Q. Is OdeiaVir a virus scanner?
A. No, it's a wrapper that allows you to call a virus scanner of your
choice to scan incoming mail messages. You have to have a valid license
for the antivirus if you want to be legally able to use OdeiaVir.
Q. What's this "ripMIME" you call from OdeiaVir?
A. It's an utility that slices an e-mail message into body, headers, and
attachments. OdeiaVir calls the virus scanner on the temporary directory
ripMIME creates.
Q. Doesn't it scan outgoing mail?
A. The short answer is no. The long answer is, I MIGHT work on it in the
future. You'll agree that protecting your own users is more important
than protecting someone else's. And it saves CPU too -- no scanning
messages that will be bounced, spam-filtered etc. Also, if you are a
service provider, you can set up "premium" accounts, with users paying
$$$ for virus protection.
Q. Why "OdeiaVir"? What does it mean?
A. Before I decided to create OdeiaVir, I was trying to get AMaViS
(http://www.amavis.org/) to work. "Ama" in Portuguese means "loves",
so "amavis" sounded dangerously close to "loves viruses".
"Hates" in
Portuguese is "odeia", so...
Q. Ah, you're Portuguese?
A. Close. I'm Brazilian.
Q. I upgraded OdeiaVir and now it doesn't work. I use uvscan.
A. From 0.3.2 on, OdeiaVir makes use of the --mime command-line switch of
uvscan, which wasn't present in versions of uvscan prior to 4.16.
Upgrade uvscan.
Q. I want to send you some cool changes I made to OdeiaVir.
A. Now that we have switched over to SourceForge we will be changing to use the CVS method of project development.
Q. OdeiaVir doesn't support antivirus XYZ. You, therefore, suck.
A. Take a look at the AVDefs structure in odeiavir.c and start working on
your antivirus. Save its output to a txt file, study its docs to see
what's the return code for virus found, and how the virus name appears
in the output. If you successfuly get it to work, send me a patch (see
previous question). If you're stumped, mail me an URL for the antivirus
and maybe, just MAYBE, I'll include support for it in the official
OdeiaVir distribution.
Q. What? No Norton?
A. There is no Unix version for Norton Antivirus that I know of. Yo,
Symantec, are you hearing?
Q. OdeiaVir doesn't seem to be able to send a warning message to the
sender/receiver of an infected message.
A. Some qmail setups interfere with the automatic detection of sender or
receiver addresses. Take a look at the -ns, -nr, -r, -w, and -f
command-line switches in the README.
Q. My server is not an Intel machine. Am I out of luck?
A. Not exactly. Makers of proprietary software (like the antiviruses
OdeiaVir depends on) have the annoying habit of only compiling their
products for i386. When this FAQ was written, two of the supported
antivirus programs (McAfee VirusScan and Sophos Anti-Virus) have
support for non-Intel machines (and other kinds of Intel Unices).
Q. Why is configuration for ScannerDaemon different than for other scanners?
A. ScannerDaemon is not an executable program that gets called via
system(), but rather a daemon, as its name says. OdeiaVir makes a TCP
connection to it and sends the name of the file(s) to scan. The
advantage of such a setup is that the ever-growing table of virus
signatures is read from disk only once, at startup. The bad news is
that ScannerDaemon is (at the time of this writing) in a very
preliminary stage. Make regular visits to http://www.openantivirus.org.
Q. Doesn't Kaspersky (http://www.kaspersky.com) have a "daemon mode"
too?
A. Yes, but when I tried to put it to work, I was in a bad day. Maybe I'll
try again when I'm in a less irritable mood. If you are a C programmer,
consider yourself invited to contribute this feature to OdeiaVir. You can
use Kaspersky as a "normal" (command-line) antivirus from OdeiaVir.
Q. I wanna OdeiaVir with Sendmail! I wanna! I wanna! Waaaaahhhh!!!
A. Sendmail support will be here Real Soon Now (TM). Meanwhile, you can take
a look at Paul L. Daniels's Inflex (http://www.pldaniels.com/inflex/)