From owner-freebsd-isp@FreeBSD.ORG Sun Feb 18 19:14:34 2007 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id EEB6A16A400 for ; Sun, 18 Feb 2007 19:14:34 +0000 (UTC) (envelope-from jc@irbs.com) Received: from turtle-out.mxes.net (turtle-out.mxes.net [216.86.168.191]) by mx1.freebsd.org (Postfix) with ESMTP id C490013C467 for ; Sun, 18 Feb 2007 19:14:32 +0000 (UTC) (envelope-from jc@irbs.com) Received: from mxout-04.mxes.net (mxout-04.mxes.net [216.86.168.179]) by turtle-in.mxes.net (Postfix) with ESMTP id 2EDF6105C9 for ; Sun, 18 Feb 2007 13:47:15 -0500 (EST) Received: from exuma.irbs.com (exuma.irbs.com [216.86.160.225]) by mxout-04.mxes.net (Postfix) with ESMTP id 4E356A3232 for ; Sun, 18 Feb 2007 13:47:14 -0500 (EST) Received: by exuma.irbs.com (Postfix, from userid 2500) id BA402BA89; Sun, 18 Feb 2007 13:47:13 -0500 (EST) Date: Sun, 18 Feb 2007 13:47:13 -0500 From: John Capo To: FreeBSD ISP Message-ID: <20070218184713.GA12199@exuma.irbs.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.2i Subject: Re: Clamav replacement for FreeBSD+postfix? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: jc@irbs.com List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Feb 2007 19:14:35 -0000 Quoting Francisco Reyes (lists@stringsutils.com): > Anyone using something other than Clamav in an busy FreeBSD+postfix > environment for antivirus? > > Clamav freezes often. Reading archives, seems this is not so rare > in FreeBSD. > > We even tried better machines, and gave Clamav more memory. That helped, > but still seeing issues. > > This is for an ISP, so experiences on other ISPs or large setups (ie over > 100,000 emails per day) would be most welcome. We scan 300,000 messages on a busy day with 4 4.11 machines. ClamAV has been rock solid here for many months. I updated to 0.90 yesterday due to the security alert and so far so good. We also offer Sophos as an extra cost option due to its cost. Sophie and Sophos have never burped once in the 5 years we have used that combo. Highly recommended but not cheap. John Capo Tuffmail.com From owner-freebsd-isp@FreeBSD.ORG Mon Feb 19 17:29:18 2007 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 3E3AA16AA61 for ; Mon, 19 Feb 2007 17:29:18 +0000 (UTC) (envelope-from dgilbert@daveg.ca) Received: from ox.eicat.ca (ox.eicat.ca [66.96.30.35]) by mx1.freebsd.org (Postfix) with ESMTP id 0FEE813C441 for ; Mon, 19 Feb 2007 17:29:18 +0000 (UTC) (envelope-from dgilbert@daveg.ca) Received: by ox.eicat.ca (Postfix, from userid 66) id 11383D7D3; Mon, 19 Feb 2007 12:04:49 -0500 (EST) Received: by canoe.dclg.ca (Postfix, from userid 101) id 9350C61C8C; Mon, 19 Feb 2007 12:04:50 -0500 (EST) From: David Gilbert MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <17881.55474.548240.495464@canoe.dclg.ca> Date: Mon, 19 Feb 2007 12:04:50 -0500 To: jc@irbs.com In-Reply-To: <20070218184713.GA12199@exuma.irbs.com> References: <20070218184713.GA12199@exuma.irbs.com> X-Mailer: VM 7.17 under 21.4 (patch 19) "Constant Variable" XEmacs Lucid Cc: FreeBSD ISP Subject: Re: Clamav replacement for FreeBSD+postfix? