[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vps-mail] VPS2, newbie questions

Subject: Re: [vps-mail] VPS2, newbie questions
From: Scott Wiersdorf <scottw@xxxxxxxxxxxx>
Date: Fri, 26 Mar 2004 14:01:08 -0700

On Fri, Mar 26, 2004 at 12:45:53PM -0800, Abigail Marshall wrote:
> Scott wrote:
> >clamd is not very stable yet, but it is simply started with 'clamd'.
> 
> By "not very stable" do you just mean it tends to hang or
> crash?

It will occasionally hang or die, yes. Its socket handling is very
poor. One of our developers here (among others) has submitted a
variety of patches to the clamav team but they won't be released for
a while yet.

If it runs fine for you on your VPS v2, that's great. Our experience
is that the extra overhead of not running it but running clamscan
(instead of clamdscan) from procmail is not significant.

If you're a do-it-yourselfer and sensitive about performance, you
might want to look at running a milter. Our own Weldon Whipple has
written an excellent (and simple) tutorial on getting that running:

    http://www.technoids.org/clamav-milter.html

You can ignore the part about keeping your ports tree up-to-date,
since viaVerio does that for you.

> As soon as the VPS goes online as my primary mail
> handler, it will get deluged with lots of virus/spam email.
> I felt clamd was more appropriate for a high volume server,
> but obviously that could be a problem if it doesn't work
> reliably.

The clamscan is only slightly heavier than clamdscan. It's still one
fork for procmail either way. 0.67 does not yet have all the right
patches (I think), but the 0.70 CVS version does. It won't find its
way to FreeBSD ports for a while.

> Another question:
> 
> I changed the procmail recipe to send caught viruses to
>   /var/mail/quarantine/clamav
> rather than  $HOME/quarantine
> 
> Since it is no longer going to specific user files, do I
> still need the  DROPPRIVS=yes       ?

No. In fact, you probably won't be able to write to that location if
you do drop privileges.

Scott
-- 
Scott Wiersdorf
scottw@xxxxxxxxxxxx
======================================================================
This is <vps-mail@xxxxxxxxxxxx>       <http://www.perlcode.org/lists/>
Before posting a question, please search the archives (see above URL).

Follow-Ups:
- Re[2]: [vps-mail] VPS2, newbie questions
  - From: Abigail Marshall
- [vps-mail] VPS2 - various hassles with clamav & procmail
  - From: Abigail Marshall
- [vps-mail] ClamAV Daemon....you were right, Scott
  - From: Abigail Marshall

References:
- [vps-mail] VPS2, newbie questions
  - From: Abigail Marshall
- Re: [vps-mail] VPS2, newbie questions
  - From: Abigail Marshall

Prev by Date: Re: [vps-mail] VPS2, newbie questions
Next by Date: Re[2]: [vps-mail] VPS2, newbie questions
Previous by thread: Re: [vps-mail] VPS2, newbie questions
Next by thread: Re[2]: [vps-mail] VPS2, newbie questions
Index(es):
- Date
- Thread

Main Index | Thread Index