Results 1 to 19 of 19
  1. #1
    Join Date
    Feb 2004
    Posts
    466

    hosting with antivirus included?

    i'be veen searching but i haven't really found one that offers that besides Interland (but they do NOT offer THAT in the VPS )

    any suggestions?

  2. #2
    Join Date
    Jan 2003
    Location
    Lake Arrowhead, CA
    Posts
    789
    Have you asked them? If you're talking about pop and/or smtp antivirus, almost all hosts use some kind of AV scanning.
    http://www.srohosting.com
    Stability, redundancy and peace of mind

  3. #3
    Join Date
    Dec 2001
    Location
    Above The Clouds
    Posts
    7,223
    Any host worth their salt will install anti-virus on their machines. We are in the middle of switching from f-prot to clamv and our clients are going nuts just from not having anti-virus for a few days, lol.
    Laurence Flynn @ HostNEXUS.com
    Managed WordPress Hosting Solutions
    Focused on speed. Obsessed with security.

  4. #4
    Join Date
    Nov 2002
    Location
    Hot, hot Michigan...
    Posts
    3,506
    Oh, clamav rocks - just make sure you configure it right so that you're not bouncing 'virus notification' emails all over.. Wanna thwack some postmasters with a clue-by-four for that...

    mp3sattack: Lots of hosts started turning on virus scanners when the mydoom worm came around and slammed mail servers - so just ask any particular host that you're interested in if they did, even if it's not explicitly noted on their page(s).
    Ion Web Services/TronicTech
    http://www.ion-web.com or Unsupported webhosting?!?
    Shared hosting, Reseller accounts, Dedicated Servers, and More
    Proudly hosting since 2002

  5. #5
    Originally posted by NexDog
    Any host worth their salt will install anti-virus on their machines.
    I strongly disagree with that statement. We have countless clients that email us saying "PLEASE DO NOT SCAN OUR EMAILS FOR US! WE CAN DO IT OURSELVES!".

    Then we have those that get pissed when cPanel rejects certain filename extensions.

    So any host worth their salt does NOT have to install AV software on their machines. There are always those that prefer not to have such software.
    YourCheapHost.com - Low cost multi domain hosting solutions. [Legal adult content friendly]
    Reliable web site hosting is our motto. We have Alertra stats to back that up.
    Proven provider of high quality shared and reseller accounts since 2002.

  6. #6
    Join Date
    Nov 2002
    Location
    Hot, hot Michigan...
    Posts
    3,506
    Well, what we do is strip attachments that are viruses (or rather match the clamav virus database) and send the email with a modified subject line to the customer. Works well, if they want to get the attachment all they have to do is contact within X days and it can be given to them.

    Course, if they want to move all the virus emails to the bitbucket by filtering based on the header, then they can do that too.

    That kinda setup is pretty standard. So far nobody's requested their viruses either

    But our servers were just getting hosed with mydoom. I mean completely hosed. It generated lots of helpdesk tickets about 'bouncing email that I never sent' and such. Had to be done Previously I was of the school that virus filtering should *not* be done on the host side, but the client side.
    Ion Web Services/TronicTech
    http://www.ion-web.com or Unsupported webhosting?!?
    Shared hosting, Reseller accounts, Dedicated Servers, and More
    Proudly hosting since 2002

  7. #7
    Originally posted by thedavid
    But our servers were just getting hosed with mydoom. I mean completely hosed. It generated lots of helpdesk tickets about 'bouncing email that I never sent' and such.
    Thankfully that didn't happen to any of our servers. Maybe the day will come when we will make the same move, but as of now, we don't see a need for it because everyone has their own virus scanner installed these days.

    Of course the main reason we are holding back is because of unhappy clients that wish to do their own filtering and such.
    YourCheapHost.com - Low cost multi domain hosting solutions. [Legal adult content friendly]
    Reliable web site hosting is our motto. We have Alertra stats to back that up.
    Proven provider of high quality shared and reseller accounts since 2002.

  8. #8
    We do scan all our emails with Clamav as well, and it works well (and virus definitions are updated very quickly just as with any commercial solution)

    I guess whether it should be standard or not depends a lot on the hosts. But with the spill over effect from a single worm so devastating, it may just help to have those features on the server side to limit the damage (rather than to have it pass through and some uninformed user is bound to be infected leading to more being sent out etc. )

    During Mydoom episode, we do see an increase in volume, but nothing that kills our server. We do have users asking us about the sudden increase in virus notification messages we send them when we find viruses destined for their accounts.
    ••• Like us on Facebook to qualify for discounts! •••
    ••• http://www.sprintserve.net •••
    ••• Offering: | Internap FCP Bandwidth! | Rebootless Kernel Updates! | Magento Optimized Hosting | Wordpress Hosting | •••
    ••• Services: | Managed Multiple Cores 64bit Servers | Server Management | •••

  9. #9
    Join Date
    Dec 2001
    Location
    Above The Clouds
    Posts
    7,223
    Originally posted by net-trend
    I strongly disagree with that statement. We have countless clients that email us saying "PLEASE DO NOT SCAN OUR EMAILS FOR US! WE CAN DO IT OURSELVES!".