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Feb 2007 17:29:18 -0000 >>>>> "John" == John Capo writes: John> Quoting Francisco Reyes (lists@stringsutils.com): >> Anyone using something other than Clamav in an busy FreeBSD+postfix >> environment for antivirus? >> >> Clamav freezes often. Reading archives, seems this is not so rare >> in FreeBSD. >> >> We even tried better machines, and gave Clamav more memory. That >> helped, but still seeing issues. >> >> This is for an ISP, so experiences on other ISPs or large setups >> (ie over 100,000 emails per day) would be most welcome. John> We scan 300,000 messages on a busy day with 4 4.11 machines. John> ClamAV has been rock solid here for many months. I updated to John> 0.90 yesterday due to the security alert and so far so good. John> We also offer Sophos as an extra cost option due to its cost. John> Sophie and Sophos have never burped once in the 5 years we have John> used that combo. Highly recommended but not cheap. I run spampd on some machines and amavis on others, but both use clamav for virus scanning. I can't say that I've had any problems that I've noticed. Most mailservers are running in the 100 to 500 messages a minute range. Dave. -- ============================================================================ |David Gilbert, Independent Contractor. | Two things can be | |Mail: dave@daveg.ca | equal if and only if they | |http://daveg.ca | are precisely opposite. | =========================================================GLO================ From owner-freebsd-isp@FreeBSD.ORG Mon Feb 19 20:08:59 2007 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id BE58D16C9F7 for ; Mon, 19 Feb 2007 20:08:59 +0000 (UTC) (envelope-from lists@stringsutils.com) Received: from zoraida.natserv.net (p65-147.acedsl.com [66.114.65.147]) by mx1.freebsd.org (Postfix) with ESMTP id 72A6613C428 for ; Mon, 19 Feb 2007 20:08:59 +0000 (UTC) (envelope-from lists@stringsutils.com) Received: from zoraida.natserv.net (localhost.natserv.net [127.0.0.1]) by zoraida.natserv.net (Postfix) with ESMTP id 904DEC2EC for ; Mon, 19 Feb 2007 15:08:58 -0500 (EST) Received: by zoraida.natserv.net (Postfix, from userid 58) id 52FE5C2E9; Mon, 19 Feb 2007 15:08:58 -0500 (EST) X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on zoraida.natserv.net X-Spam-Level: *** X-Spam-Status: No, score=3.3 required=4.0 tests=RCVD_IN_NOMOREFUNN,SPF_FAIL autolearn=disabled version=3.1.7 X-Spam-Report: * 1.3 SPF_FAIL SPF: sender does not match SPF record (fail) * [SPF failed: Please see http://www.openspf.org/why.html?sender=lists%40stringsutils.com&ip=71.249.233.130&receiver=zoraida.natserv.net] * 2.0 RCVD_IN_NOMOREFUNN RBL: Received via a relay in No More Funn block * list * [71.249.233.130 listed in no-more-funn.moensted.dk] Received: from 35st.simplicato.com (static-71-249-233-130.nycmny.east.verizon.net [71.249.233.130]) by zoraida.natserv.net (Postfix) with ESMTP id CD5F0C163; Mon, 19 Feb 2007 15:08:50 -0500 (EST) References: <200702172201.l1HM1BnR009915@lava.sentex.ca> Message-ID: X-Mailer: http://www.courier-mta.org/cone/ From: Francisco Reyes To: Mike Tancsa Date: Mon, 19 Feb 2007 15:08:49 -0500 Mime-Version: 1.0 Content-Type: text/plain; format=flowed; charset="US-ASCII" Content-Disposition: inline Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV using ClamSMTP Cc: freebsd-isp@freebsd.org Subject: Re: Clamav replacement for FreeBSD+postfix? