Results 1 to 19 of 19
Thread: hosting with antivirus included?
-
03-03-2004, 12:48 AM #1Web Hosting Evangelist
- Join Date
- Feb 2004
- Posts
- 466
hosting with antivirus included?
i'be veen searching but i haven't really found one that offers that besides Interland (but they do NOT offer THAT in the VPS )
any suggestions?
-
03-03-2004, 01:04 AM #2Web Hosting Master
- Join Date
- Jan 2003
- Location
- Lake Arrowhead, CA
- Posts
- 789
Have you asked them? If you're talking about pop and/or smtp antivirus, almost all hosts use some kind of AV scanning.
http://www.srohosting.com
Stability, redundancy and peace of mind
-
03-03-2004, 03:08 AM #3Web Hosting God
- Join Date
- Dec 2001
- Location
- Above The Clouds
- Posts
- 7,223
Any host worth their salt will install anti-virus on their machines. We are in the middle of switching from f-prot to clamv and our clients are going nuts just from not having anti-virus for a few days, lol.
██ Laurence Flynn @ HostNEXUS.com
██ Managed WordPress Hosting Solutions
██ Focused on speed. Obsessed with security.
-
03-03-2004, 04:02 AM #4Web Hosting Master
- Join Date
- Nov 2002
- Location
- Hot, hot Michigan...
- Posts
- 3,506
Oh, clamav rocks - just make sure you configure it right so that you're not bouncing 'virus notification' emails all over.. Wanna thwack some postmasters with a clue-by-four for that...
mp3sattack: Lots of hosts started turning on virus scanners when the mydoom worm came around and slammed mail servers - so just ask any particular host that you're interested in if they did, even if it's not explicitly noted on their page(s).Ion Web Services/TronicTech
http://www.ion-web.com or Unsupported webhosting?!?
Shared hosting, Reseller accounts, Dedicated Servers, and More
Proudly hosting since 2002
-
03-03-2004, 04:28 AM #5Web Hosting Master
- Join Date
- Aug 2002
- Posts
- 2,631
Originally posted by NexDog
Any host worth their salt will install anti-virus on their machines.
Then we have those that get pissed when cPanel rejects certain filename extensions.
So any host worth their salt does NOT have to install AV software on their machines. There are always those that prefer not to have such software.YourCheapHost.com - Low cost multi domain hosting solutions. [Legal adult content friendly]
Reliable web site hosting is our motto. We have Alertra stats to back that up.
Proven provider of high quality shared and reseller accounts since 2002.
-
03-03-2004, 04:34 AM #6Web Hosting Master
- Join Date
- Nov 2002
- Location
- Hot, hot Michigan...
- Posts
- 3,506
Well, what we do is strip attachments that are viruses (or rather match the clamav virus database) and send the email with a modified subject line to the customer. Works well, if they want to get the attachment all they have to do is contact within X days and it can be given to them.
Course, if they want to move all the virus emails to the bitbucket by filtering based on the header, then they can do that too.
That kinda setup is pretty standard. So far nobody's requested their viruses either
But our servers were just getting hosed with mydoom. I mean completely hosed. It generated lots of helpdesk tickets about 'bouncing email that I never sent' and such. Had to be done Previously I was of the school that virus filtering should *not* be done on the host side, but the client side.Ion Web Services/TronicTech
http://www.ion-web.com or Unsupported webhosting?!?
Shared hosting, Reseller accounts, Dedicated Servers, and More
Proudly hosting since 2002
-
03-03-2004, 04:38 AM #7Web Hosting Master
- Join Date
- Aug 2002
- Posts
- 2,631
Originally posted by thedavid
But our servers were just getting hosed with mydoom. I mean completely hosed. It generated lots of helpdesk tickets about 'bouncing email that I never sent' and such.
Of course the main reason we are holding back is because of unhappy clients that wish to do their own filtering and such.YourCheapHost.com - Low cost multi domain hosting solutions. [Legal adult content friendly]
Reliable web site hosting is our motto. We have Alertra stats to back that up.
Proven provider of high quality shared and reseller accounts since 2002.
-
03-03-2004, 05:20 AM #8Retired Moderator
- Join Date
- Jan 2003
- Posts
- 9,049
We do scan all our emails with Clamav as well, and it works well (and virus definitions are updated very quickly just as with any commercial solution)
I guess whether it should be standard or not depends a lot on the hosts. But with the spill over effect from a single worm so devastating, it may just help to have those features on the server side to limit the damage (rather than to have it pass through and some uninformed user is bound to be infected leading to more being sent out etc. )
During Mydoom episode, we do see an increase in volume, but nothing that kills our server. We do have users asking us about the sudden increase in virus notification messages we send them when we find viruses destined for their accounts.••• Like us on Facebook to qualify for discounts! •••
••• http://www.sprintserve.net •••
••• Offering: | Internap FCP Bandwidth! | Rebootless Kernel Updates! | Magento Optimized Hosting | Wordpress Hosting | •••
••• Services: | Managed Multiple Cores 64bit Servers | Server Management | •••
-
03-03-2004, 07:02 AM #9Web Hosting God
- Join Date
- Dec 2001
- Location
- Above The Clouds
- Posts
- 7,223
Originally posted by net-trend
I strongly disagree with that statement. We have countless clients that email us saying "PLEASE DO NOT SCAN OUR EMAILS FOR US! WE CAN DO IT OURSELVES!".
