Sunday, 24 August 2003

Open source FUD

Kevin Aylward at Wizbang! blames Sendmail, and by extension the Open Source movement, in part for the spread of viruses on the Internet. Specifically he claims:

Here’s the kicker – Sendmail had no capability to drop messages that contain viruses.

Sorry, Kevin, but I call bullshit.

  • Sendmail can scan for viruses using the “milter” (mail filter) facility, which has been present for several years. Get up to date on the technology before you start spreading crap.
  • There are numerous alternative mail transport agents (MTAs) to Sendmail that also have hooks for virus scanning, including Postfix, Exim, and (if you can stand DJB-ware) qmail.
  • Virus scanners can also be hooked into procmail, if you don’t actually want to futz with your MTA configuration.
  • Specifically, Debian and other Linux distributions include a complete, free anti-virus scanning suite that integrates with almost any mail server (specifically, clamav and amavisd); it also includes hooks for spam trapping. I had it set up and running within an hour on the box I administer at work. It’s catching all of our Sobig.F messages, and not even spamming unrelated parties with bogus “you sent me a virus” messages like certain commercial systems I could mention.

Yes, I freely admit that sendmail is a piece of bloated, outdated shit that I won’t run on any server I administer. But blaming sendmail, when you should blame lazy admins and ISPs who can’t be bothered to avail themselves of the available free virus scanners (not to mention the ample commercial offerings), is just silly, and exactly the sort of crap you’re complaining about in the behavior of some open source advocates.

Brock has more on this theme here.