From owner-freebsd-questions@freebsd.org  Thu Mar 24 04:53:02 2016
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 38F29ADC399
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Thu, 24 Mar 2016 04:53:02 +0000 (UTC)
 (envelope-from Olivier.Nicole@cs.ait.ac.th)
Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::50:5])
 by mx1.freebsd.org (Postfix) with ESMTP id 1F39412C1
 for <freebsd-questions@freebsd.org>; Thu, 24 Mar 2016 04:53:02 +0000 (UTC)
 (envelope-from Olivier.Nicole@cs.ait.ac.th)
Received: by mailman.ysv.freebsd.org (Postfix)
 id 1A8E5ADC398; Thu, 24 Mar 2016 04:53:02 +0000 (UTC)
Delivered-To: questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1A2FFADC397
 for <questions@mailman.ysv.freebsd.org>; Thu, 24 Mar 2016 04:53:02 +0000 (UTC)
 (envelope-from Olivier.Nicole@cs.ait.ac.th)
Received: from mail.cs.ait.ac.th (mail.cs.ait.ac.th [192.41.170.16])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id C520F12C0
 for <questions@freebsd.org>; Thu, 24 Mar 2016 04:53:01 +0000 (UTC)
 (envelope-from Olivier.Nicole@cs.ait.ac.th)
Received: from mail.cs.ait.ac.th (localhost [127.0.0.1])
 by mail.cs.ait.ac.th (Postfix) with ESMTP id 459D4D7882;
 Thu, 24 Mar 2016 11:52:59 +0700 (ICT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.ait.ac.th; h=
 content-type:content-type:mime-version:message-id:date:date
 :in-reply-to:subject:subject:from:from:received:received
 :received; s=selector1; t=1458795178; x=1460609579; bh=JASzM2toO
 VcTTeIG2+QVOM9xXvLyLdWzCCx+ocJ8IAc=; b=EYQ7irva1nnjAZMpjYId+foON
 H7EY5Tz05RbV2BWXr+z87CBgTVVy9q2PAQgvQX2+2CRmxwKyJJC40fQjZ4+bNqz8
 iBqOo2Nm8O4UwqOPRwXCpiDWmnkJjYkXqx5Yldt74Vg4WD/LhWu5pnK7mv6vnTgK
 LbN//P/pSgzbv3sOrI=
X-Virus-Scanned: amavisd-new at cs.ait.ac.th
Received: from mail.cs.ait.ac.th ([127.0.0.1])
 by mail.cs.ait.ac.th (mail.cs.ait.ac.th [127.0.0.1]) (amavisd-new, port 10026)
 with ESMTP id jleVw63KETxH; Thu, 24 Mar 2016 11:52:58 +0700 (ICT)
Received: from banyan.cs.ait.ac.th (banyan.cs.ait.ac.th [192.41.170.5])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mail.cs.ait.ac.th (Postfix) with ESMTPS id 18CF8D7881;
 Thu, 24 Mar 2016 11:52:57 +0700 (ICT)
Received: (from on@localhost)
 by banyan.cs.ait.ac.th (8.15.2/8.15.2/Submit) id u2O4qvJu079541;
 Thu, 24 Mar 2016 11:52:57 +0700 (ICT)
 (envelope-from on@banyan.cs.ait.ac.th)
From: Olivier Nicole <Olivier.Nicole@cs.ait.ac.th>
To: galtsev@kicp.uchicago.edu
Cc: galtsev@kicp.uchicago.edu, questions@freebsd.org
Subject: Re: Anti-virus for FreeBSD
In-Reply-To: <48414.128.135.52.6.1458752888.squirrel@cosmo.uchicago.edu>
 (galtsev@kicp.uchicago.edu)
Date: Thu, 24 Mar 2016 11:52:57 +0700
Message-ID: <wu77fgszdcm.fsf@banyan.cs.ait.ac.th>
MIME-Version: 1.0
Content-Type: text/plain
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Mar 2016 04:53:02 -0000

Valeri,

> However, to scan something with _that_ antivirus, you have to run their
> binary code on one of your machines, right? Of course, one can feel
> awfully smart (what!, say, I'm running some code on some system that does
> nothing else but that code, and has no way to talk to anything apart from
> getting what to scan and returning scanned...).

Not to that extend, but the mail server does only mail.

> I myself to the contrary
> prefer to consider myself stupid when security of my boxes and privacy of
> my users are concerned. So stupid that I can easily be outsmarted by any
> of CIA, KGB, MI-6 and alike. Which definitely is 100% true, they easily
> will outsmart me having all their resources. So I just try to keep away
> from anything that potentially could have been touched by their hands.
> That's the only thing I tried to say, and apparently failed ;-)

You did not failed. But :)

If I have to have secured email, I will secure it on my workstation
before I even pass it to the mail system.

Why worrying about the anti virus being able to spy on my email if I am
about to send it to the world (through many email relay that I have no
control upon whatsoever) in clear text?

If the message is dully encrypted, then the anti virus, nor any bad guy
should be able to spy on it. If the message is clear text, I must not
worry too much about the privacy of its contents.

Best regards,

Olivier