MailScanner is a complete e-mail security system designed for use on
e-mail gateways. It protects against viruses, and detects attacks against
e-mail client packages (such as Outlook, Outlook Express, Eudora). It can
also detect almost all unsolicited commercial e-mail (spam) passing through
it and respond to all incidents in a wide variety of ways.
Not only can it scan for known viruses, but it can also protect against unknown
viruses hidden inside e-mail attachments by refusing entry to attachments whose
filenames match any given pattern. This can include generic patterns that trap
filenames attempting to hide the true filename extension (e.g. ".txt.vbs").
It is superior to many commercial packages in its ability to handle attacks
against itself, such as Denial Of Service attacks caused by messages containing
the "Zip of Death". It is easy to install into an existing e-mail gateway,
requiring very little knowledge of sendmail and no change to an existing
sendmail configuration.
MailScanner itself is entirely open source, but it uses widely known commercial
virus scanning packages at its core. The other software it uses is all high
quality open source software, leading to a system that can be trusted for
performance and reliability.
This is the last version that handles both the 8.x and 9.x install
media formats.
Qjail [ q = quick ] is a 4th generation wrapper for the basic chroot jail
system that includes security and performance enhancements. Plus a new level
of "user friendliness" enhancements dealing with deploying just a few jails or
large jail environments consisting of 100's of jails.
Qjail requires no knowledge of the jail command usage. It uses "nullfs" for
read-only system binaries, sharing one copy of them with all the jails.
Uses "mdconfig" to create sparse image jails. Sparse image jails provide a
method to limit the total disk space a jail can consume, while only occupying
the physical disk space of the sum size of the files in the image jail.
Ability to assign ip address with their network device name,
so aliases are auto created on jail start and auto removed on jail stop.
Ability to create "ZONE"s of identical qjail systems, each with their own
group of jails.
Ability to designate a portion of the jail name as a group prefix so the
command being executed will apply to only those jail names matching that prefix.
From the SquidClamav homepage:
SquidClamav is an antivirus for Squid proxy based on the Awards winnings
ClamAv anti-virus toolkit. Using it will help you securing your home or
enterprise network web traffic. SquidClamav is the most efficient Squid
Redirector and ICAP service antivirus tool for HTTP traffic available for
free, it is written in C and can handle thousand of connections. The way
to add more securing on your network for free is here.
SquidClamav is build for speed and security in mind, it is first used
and tested to secure a network with 2,500 and more users. It is also known
to working fast with 15000+ users.
With SquidClamav You have full control of what kind of HTTP stream must be
scanned by Clamav antivirus, this control operate at 3 different levels:
- At URL level, you can disable virus scanning for a set of web site,
filename extension or anything that can be matched in an URL.
- At client side by disabling virus scan and other redirector call
to a set of username, source Ip addresses or computer DNS name.
- At HTTP header level, where you can disable virus scanning following
the content type or file size.
This qjail version only supports the RELEASE-10.x series of releases.
Qjail [ q = quick ] is a 4th generation wrapper for the basic chroot jail
system that includes security and performance enhancements. Plus a new level
of "user friendliness" enhancements dealing with deploying just a few jails or
large scale jail environments consisting of 100's of jails.
Qjail uses the jail(8) jail.conf method. This provides the ability to enable
the following options on a per-jail basis. exec.fib, securelevel, allow.sysvipc,
devfs_rulesets, allow.raw_sockets, allow.quotas, allow.mount.nullfs,
allow.mount.tmpfs, allow.mount.zfs, vnet.interface, and vnet. The vnet option
gives a jail its own network stack using the experimental vimage kernel module.
The vnet option has only been tested on i386 and amd64 equipment.
Qjail requires no knowledge of the jail command usage. It uses "nullfs" for
read-only system executables, sharing one copy of them with all the jails.
Uses "mdconfig" to create sparse image jails. Sparse image jails provide a
method to limit the total disk space a jail can consume, while only occupying
the physical disk space of the sum size of the files in the image jail.
Ability to assign ip address with their network device name,
so aliases are auto created on jail start and auto removed on jail stop.
Ability to create "ZONE"s of identical qjail systems, each with their own
group of jails.
Ability to designate a portion of the jail name as a group prefix so the
command being executed will apply to only those jail names matching that prefix.
Qjail has been incorporated into the Finch open source project,
see http://dreamcat4.github.io/finch/ for details.
This qjail version only supports RELEASE-11.0 and newer.
Qjail [ q = quick ] is a 4th generation wrapper for the basic chroot jail
system that includes security and performance enhancements. Plus a new level
of "user friendliness" enhancements dealing with deploying just a few jails or
large scale jail environments consisting of 100's of jails.
Qjail uses the jail(8) jail.conf method. This provides the ability to enable
the following options on a per-jail basis. exec.fib, securelevel, allow.sysvipc,
devfs_rulesets, allow.raw_sockets, allow.quotas, allow.mount.nullfs,
allow.mount.tmpfs, allow.mount.zfs, vnet.interface, and vnet. The vnet option
gives a jail its own network stack using the experimental vimage kernel module.
The vnet option has only been tested on i386 and amd64 equipment.
Qjail requires no knowledge of the jail command usage. It uses "nullfs" for
read-only system executables, sharing one copy of them with all the jails.
Uses "mdconfig" to create sparse image jails. Sparse image jails provide a
method to limit the total disk space a jail can consume, while only occupying
the physical disk space of the sum size of the files in the image jail.
Ability to assign ip address with their network device name,
so aliases are auto created on jail start and auto removed on jail stop.
Ability to create "ZONE"s of identical qjail systems, each with their own
group of jails.
Ability to designate a portion of the jail name as a group prefix so the
command being executed will apply to only those jail names matching that prefix.
Qjail has been incorporated into the Finch open source project,
see http://dreamcat4.github.io/finch/ for details.