Then we have those that get pissed when cPanel rejects certain filename extensions.
So any host worth their salt does NOT have to install AV software on their machines. There are always those that prefer not to have such software.
a) Are lazy
b) Lack the skills to do so
c) Exercising bad judgement
You can't rely on Cpanel to reject certain file extensions and think that's a virus filter, lol. Host are email providers and it's our duty to ensure that email arrives and on time and not carrying a time bomb. Call me pedantic, but I just don't want nasty binaries flying around our servers, do you?
Viruses come in attacks these days and you think I'm going to believe that a client would rather scan 1000 emails a day on their PC than not receive them at all? One client might have said, "Let me scan them" but they are your one insane client and you shouldn't listen to them. All your other clients will thank you if you install ant-virus, believe me as there was a time when we didn't inercept the damn things.
As I mentioned before, we are changing our AV system due to issues with the old one on the new Plesk 7 and our servers have been unprotected for 3 days (installing new system now). Our clients are certainly vocal about Of course you never hear the word "virus" normally because it's just something that no-one has to worry about - and yes, everyone does have anti-virus on their computers.
What about people who use webmail exclusively? We have hundreds of clients like that and norton isn't going to screen your email when you open your inbox. Why stop the burgalar at the door when you can install an alarm system to ensure he doesn't get to the door?
Another thing to think about is by not installing anti-virus, you are just adding to the problem because your server is most definitely relaying viruses to other servers via infected Outlook programs. Virus filters have to be 2-way - stopping viruses from reaching email boxes on both side of the fence.
So don't let some misinformed and slightly bizarre client misguide your responsibilities to your other clients and to the rest of the internet.██ Laurence Flynn @ HostNEXUS.com
██ Managed WordPress Hosting Solutions
██ Focused on speed. Obsessed with security.
-
03-03-2004, 07:16 AM #10Web Hosting Master
- Join Date
- Aug 2002
- Posts
- 2,631
Laurence,
You make several wonderful points. But stating that we "a) Are lazy
b) Lack the skills to do so
c) Exercising bad judgement" isn't fair or even remotely correct.
WIth regards to webmail attachments, each downloaded file get's scanned automatically just the same way if you use IMAP or POP3.
"So don't let some misinformed and slightly bizarre client misguide your responsibilities to your other clients and to the rest of the internet."
How I wished it was only a single bizzare client. If it was, it'd be much easier to deal with. Unfortunately, there are always those who oppose it.
As a host we provide a service, to some they prefer AV scanning and others prefer not to have it. That is why webmail providers like Yahoo always supplies 2 download links for attachments. One for it to be scanned another for it not to be scanned.
After reading your reply however, i'll put this back into consideration and maybe silently mask the point where we do scan mails for viruses.
Time will tell because mydoom didn't affect our services even with increased mail traffic.YourCheapHost.com - Low cost multi domain hosting solutions. [Legal adult content friendly]
Reliable web site hosting is our motto. We have Alertra stats to back that up.
Proven provider of high quality shared and reseller accounts since 2002.
-
03-03-2004, 07:59 AM #11Web Hosting God
- Join Date
- Dec 2001
- Location
- Above The Clouds
- Posts
- 7,223
Hey, I've always greatly respected your input here at WHT which is why I said I was suprised to hear you say that. The 3 points I listed can be the only 3 reasons for not installing AV and it sounds like you are resting at (c) due to being influenced by certain clients. But clients need to be schooled about many things. They need to be schooled about resource usage, email usage, security and many other things and the communication between host and client mist always be flowing and in both directions. There are always sticklers to change. Every time we implement something new, some people moan until they get used to it and after they never look back.
Deploying anti-virus should be a part of your overall security implementations. Okay, it can't infect you but you are letting your server be an accessory to many infections and that can't be good. You are lucky that you didn't get hit but during SoBigF, some of our servers were stopping 10,000 infected emails per hour. I remember an attack before we used anti-virus and the sheer number of email filled up the /tmp partition on a number of servers causing qmail and mysql to die - and that is yet another thing to consider.
You mention Yahoo, but at least they have the option to scan attachments. I'm sure if you mailed your clients and pointed out the benefits (so many) of anti-virus software, they'll understand. Plus you can market the fact that you have anti-virus which means more sales. I can't think of one sane reason why a client would want to intercept a virus intead of letting the server do it. I mean, it's not like that software make any mistakes. It checks emails for virus signatures - it doesn't work on a score system like SpamAssassin or something. It's either a virus or it isn't. I remember when we introduced it, a client who was happy that we were doing it asked on the forum if it would be configurable like SpamAssassin and another client responded, "What do you want to set it to, not to intercept viruses".
Because that is what it does, it doesn't make mistakes.██ Laurence Flynn @ HostNEXUS.com
██ Managed WordPress Hosting Solutions
██ Focused on speed. Obsessed with security.
