|
|
Posted by C. on 05/15/07 21:34
On 8 May, 00:57, Joe <j_ev...@upfronttechnology.com> wrote:
> Hello,
>
> I currently use a simple php webmail form with php's mail() function
> doing the work to send messages to the site owner.
>
> However, viruses are being sent via the form.
>
> I tried adding a basic colaboration of amavis-new, ClamAV and
> spamassasin, but that filter does not seem to catch them. I assume they
> are injected into the Postfix process too late.
>
> Any idea how I can eliminate this?
>
Holy moley, you're letting users upload files into emails on your
website then sending them using mail() !!!!
....and you wonder why you've got problems?
Really, the question you're asking has nothing at all to do with PHP -
unless you want to use PHP to launch clamscan on uploaded files before
attaching them to emails (but bear in mind that anyone out to be
malicious could always incorporate uuencded data inline).
Clam + postfix worked a trick for me using clamsmtp. Its been a while
since I looked at amavis - but even then it wasn't as bad as a lot of
commercial AV tools.
I'd try asking on a more apposite (i.e. amavis or postfix) newsgroup.
C.
Navigation:
[Reply to this message]
|