal with malware spam too.
I guess, that is what I was looking for initially!
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    antispamsniper.com Forum Index -> General questions All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group