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Feb 2007 20:08:59 -0000 Mike Tancsa writes: >>Great. That sound promissing. >>Is this with i386 or amd64? > > i386. clamav, spamassassin/mimedefang are all slower on amd64 Thanks for the feedback. How much memory on your machine(s)? Part of the reason I was thinking amd64 is because the servers have 4GB. Doesn't one need PAE at 4GB and above? We get our machines installed with FreeBSD and the vendor has been putting PAE on machines with 4GB, but I am wondering if it is even needed. > We were using the dev version and prev release version out of the > ports and have now switched to .90. I see a port for it now. Will give it a try. > .90. Changing to libthr makes it work just fine. Thanks again for all the feedback. From owner-freebsd-isp@FreeBSD.ORG Mon Feb 19 20:21:12 2007 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 7F76716CFD0 for ; Mon, 19 Feb 2007 20:21:12 +0000 (UTC) (envelope-from mike@sentex.net) Received: from smarthost1.sentex.ca (smarthost1.sentex.ca [64.7.153.18]) by mx1.freebsd.org (Postfix) with ESMTP id 402A813C47E for ; Mon, 19 Feb 2007 20:21:12 +0000 (UTC) (envelope-from mike@sentex.net) Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by smarthost1.sentex.ca (8.13.6/8.13.6) with ESMTP id l1JKLBUF027642; Mon, 19 Feb 2007 15:21:11 -0500 (EST) (envelope-from mike@sentex.net) Received: from mdt-xp.sentex.net (simeon.sentex.ca [192.168.43.27]) by lava.sentex.ca (8.13.6/8.13.3) with ESMTP id l1JKLAkQ021489 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 19 Feb 2007 15:21:10 -0500 (EST) (envelope-from mike@sentex.net) Message-Id: <200702192021.l1JKLAkQ021489@lava.sentex.ca> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Mon, 19 Feb 2007 15:19:19 -0500 To: Francisco Reyes From: Mike Tancsa In-Reply-To: References: <200702172201.l1HM1BnR009915@lava.sentex.ca> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Cc: freebsd-isp@freebsd.org Subject: Re: Clamav replacement for FreeBSD+postfix? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Feb 2007 20:21:12 -0000 At 03:08 PM 2/19/2007, Francisco Reyes wrote: >Mike Tancsa writes: > >>>Great. That sound promissing. >>>Is this with i386 or amd64? >>i386. clamav, spamassassin/mimedefang are all slower on amd64 > >Thanks for the feedback. >How much memory on your machine(s)? We have 7 machines doing spam and virus scanning for a number of client machines. We have 2G of RAM per machine which is enough so things do not swap. >Part of the reason I was thinking amd64 is because the servers have 4GB. >Doesn't one need PAE at 4GB and above? Why do you need so much per server to do spam/virus scanning ? If anything, leave the 4G inside but just boot with i386. It will waste a bit, but I am guessing better than using PAE e.g. here is one such 4G server we have. CPU: AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ (2210.20-MHz 686-class CPU) Origin = "AuthenticAMD" Id = 0x20fb1 Stepping = 1 Features=0x178bfbff Features2=0x1 AMD Features=0xe2500800 AMD Features2=0x3 Cores per package: 2 real memory = 3756916736 (3582 MB) avail memory = 3677523968 (3507 MB) ACPI APIC Table: >We get our machines installed with FreeBSD and the vendor has been >putting PAE on machines with 4GB, but I am wondering if it is even needed. I have never used (nor trusted) PAE. ---Mike From owner-freebsd-isp@FreeBSD.ORG Mon Feb 19 21:34:45 2007 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2A2CD16DCC7 for ; Mon, 19 Feb 2007 21:34:45 +0000 (UTC) (envelope-from lists@stringsutils.com) Received: from zoraida.natserv.net (p65-147.acedsl.com [66.114.65.147]) by mx1.freebsd.org (Postfix) with ESMTP id D420313C4A8 for ; Mon, 19 Feb 