-
03-03-2004, 08:08 AM #12Web Hosting Master
- Join Date
- Aug 2002
- Posts
- 2,631
Laurence,
I too greatly respect all your input here. This is also the reason now why I've put this plan back into consideration.
I'm going to think this through another couple of hours and may implement a trial on a single server.
Thanks for your thoughts as my clients may have blinded me severely.YourCheapHost.com - Low cost multi domain hosting solutions. [Legal adult content friendly]
Reliable web site hosting is our motto. We have Alertra stats to back that up.
Proven provider of high quality shared and reseller accounts since 2002.
-
03-03-2004, 08:16 AM #13Web Hosting Master
- Join Date
- Nov 2002
- Location
- Hot, hot Michigan...
- Posts
- 3,506
Coupla quick things so long as we're well off topic
1) I went to your site and it looks like you use cpanel (nice site BTW). Don't use cpanel.net's clamav - last I checked there was a hole in their version that can be exploited to freeze your mail scanner, and thus mail delivery. Use the updated project files
2) Make sure you configure it not to send infection reports to the sender. 99.9% of the time, the worm has already messed up the from: address and this'll just cause a buncha bounces (or angry people emailing postmaster@ your domain)
It's really, really slick though. 'freshclam' updates the signatures on a regular basis via cron, and that hasn't failed yet. Uses a lil more cpu than before, and doesn't handle large floods of mail (mail bombs, et al) as well due to this, but it's all worth it.Ion Web Services/TronicTech
http://www.ion-web.com or Unsupported webhosting?!?
Shared hosting, Reseller accounts, Dedicated Servers, and More
Proudly hosting since 2002
-
03-03-2004, 08:24 AM #14Web Hosting Master
- Join Date
- Aug 2002
- Posts
- 2,631
thedavid,
Thanks for the tips. Will keep them in mind.YourCheapHost.com - Low cost multi domain hosting solutions. [Legal adult content friendly]
Reliable web site hosting is our motto. We have Alertra stats to back that up.
Proven provider of high quality shared and reseller accounts since 2002.
-
03-03-2004, 08:26 AM #15Web Hosting God
- Join Date
- Dec 2001
- Location
- Above The Clouds
- Posts
- 7,223
On Plesk we have to integrate clamv's qmail-scanner with the one that Plesk runs which can be tricky to get right and the system is so different from f-prot which we used before. But it's done and tested now so we are building the RPMs which we can throw in the apt-get tree for easy install on about 30 servers.
██ Laurence Flynn @ HostNEXUS.com
██ Managed WordPress Hosting Solutions
██ Focused on speed. Obsessed with security.
-
03-03-2004, 08:33 AM #16Retired Moderator
- Join Date
- Jan 2003
- Posts
- 9,049
Originally posted by thedavid
Coupla quick things so long as we're well off topic
1) I went to your site and it looks like you use cpanel (nice site BTW). Don't use cpanel.net's clamav - last I checked there was a hole in their version that can be exploited to freeze your mail scanner, and thus mail delivery. Use the updated project files
2) Make sure you configure it not to send infection reports to the sender. 99.9% of the time, the worm has already messed up the from: address and this'll just cause a buncha bounces (or angry people emailing postmaster@ your domain)
2. I agree totally.••• Like us on Facebook to qualify for discounts! •••
••• http://www.sprintserve.net •••
••• Offering: | Internap FCP Bandwidth! | Rebootless Kernel Updates! | Magento Optimized Hosting | Wordpress Hosting | •••
••• Services: | Managed Multiple Cores 64bit Servers | Server Management | •••
-
03-03-2004, 08:56 AM #17Web Hosting Master
- Join Date
- Feb 2004
- Posts
- 1,827
And is there any way to scan not only emails but everything on our servers.. I mean if there are some files available to download on some client's website, shouldn't they be scanned?
Wholesale Domain Prices for Retail Customers - Rushtoweb.com
-
03-03-2004, 08:58 AM #18Web Hosting Master
- Join Date
- Nov 2002
- Location
- Hot, hot Michigan...
- Posts
- 3,506
Nah, I wouldn't scan those. You could, and just cron it I guess. Here's the clamscan manpage:
clamscan(1) Clam AntiVirus clamscan(1)
NAME
clamscan - scan files and directories against viruses
SYNOPSIS
clamscan [options] [file/directory/-]Ion Web Services/TronicTech
http://www.ion-web.com or Unsupported webhosting?!?
Shared hosting, Reseller accounts, Dedicated Servers, and More
Proudly hosting since 2002
-
03-03-2004, 08:59 AM #19Retired Moderator
- Join Date
- Jan 2003
- Posts
- 9,049
You can actually use clamav to scan all your files. If you want to do it on a regular basis, just add a cronjob to do it. If you want to add on-access scanner, there's an added tweak that you need to install to enable it.
••• Like us on Facebook to qualify for discounts! •••
••• http://www.sprintserve.net •••
••• Offering: | Internap FCP Bandwidth! | Rebootless Kernel Updates! | Magento Optimized Hosting | Wordpress Hosting | •••
••• Services: | Managed Multiple Cores 64bit Servers | Server Management | •••