I have been running dansguardian for more than 5 years because I liked the idea of on-access antivirus scanning and web filtering based on extensions, mime types, phraselists etc. However, lately I switched to squid + squidclamav + squidguard setup mainly because dansguardian supports only NTLM, and not kerberos authentication. Also, after years of usage I found out that for my setup the only lists that were of use for me were domain and extension blacklists, so all other dansguardian options seem like an overkill. Hope soon someone makes icap-based redirector for filtering domains, extensions and mime types. I suspect mod_srv_url_check http://c-icap.sourceforge.net/c-icap-modules.conf-0.3.x.html#mod_srv_url_check can do it, but it's documentation is too cryptic for a humble sysadmin as me. -- Marko Cupać
