it'll stay the same with any AV solution that is called on the mail server without any kind of jail/containerization to take away privileges.Unofficially: this is how I felt about ClamAV for a long time, if you want AV that catches new threats, the better way is end-point protection.At this point, clamav is becoming more of a problem than me actually getting virussus.
As long as there's no ressources put into hardening, this will not change. And the MTA should not (only) be treated as an endpoint. It's just how the filtering is called, which considerably 'bad', but common in the 2000s and is considerably 'worse' and 'common' but also 'solved' in this time and age.
Statistics: Posted by darkfader — Wed Jun 19, 2024 5:34 pm