P3Scan 2.9.04d review

by rbytes.net on

P3Scan is a full transparent proxy server for email clients

License: GPL (GNU General Public License)
File size: 0K
Developer: Jack S. Lai
0 stars award from rbytes.net

P3Scan is a full transparent proxy server for email clients. It runs on a Linux box with iptables (for port redirection).

P3Scan can be used to provide email scanning from the Internet to any internal network, and is ideal for helping to protect your "Other OS" LAN from harm, especially when used in conjunction with a firewall and other Internet proxy servers.

It is designed to enable scanning of incoming email messages for viruses, worms, trojans, spam, and harmful attachments. Because viewing HTML email can enable a spammer to validate an email address (via Web bugs), it can also provide HTML stripping.

You have to set up a port redirection with iptables so that all connections from e.g. inside your office to any POP3/POP3S/SMTP server outside in the world will not leave your router, but come to a local port, on which P3Scan listens.

P3Scan receives from the Linux kernel the original destination (the email server outside in the world) and will connect to them.

All data we receive from the client will be sent to the server, and vice versa. With a little enhancement: we parse the necessary parts of the protocol and when an email is sent from the server, we store it into a file, invoke our scanning, and send it along if it is good, or in the event of POP3/POP3S we replace it with a virus notification and optionally delete the infected message. For infected SMTP messages, we reject the message.

It should be possible to use all scanners using the scannertype=basic.

Also, P3Scan provides scannertype=avpd for high-speed scanning using 'Kaspersky Anti-Virus for Linux', every C programmer can easily adept other scan-daemons (trophie, sophie, antivir, ...).

Neither the client nor the server has to be configured, none of them will take notice that there's a mail scanner (except the client when he gets a virus notification or if he looks into the header, and the server gets our ip as source).

iptables - Normally installed by default on major Linux Distributions.
libpcre - Normally installed by default on major Linux Distributions.

An Anti-Virus program

P3Scan is known to work with:

Kaspersky Anti-Virus for Linux (AVPD)
Trophie Anti-Virus Daemon
FRISK F-Prot Antivirus
Clam AntiVirus
F-Secure Anti-Virus
Any other virus scanner that can output it's report to the console (stdout) so that it can be captured with "2>&1".

DSPAM Statistical Spam Protection (optional)
Mail::SpamAssassin (optional)
renattach (optional)

What's New in 2.3.2 Stable Release:
This release upgrades RipMIME to, fixes demime and p3scan.extra bugs, and adds some features.

What's New in 2.9.04d Development Release:
Many bug fixes.
Added no password display (default) in debug mode for pop3.
Added libclamav support.
P3Scan is now an anti-virus transparent proxy.
IMAP support is still in testing and not recommended for production use.

P3Scan 2.9.04d search tags