    Then we have those that get pissed when cPanel rejects certain filename extensions.

    So any host worth their salt does NOT have to install AV software on their machines. There are always those that prefer not to have such software.
    I have to admit that I'm greatly suprised to hear you say this. As far as I'm concerned, if a host has not installed anti-virus they:

    a) Are lazy
    b) Lack the skills to do so
    c) Exercising bad judgement

    You can't rely on Cpanel to reject certain file extensions and think that's a virus filter, lol. Host are email providers and it's our duty to ensure that email arrives and on time and not carrying a time bomb. Call me pedantic, but I just don't want nasty binaries flying around our servers, do you?

    Viruses come in attacks these days and you think I'm going to believe that a client would rather scan 1000 emails a day on their PC than not receive them at all? One client might have said, "Let me scan them" but they are your one insane client and you shouldn't listen to them. All your other clients will thank you if you install ant-virus, believe me as there was a time when we didn't inercept the damn things.

    As I mentioned before, we are changing our AV system due to issues with the old one on the new Plesk 7 and our servers have been unprotected for 3 days (installing new system now). Our clients are certainly vocal about Of course you never hear the word "virus" normally because it's just something that no-one has to worry about - and yes, everyone does have anti-virus on their computers.

    What about people who use webmail exclusively? We have hundreds of clients like that and norton isn't going to screen your email when you open your inbox. Why stop the burgalar at the door when you can install an alarm system to ensure he doesn't get to the door?

    Another thing to think about is by not installing anti-virus, you are just adding to the problem because your server is most definitely relaying viruses to other servers via infected Outlook programs. Virus filters have to be 2-way - stopping viruses from reaching email boxes on both side of the fence.

    So don't let some misinformed and slightly bizarre client misguide your responsibilities to your other clients and to the rest of the internet.
    Laurence Flynn @ HostNEXUS.com
    Managed WordPress Hosting Solutions
    Focused on speed. Obsessed with security.

  10. #10
    Laurence,

    You make several wonderful points. But stating that we "a) Are lazy
    b) Lack the skills to do so
    c) Exercising bad judgement" isn't fair or even remotely correct.

    WIth regards to webmail attachments, each downloaded file get's scanned automatically just the same way if you use IMAP or POP3.

    "So don't let some misinformed and slightly bizarre client misguide your responsibilities to your other clients and to the rest of the internet."

    How I wished it was only a single bizzare client. If it was, it'd be much easier to deal with. Unfortunately, there are always those who oppose it.

    As a host we provide a service, to some they prefer AV scanning and others prefer not to have it. That is why webmail providers like Yahoo always supplies 2 download links for attachments. One for it to be scanned another for it not to be scanned.

    After reading your reply however, i'll put this back into consideration and maybe silently mask the point where we do scan mails for viruses.

    Time will tell because mydoom didn't affect our services even with increased mail traffic.
    YourCheapHost.com - Low cost multi domain hosting solutions. [Legal adult content friendly]
    Reliable web site hosting is our motto. We have Alertra stats to back that up.
    Proven provider of high quality shared and reseller accounts since 2002.

  11. #11
    Join Date
    Dec 2001
    Location
    Above The Clouds
    Posts
    7,223
    Hey, I've always greatly respected your input here at WHT which is why I said I was suprised to hear you say that. The 3 points I listed can be the only 3 reasons for not installing AV and it sounds like you are resting at (c) due to being influenced by certain clients. But clients need to be schooled about many things. They need to be schooled about resource usage, email usage, security and many other things and the communication between host and client mist always be flowing and in both directions. There are always sticklers to change. Every time we implement something new, some people moan until they get used to it and after they never look back.

    Deploying anti-virus should be a part of your overall security implementations. Okay, it can't infect you but you are letting your server be an accessory to many infections and that can't be good. You are lucky that you didn't get hit but during SoBigF, some of our servers were stopping 10,000 infected emails per hour. I remember an attack before we used anti-virus and the sheer number of email filled up the /tmp partition on a number of servers causing qmail and mysql to die - and that is yet another thing to consider.

    You mention Yahoo, but at least they have the option to scan attachments. I'm sure if you mailed your clients and pointed out the benefits (so many) of anti-virus software, they'll understand. Plus you can market the fact that you have anti-virus which means more sales. I can't think of one sane reason why a client would want to intercept a virus intead of letting the server do it. I mean, it's not like that software make any mistakes. It checks emails for virus signatures - it doesn't work on a score system like SpamAssassin or something. It's either a virus or it isn't. I remember when we introduced it, a client who was happy that we were doing it asked on the forum if it would be configurable like SpamAssassin and another client responded, "What do you want to set it to, not to intercept viruses".

    Because that is what it does, it doesn't make mistakes.
    Laurence Flynn @ HostNEXUS.com
    Managed WordPress Hosting Solutions
    Focused on speed. Obsessed with security.