2007 21:34:44 +0000 (UTC) (envelope-from lists@stringsutils.com) Received: from zoraida.natserv.net (localhost.natserv.net [127.0.0.1]) by zoraida.natserv.net (Postfix) with ESMTP id 29C77C2EC for ; Mon, 19 Feb 2007 16:34:44 -0500 (EST) Received: by zoraida.natserv.net (Postfix, from userid 58) id C6668C2E6; Mon, 19 Feb 2007 16:34:43 -0500 (EST) X-Spam-Flag: YES X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on zoraida.natserv.net X-Spam-Level: **** X-Spam-Status: Yes, score=4.3 required=4.0 tests=RCVD_IN_FIVETENSRC, RCVD_IN_NOMOREFUNN,SPF_FAIL autolearn=disabled version=3.1.7 X-Spam-Report: * 1.3 SPF_FAIL SPF: sender does not match SPF record (fail) * [SPF failed: Please see http://www.openspf.org/why.html?sender=lists%40stringsutils.com&ip=71.249.233.130&receiver=zoraida.natserv.net] * 1.0 RCVD_IN_FIVETENSRC RBL: Received via a relay in Five Ten block list * [71.249.233.130 listed in blackholes.five-ten-sg.com] * 2.0 RCVD_IN_NOMOREFUNN RBL: Received via a relay in No More Funn block * list * [71.249.233.130 listed in no-more-funn.moensted.dk] Received: from 35st.simplicato.com (static-71-249-233-130.nycmny.east.verizon.net [71.249.233.130]) by zoraida.natserv.net (Postfix) with ESMTP id 01C27C163; Mon, 19 Feb 2007 16:34:39 -0500 (EST) References: <20070218184713.GA12199@exuma.irbs.com> Message-ID: X-Mailer: http://www.courier-mta.org/cone/ From: Francisco Reyes To: jc@irbs.com Date: Mon, 19 Feb 2007 16:34:39 -0500 Mime-Version: 1.0 Content-Type: text/plain; format=flowed; charset="US-ASCII" Content-Disposition: inline Content-Transfer-Encoding: 7bit X-Spam-Prev-Subject: Re: Clamav replacement for FreeBSD+postfix? X-Virus-Scanned: ClamAV using ClamSMTP Cc: FreeBSD ISP Subject: *****SPAM***** Re: Clamav replacement for FreeBSD+postfix? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Feb 2007 21:34:45 -0000 John Capo writes: > We also offer Sophos as an extra cost option due to its cost. Sophie > and Sophos have never burped once in the 5 years we have used that > combo. Highly recommended but not cheap. Thanks for the pointer. Started to look into Sophos. Will make a point to get pricing/info on it. Do you use it in conjunction with ClamAv or as a standalone? From owner-freebsd-isp@FreeBSD.ORG Mon Feb 19 21:45:57 2007 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 8679516DF6B for ; Mon, 19 Feb 2007 21:45:57 +0000 (UTC) (envelope-from lists@stringsutils.com) Received: from zoraida.natserv.net (p65-147.acedsl.com [66.114.65.147]) by mx1.freebsd.org (Postfix) with ESMTP id 39D8513C442 for ; Mon, 19 Feb 2007 21:45:57 +0000 (UTC) (envelope-from lists@stringsutils.com) Received: from zoraida.natserv.net (localhost.natserv.net [127.0.0.1]) by zoraida.natserv.net (Postfix) with ESMTP id 75D14C2E9 for ; Mon, 19 Feb 2007 16:45:56 -0500 (EST) Received: by zoraida.natserv.net (Postfix, from userid 58) id F3FE8C2E3; Mon, 19 Feb 2007 16:45:55 -0500 (EST) X-Spam-Flag: YES X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) on zoraida.natserv.net X-Spam-Level: **** X-Spam-Status: Yes, score=4.3 required=4.0 tests=RCVD_IN_FIVETENSRC, RCVD_IN_NOMOREFUNN,SPF_FAIL autolearn=disabled version=3.1.7 X-Spam-Report: * 1.3 SPF_FAIL SPF: sender does not match SPF record (fail) * [SPF failed: Please see http://www.openspf.org/why.html?sender=lists%40stringsutils.com&ip=71.249.233.130&receiver=zoraida.natserv.net] * 1.0 RCVD_IN_FIVETENSRC RBL: