Author Topic: Avast and amavisd on OS X?  (Read 6604 times)

0 Members and 1 Guest are viewing this topic.

Geekmansworld

  • Guest
Avast and amavisd on OS X?
« on: April 16, 2010, 11:00:07 PM »
Greetings all,

After the painful fiasco I experienced late last night when ClamAV shut down my work's mailserver, I'm looking for alternatives. Since avast! has never steered me wrong on the desktop, this is the first place I'm starting.

I know that amavisd has provisions for using avast! in its conf file, but I'm not sure if this is doable on OSX Server. The questions would be:

1. Does the BSD version run on OS X Intel platforms?
2. Is the "Mac" version accessible through the command line, and can it be used to scan mail through amavisd?

I suspect the answer to both questions is no, but I figured I'd ask since avast! is my AV BFF.

Offline zilog

  • Avast team
  • Advanced Poster
  • *
  • Posts: 957
  • or #f0; daa; add a,#a0; adc a,#40
Re: Avast and amavisd on OS X?
« Reply #1 on: April 18, 2010, 07:54:04 PM »
Greetings all,

After the painful fiasco I experienced late last night when ClamAV shut down my work's mailserver, I'm looking for alternatives. Since avast! has never steered me wrong on the desktop, this is the first place I'm starting.

I know that amavisd has provisions for using avast! in its conf file, but I'm not sure if this is doable on OSX Server. The questions would be:

1. Does the BSD version run on OS X Intel platforms?
2. Is the "Mac" version accessible through the command line, and can it be used to scan mail through amavisd?

I suspect the answer to both questions is no, but I figured I'd ask since avast! is my AV BFF.

Heh,
small secret - install stock avast4mac (the latest version in the sticky post in this forum, for example) - and there's a command-line driven daemon, suitable for amavis integration. works exactly in the same manner, but supports extended communication protocol/command set (but also can emulate the old one). the binary is that com.avast.MacAvast.MAD. It's capable of multiple sessions, each with its own particular settings, etc. Run avast gui and have a look (ps -laxwww | grep MAD) what params were used to run it, as a quick startup. It also spawn one daughter-binary, setup, to get latest vps in an incremental manner.

Textual protocol was described here earlier, or mail to me and i'll send you the file.

regards,
pc
May's Law: Software efficiency halves every 18 months, compensating Moore's Law. (David May, INMOS)

Offline zilog

  • Avast team
  • Advanced Poster
  • *
  • Posts: 957
  • or #f0; daa; add a,#a0; adc a,#40
Re: Avast and amavisd on OS X?
« Reply #2 on: April 20, 2010, 10:05:50 AM »
here's the protocol: http://public.avast.com/~cimbal/protocol.en.txt.new
all version can be controlled using this protocol, even remotely (up to 8 listening ports could be open per the daemon, each of them serving one or more sessions).

regards,
pc
May's Law: Software efficiency halves every 18 months, compensating Moore's Law. (David May, INMOS)

Geekmansworld

  • Guest
Re: Avast and amavisd on OS X?
« Reply #3 on: April 21, 2010, 01:12:55 AM »
Uh wow. That's way better than I expected. I almost feel guilty.

Plus I'm getting the GUI, so I assume that I can Remote Desktop into my server and do updates through that (the GUI)?

Thank you very much zilog. I'll have to set up a test server and try that out.

Bye-bye ClamAV...
« Last Edit: April 21, 2010, 01:14:55 AM by Geekmansworld »

Offline zilog

  • Avast team
  • Advanced Poster
  • *
  • Posts: 957
  • or #f0; daa; add a,#a0; adc a,#40
Re: Avast and amavisd on OS X?
« Reply #4 on: April 21, 2010, 02:09:14 PM »
Uh wow. That's way better than I expected. I almost feel guilty.

Plus I'm getting the GUI, so I assume that I can Remote Desktop into my server and do updates through that (the GUI)?

Thank you very much zilog. I'll have to set up a test server and try that out.

Bye-bye ClamAV...

GUI is just another client, which also uses this textual socket-protocol, talking with the command-line core daemon. But, by default, it uses unix local socket for communication instead of TCP one (we expect that the GUI runs on the same machine as the scan is performed - there are some eye-candies (icons etc.), that depend on it).

So, for remore scanning, pure textual access is more suitable, IMHO. GUI, connected remotely to a scanner on different machine, will show no icons, and will be somehow limited anyway.

regards,
pc
May's Law: Software efficiency halves every 18 months, compensating Moore's Law. (David May, INMOS)