I am using playing with clamd and spamd on a [production] server. ;-) I really like clamd however it keeps dying.
The [Postfix] MTA server is acting as a mail gateway processing about 20,000+ incoming emails daily. Since amavis does not depend on clamd, Postfix just goes on delivering un-scanned emails when clamd dies. Thus, nothing is really impacted when clamd dies. However, I was wondering if there is anything I do aside from running a cronjob to keep clamd running ? Any recommendations would greatly be appreciated. Since most users [on my end] are unaware that I am testing clamd, turning off clamd will not hurt many. But, having a virus scanner on the mail gateway seems so cool. Are there any other nice virus scanners that are open source ? I have these packages installed: ========================================== Sarge: ii amavisd-new 20030616p7-3 Interface between MTA and virus scanner/cont ii clamav 0.67-7 Antivirus scanner for Unix ii clamav-base 0.67-7 Base package for clamav, an anti-virus utili ii clamav-daemon 0.67-7 Powerful Antivirus scanner daemon ii clamav-freshcl 0.67-7 Downloads clamav virus databases from the In ii libclamav1 0.67-7 Virus scanner library Woody: ii postfix 1.1.11-0.woody A high-performance mail transport agent ii postfix-ldap 1.1.11-0.woody LDAP map support for Postfix ii postfix-pcre 1.1.11-0.woody PCRE map support for Postfix Logs from clamd where crash occured: ========================================== Tue Apr 6 14:09:43 2004 -> +++ Started at 2004-04-06 14:09:43 Tue Apr 6 14:09:43 2004 -> Log file size limited to 1048576 bytes. Tue Apr 6 14:09:43 2004 -> Reading databases from /var/lib/clamav/ Tue Apr 6 14:09:44 2004 -> Protecting against 20848 viruses. Tue Apr 6 14:09:45 2004 -> Unix socket file /var/run/clamav/clamd.ctl Tue Apr 6 14:09:45 2004 -> Setting connection queue length to 15 Tue Apr 6 14:09:45 2004 -> Maximal number of threads: 12 Tue Apr 6 14:09:45 2004 -> Archive: Archived file size limit set to 1048576 bytes. Tue Apr 6 14:09:45 2004 -> Archive: Recursion level limit set to 5. Tue Apr 6 14:09:45 2004 -> Archive: Files limit set to 10000. Tue Apr 6 14:09:45 2004 -> WARNING: USING HARDCODED LIMIT: Archive: Compression ratio limit set to 200. Tue Apr 6 14:09:45 2004 -> Archive support enabled. Tue Apr 6 14:09:45 2004 -> RAR support disabled. Tue Apr 6 14:09:45 2004 -> Mail files support enabled. Tue Apr 6 14:09:45 2004 -> OLE2 support disabled. Tue Apr 6 14:09:45 2004 -> Self checking every 3600 seconds. Tue Apr 6 14:09:45 2004 -> Timeout set to 180 seconds. Tue Apr 6 14:09:45 2004 -> SelfCheck: Database status OK. Tue Apr 6 14:11:33 2004 -> /var/lib/amavis/amavis-20040406T141123-32670/parts/part-00003: Worm.Bagle.Gen-zippwd-2 FOUND Tue Apr 6 14:11:33 2004 -> /var/lib/amavis/amavis-20040406T141123-32670/parts/email.txt: Worm.Bagle.Gen-zippwd-2 FOUND Tue Apr 6 14:28:22 2004 -> /var/lib/amavis/amavis-20040406T142653-02329/parts/email.txt: Worm.Mydoom.F FOUND Tue Apr 6 14:28:22 2004 -> /var/lib/amavis/amavis-20040406T142653-02329/parts/part-00003: Worm.Mydoom.F FOUND Tue Apr 6 15:10:21 2004 -> SelfCheck: Database status OK. Tue Apr 6 15:13:49 2004 -> /var/lib/amavis/amavis-20040406T151248-06187/parts/email.txt: Worm.Mydoom.F FOUND Tue Apr 6 15:13:49 2004 -> /var/lib/amavis/amavis-20040406T151248-06187/parts/part-00005: Worm.Mydoom.F FOUND Tue Apr 6 15:14:48 2004 -> /var/lib/amavis/amavis-20040406T151340-06284/parts/part-00003: Worm.SomeFool.P FOUND Tue Apr 6 15:15:24 2004 -> /var/lib/amavis/amavis-20040406T151426-06364/parts/part-00003: Worm.Bagle.Gen-zippwd-2 FOUND Tue Apr 6 15:15:24 2004 -> Segmentation fault :-( Bye.. My clamd.conf looks like this: ========================================== debian:/var/lib/amavis# cat /etc/clamav/clamav.conf #Automatically Generated by clamav-daemon postinst #To reconfigure clamd run #dpkg-reconfigure clamav-daemon LocalSocket /var/run/clamav/clamd.ctl FixStaleSocket ScanMail ScanArchive ArchiveMaxRecursion 5 ArchiveMaxFiles 10000 ArchiveMaxFileSize 1M ThreadTimeout 180 MaxThreads 12 MaxConnectionQueueLength 15 StreamSaveToDisk LogFile /var/log/clamav/clamav.log LogTime PidFile /var/run/clamav/clamd.pid DatabaseDirectory /var/lib/clamav/ #SelfCheck 3600 SelfCheck 3600 #added later by Ted #TCPSocket 11111 TCPAddr 127.0.0.1 MaxConnectionQueueLength 50 ArchiveMaxFiles 10000 MaxThreads 20 #don't scan any files larger than 1M ClamukoMaxFileSize 1M MaxConnectionQueueLength 30 Server power: ================================= debian:/var/log/clamav# cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 8 model name : Pentium III (Coppermine) stepping : 10 cpu MHz : 1000.041 cache size : 256 KB fdiv_bug : no hlt_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 2 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 mmx fxsr sse bogomips : 1992.29 debian:/var/log/clamav# cat /proc/meminfo total: used: free: shared: buffers: cached: Mem: 525742080 489848832 35893248 0 15749120 308232192 Swap: 1499279360 20836352 1478443008 MemTotal: 513420 kB MemFree: 35052 kB MemShared: 0 kB Buffers: 15380 kB Cached: 288752 kB SwapCached: 12256 kB Active: 287828 kB Inactive: 153920 kB HighTotal: 0 kB HighFree: 0 kB LowTotal: 513420 kB LowFree: 35052 kB SwapTotal: 1464140 kB SwapFree: 1443792 kB -- ------------------------------------------ Ted Knab Chester, Maryland 21619 USA ------------------------------------------ Conquest is easy. Control is not. -- Kirk, "Mirror, Mirror", stardate unknown -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]