Received via a relay in Five Ten block list * [71.249.233.130 listed in blackholes.five-ten-sg.com] * 2.0 RCVD_IN_NOMOREFUNN RBL: Received via a relay in No More Funn block * list * [71.249.233.130 listed in no-more-funn.moensted.dk] Received: from 35st.simplicato.com (static-71-249-233-130.nycmny.east.verizon.net [71.249.233.130]) by zoraida.natserv.net (Postfix) with ESMTP id 153A7C163; Mon, 19 Feb 2007 16:45:53 -0500 (EST) References: <200702172201.l1HM1BnR009915@lava.sentex.ca> <200702192021.l1JKLAkQ021489@lava.sentex.ca> Message-ID: X-Mailer: http://www.courier-mta.org/cone/ From: Francisco Reyes To: Mike Tancsa Date: Mon, 19 Feb 2007 16:45:51 -0500 Mime-Version: 1.0 Content-Type: text/plain; format=flowed; charset="US-ASCII" Content-Disposition: inline Content-Transfer-Encoding: 7bit X-Spam-Prev-Subject: Re: Clamav replacement for FreeBSD+postfix? X-Virus-Scanned: ClamAV using ClamSMTP Cc: freebsd-isp@freebsd.org Subject: *****SPAM***** Re: Clamav replacement for FreeBSD+postfix? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Feb 2007 21:45:57 -0000 Mike Tancsa writes: > Why do you need so much per server to do spam/virus scanning ? At several point in times (ie different clamav versions) clamav was using more than 512MB and causing all kinds of problems because of FreeBSD's default 512MB limit. We bumped the per program limit to 1.5MB and so far clamav has not exceeded that. > Cores per package: 2 > real memory = 3756916736 (3582 MB) > avail memory = 3677523968 (3507 MB) > ACPI APIC Table: > > >>We get our machines installed with FreeBSD and the vendor has been >>putting PAE on machines with 4GB, but I am wondering if it is even needed. > > I have never used (nor trusted) PAE. May try that for the next machine. I don't think I have ever seen a good comment on PAE, although haven't tried too hard either. If clamav had not crashed so often until we increased the max ram per program to 1.5GB, we probably would have gone with 2GB machines. I don't think it was that much price difference so rather have the extra and not use it than to have too little. From owner-freebsd-isp@FreeBSD.ORG Mon Feb 19 22:31:51 2007 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id E484016E521 for ; Mon, 19 Feb 2007 22:31:51 +0000 (UTC) (envelope-from mike@sentex.net) Received: from smarthost2.sentex.ca (smarthost2.sentex.ca [205.211.164.50]) by mx1.freebsd.org (Postfix) with ESMTP id 93B3513C48D for ; Mon, 19 Feb 2007 22:31:51 +0000 (UTC) (envelope-from mike@sentex.net) Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by smarthost2.sentex.ca (8.13.8/8.13.8) with ESMTP id l1JMVovL080191; Mon, 19 Feb 2007 17:31:50 -0500 (EST) (envelope-from mike@sentex.net) Received: from mdt-xp.sentex.net (simeon.sentex.ca [192.168.43.27]) by lava.sentex.ca (8.13.6/8.13.3) with ESMTP id l1JMVoWG022055 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 19 Feb 2007 17:31:50 -0500 (EST) (envelope-from mike@sentex.net) Message-Id: <200702192231.l1JMVoWG022055@lava.sentex.ca> X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Mon, 19 Feb 2007 17:29:59 -0500 To: Francisco Reyes From: Mike Tancsa In-Reply-To: References: <200702172201.l1HM1BnR009915@lava.sentex.ca> <200702192021.l1JKLAkQ021489@lava.sentex.ca> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Cc: freebsd-isp@freebsd.org Subject: Re: Re: Clamav replacement for FreeBSD+postfix? