[Mimedefang] Mimedefang and clamd configuration problems

David F. Skoll dfs at roaringpenguin.com
Wed Dec 21 15:41:41 EST 2005

Matthew.van.Eerde at hbinc.com wrote:


> But ClamAV is not likely to be exploited... AV software tends to be
> more secure than software in-the-main.

*cough* I don't think so.

Clam 0.87.1 fixed a security bug.
Clam 0.87 fixed a security bug.
Clam 0.86.2 fixed a security bug.
Clam 0.86.1 fixed a DoS bug.
Clam 0.86 fixed a DoS bug.

I think you get the picture...

(Btw, if I seem to be picking on Clam, I'm not.  Most AV software is
horribly hairy, because it tries to deal with
zip/tar/gzip/bzip2/lha/zoo/arc/your_weird_format_here files.  With all those
wacky uncompressors and file formats, bugs will inevitably creep in.)



More information about the MIMEDefang mailing list