  12. #12
    Laurence,

    I too greatly respect all your input here. This is also the reason now why I've put this plan back into consideration.

    I'm going to think this through another couple of hours and may implement a trial on a single server.

    Thanks for your thoughts as my clients may have blinded me severely.
    YourCheapHost.com - Low cost multi domain hosting solutions. [Legal adult content friendly]
    Reliable web site hosting is our motto. We have Alertra stats to back that up.
    Proven provider of high quality shared and reseller accounts since 2002.

  13. #13
    Join Date
    Nov 2002
    Location
    Hot, hot Michigan...
    Posts
    3,506
    Coupla quick things so long as we're well off topic

    1) I went to your site and it looks like you use cpanel (nice site BTW). Don't use cpanel.net's clamav - last I checked there was a hole in their version that can be exploited to freeze your mail scanner, and thus mail delivery. Use the updated project files
    2) Make sure you configure it not to send infection reports to the sender. 99.9% of the time, the worm has already messed up the from: address and this'll just cause a buncha bounces (or angry people emailing postmaster@ your domain)

    It's really, really slick though. 'freshclam' updates the signatures on a regular basis via cron, and that hasn't failed yet. Uses a lil more cpu than before, and doesn't handle large floods of mail (mail bombs, et al) as well due to this, but it's all worth it.
    Ion Web Services/TronicTech
    http://www.ion-web.com or Unsupported webhosting?!?
    Shared hosting, Reseller accounts, Dedicated Servers, and More
    Proudly hosting since 2002

  14. #14
    thedavid,

    Thanks for the tips. Will keep them in mind.
    YourCheapHost.com - Low cost multi domain hosting solutions. [Legal adult content friendly]
    Reliable web site hosting is our motto. We have Alertra stats to back that up.
    Proven provider of high quality shared and reseller accounts since 2002.

  15. #15
    Join Date
    Dec 2001
    Location
    Above The Clouds
    Posts
    7,223
    On Plesk we have to integrate clamv's qmail-scanner with the one that Plesk runs which can be tricky to get right and the system is so different from f-prot which we used before. But it's done and tested now so we are building the RPMs which we can throw in the apt-get tree for easy install on about 30 servers.
    Laurence Flynn @ HostNEXUS.com
    Managed WordPress Hosting Solutions
    Focused on speed. Obsessed with security.

  16. #16
    Originally posted by thedavid
    Coupla quick things so long as we're well off topic

    1) I went to your site and it looks like you use cpanel (nice site BTW). Don't use cpanel.net's clamav - last I checked there was a hole in their version that can be exploited to freeze your mail scanner, and thus mail delivery. Use the updated project files
    2) Make sure you configure it not to send infection reports to the sender. 99.9% of the time, the worm has already messed up the from: address and this'll just cause a buncha bounces (or angry people emailing postmaster@ your domain)
    1. You can easily tweak this. Download the Cpanel.net Antivirus, then download the latest ClamAV package. Then unzip the Cpanel.net file, delete the clamav they package, put in the latest version you had download, and edit the clam install script to point at the new file. Works like a charm. As this is not the technical forum, I won't go to more details. But more details are available on request.

    2. I agree totally.
    ••• Like us on Facebook to qualify for discounts! •••
    ••• http://www.sprintserve.net •••
    ••• Offering: | Internap FCP Bandwidth! | Rebootless Kernel Updates! | Magento Optimized Hosting | Wordpress Hosting | •••
    ••• Services: | Managed Multiple Cores 64bit Servers | Server Management | •••

  17. #17
    And is there any way to scan not only emails but everything on our servers.. I mean if there are some files available to download on some client's website, shouldn't they be scanned?
    Wholesale Domain Prices for Retail Customers - Rushtoweb.com

  18. #18
    Join Date
    Nov 2002
    Location
    Hot, hot Michigan...
    Posts
    3,506
    Nah, I wouldn't scan those. You could, and just cron it I guess. Here's the clamscan manpage:

    clamscan(1) Clam AntiVirus clamscan(1)

    NAME
    clamscan - scan files and directories against viruses

    SYNOPSIS
    clamscan [options] [file/directory/-]
    Ion Web Services/TronicTech
    http://www.ion-web.com or Unsupported webhosting?!?
    Shared hosting, Reseller accounts, Dedicated Servers, and More
    Proudly hosting since 2002

  19. #19
    You can actually use clamav to scan all your files. If you want to do it on a regular basis, just add a cronjob to do it. If you want to add on-access scanner, there's an added tweak that you need to install to enable it.
    ••• Like us on Facebook to qualify for discounts! •••
    ••• http://www.sprintserve.net •••
    ••• Offering: | Internap FCP Bandwidth! | Rebootless Kernel Updates! | Magento Optimized Hosting | Wordpress Hosting | •••
    ••• Services: | Managed Multiple Cores 64bit Servers | Server Management | •••

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •