Re: clamav as a milter
On 27/03/18 03:18, Alex Bruce wrote: > Thing is clamav-milter is a before-queue filter (used as milter in > postfix) whereas ClamSMTP is after-queue filter (uses content filter in > postfix) > > These are fundamentally different ways of providing filtering in Postfix. > > Before-Queue filtering can reject emails if they have a virus in the > SMTP transaction (after DATA) whereas After-Queue cannot or should not > without a bounce message (please no backscatter) so After-Queue should > only quarantine or discard a virus email not reject/bounce. > > Before-Queue requires more memory upfront to handle multiple connections > as each connection is going to need realtime-access to clamav whereas > After-Queue does not have such stringent requirements and can get away > with lower memory as email can be processed slower but not perceived to > be slower (as emails are accepted immediately but later discarded if > virus etc). > > See Pros and Cons of Before Queue -- > http://www.postfix.org/SMTPD_PROXY_README.html > > With clamav-milter it must wait for the milter to say virus or no virus > before it can end the SMTP transaction which leads to potential > performance issues if the mail server is not well speced for > before-queue scanning but it has the advantage of rejecting mail in SMTP > transaction. > > > > From: "André Rodier" <an...@rodier.me> > To: postfix-users@postfix.org > Date: 27/03/2018 12:10 PM > Subject: Re: clamav as a milter > Sent by: owner-postfix-us...@postfix.org > > > > > On 26/03/18 23:35, Scott Kitterman wrote: >> On Monday, March 26, 2018 10:27:57 PM André Rodier wrote: >>> Hello all, >>> >>> Does anyone suffered performance loss when using clamav as a milter for >>> postfix? >>> >>> I would like to scan archives and emails with attachments. Is there any >>> other way to do than using a milter? >>> >>> Thanks for your advices. >> >> I use http://thewalter.net/stef/software/clamsmtp/- it hasn't been updated in >> a long time, but it does what it needs to do. >> >> Scott K >> > Thank you. > > Thank you, Alex, Now I remember the fundamental difference, I will make sure to use the appropriate one. I might use dovecot sieve and custom scripts as well, I will post on the other list. Kind regards, André -- https://github.com/progmaticltd/homebox
Re: clamav as a milter
Am 26.03.2018 um 23:27 schrieb André Rodier: > Hello all, > > Does anyone suffered performance loss when using clamav as a milter for > postfix? Not relevant, but for sure to scan something you need resources and time. > > I would like to scan archives and emails with attachments. Is there any > other way to do than using a milter? > > Thanks for your advices. > > André > Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Schleißheimer Straße 26/MG, 80333 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
Re: clamav as a milter
Thing is clamav-milter is a before-queue filter (used as milter in postfix) whereas ClamSMTP is after-queue filter (uses content filter in postfix) These are fundamentally different ways of providing filtering in Postfix. Before-Queue filtering can reject emails if they have a virus in the SMTP transaction (after DATA) whereas After-Queue cannot or should not without a bounce message (please no backscatter) so After-Queue should only quarantine or discard a virus email not reject/bounce. Before-Queue requires more memory upfront to handle multiple connections as each connection is going to need realtime-access to clamav whereas After-Queue does not have such stringent requirements and can get away with lower memory as email can be processed slower but not perceived to be slower (as emails are accepted immediately but later discarded if virus etc). See Pros and Cons of Before Queue -- http://www.postfix.org/SMTPD_PROXY_README.html With clamav-milter it must wait for the milter to say virus or no virus before it can end the SMTP transaction which leads to potential performance issues if the mail server is not well speced for before-queue scanning but it has the advantage of rejecting mail in SMTP transaction. From: "André Rodier" <an...@rodier.me> To: postfix-users@postfix.org Date: 27/03/2018 12:10 PM Subject: Re: clamav as a milter Sent by:owner-postfix-us...@postfix.org On 26/03/18 23:35, Scott Kitterman wrote: > On Monday, March 26, 2018 10:27:57 PM André Rodier wrote: >> Hello all, >> >> Does anyone suffered performance loss when using clamav as a milter for >> postfix? >> >> I would like to scan archives and emails with attachments. Is there any >> other way to do than using a milter? >> >> Thanks for your advices. > > I use http://thewalter.net/stef/software/clamsmtp/ - it hasn't been updated in > a long time, but it does what it needs to do. > > Scott K > Thank you.
Re: clamav as a milter
On March 26, 2018 11:12:37 PM UTC, "li...@lazygranch.com" <li...@lazygranch.com> wrote: >On Mon, 26 Mar 2018 18:35:19 -0400 >Scott Kitterman <post...@kitterman.com> wrote: > >> On Monday, March 26, 2018 10:27:57 PM André Rodier wrote: >> > Hello all, >> > >> > Does anyone suffered performance loss when using clamav as a milter >> > for postfix? >> > >> > I would like to scan archives and emails with attachments. Is there >> > any other way to do than using a milter? >> > >> > Thanks for your advices. >> >> I use http://thewalter.net/stef/software/clamsmtp/ - it hasn't been >> updated in a long time, but it does what it needs to do. >> >> Scott K > >I stopped using clamav when I set up my new server due to amavisd-new >stalling once in a while on my former freeBSD server. Is this one >bulletproof? I've never had any problems, but I'm running relatively low volume servers. Not that any software is bulletproof, but I think you'll generally get more consistent performance from something made of C (as this is) than something made of Perl (or any interpreted language). Scott K
Re: clamav as a milter
On Mon, 26 Mar 2018 18:35:19 -0400 Scott Kitterman <post...@kitterman.com> wrote: > On Monday, March 26, 2018 10:27:57 PM André Rodier wrote: > > Hello all, > > > > Does anyone suffered performance loss when using clamav as a milter > > for postfix? > > > > I would like to scan archives and emails with attachments. Is there > > any other way to do than using a milter? > > > > Thanks for your advices. > > I use http://thewalter.net/stef/software/clamsmtp/ - it hasn't been > updated in a long time, but it does what it needs to do. > > Scott K I stopped using clamav when I set up my new server due to amavisd-new stalling once in a while on my former freeBSD server. Is this one bulletproof?
Re: clamav as a milter
On 26/03/18 23:35, Scott Kitterman wrote: > On Monday, March 26, 2018 10:27:57 PM André Rodier wrote: >> Hello all, >> >> Does anyone suffered performance loss when using clamav as a milter for >> postfix? >> >> I would like to scan archives and emails with attachments. Is there any >> other way to do than using a milter? >> >> Thanks for your advices. > > I use http://thewalter.net/stef/software/clamsmtp/ - it hasn't been updated > in > a long time, but it does what it needs to do. > > Scott K > Thank you.
Re: clamav as a milter
On Monday, March 26, 2018 10:27:57 PM André Rodier wrote: > Hello all, > > Does anyone suffered performance loss when using clamav as a milter for > postfix? > > I would like to scan archives and emails with attachments. Is there any > other way to do than using a milter? > > Thanks for your advices. I use http://thewalter.net/stef/software/clamsmtp/ - it hasn't been updated in a long time, but it does what it needs to do. Scott K
clamav as a milter
Hello all, Does anyone suffered performance loss when using clamav as a milter for postfix? I would like to scan archives and emails with attachments. Is there any other way to do than using a milter? Thanks for your advices. André