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Feb 2007 22:31:52 -0000 At 04:45 PM 2/19/2007, Francisco Reyes wrote: >Mike Tancsa writes: > >>Why do you need so much per server to do spam/virus scanning ? > >At several point in times (ie different clamav versions) clamav was >using more than 512MB and causing all kinds of problems because of >FreeBSD's default 512MB limit. We bumped the per program limit to >1.5MB and so far clamav has not exceeded that. Strange, our daemons dont grow that large. Are you using LDAP lookups or something like that compiled against it ? Looking at one box, running a dev version % clamd --version ClamAV devel-20070124/2607/Mon Feb 19 12:56:34 2007 Started Jan24th, its only at 119MB Its done about 94K messages today It usually hovers around 5-8 threads, depending on the time of day. Right now % ps -auxwwwH -p 13422 USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND clamav 13422 7.7 5.6 119460 116084 ?? Ss 24Jan07 8019:23.77 /usr/local/sbin/clamd clamav 13422 5.7 5.6 119460 116084 ?? Ss 24Jan07 8019:23.77 /usr/local/sbin/clamd clamav 13422 4.3 5.6 119460 116084 ?? Ss 24Jan07 8019:23.77 /usr/local/sbin/clamd clamav 13422 0.9 5.6 119460 116084 ?? Ss 24Jan07 8019:23.77 /usr/local/sbin/clamd clamav 13422 0.0 5.6 119460 116084 ?? Ss 24Jan07 8019:23.77 /usr/local/sbin/clamd clamav 13422 0.0 5.6 119460 116084 ?? Ss 24Jan07 8019:23.77 /usr/local/sbin/clamd % ldd /usr/local/sbin/clamd /usr/local/sbin/clamd: libclamav.so.1 => /usr/local/lib/libclamav.so.1 (0x28085000) libz.so.3 => /lib/libz.so.3 (0x280e6000) libbz2.so.2 => /usr/lib/libbz2.so.2 (0x280f7000) libgmp.so.7 => /usr/local/lib/libgmp.so.7 (0x28108000) libpthread.so.2 => /usr/lib/libthr.so.2 (0x28136000) libc.so.6 => /lib/libc.so.6 (0x28148000) and a version .90 started last Friday shows 74MB of mem usage. ---Mike From owner-freebsd-isp@FreeBSD.ORG Tue Feb 20 01:21:59 2007 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C46A6170F47 for ; Tue, 20 Feb 2007 01:21:59 +0000 (UTC) (envelope-from jc@irbs.com) Received: from mxout-04.mxes.net (mxout-04.mxes.net [216.86.168.179]) by mx1.freebsd.org (Postfix) with ESMTP id 9AF0B13C441 for ; Tue, 20 Feb 2007 01:21:59 +0000 (UTC) (envelope-from jc@irbs.com) Received: from exuma.irbs.com (exuma.irbs.com [216.86.160.225]) by mxout-04.mxes.net (Postfix) with ESMTP id CC17FA321B; Mon, 19 Feb 2007 20:21:58 -0500 (EST) Received: by exuma.irbs.com (Postfix, from userid 2500) id 2871CBA95; Mon, 19 Feb 2007 20:21:58 -0500 (EST) Date: Mon, 19 Feb 2007 20:21:58 -0500 From: John Capo To: FreeBSD ISP Message-ID: <20070220012158.GJ28794@exuma.irbs.com> References: <20070218184713.GA12199@exuma.irbs.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.2i Subject: Re: *****SPAM***** Re: Clamav replacement for FreeBSD+postfix? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: jc@irbs.com List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Feb 2007 01:22:00 -0000 Quoting Francisco Reyes (lists@stringsutils.com): > John Capo writes: > > >We also offer Sophos as an extra cost option due to its cost. Sophie > >and Sophos have never burped once in the 5 years we have used that > >combo. Highly recommended but not cheap. > > Thanks for the pointer. > Started to look into Sophos. Will make a point to get pricing/info on it. > > Do you use it in conjunction with ClamAv or as a standalone? If the customer account has Sophos enabled, the mail will be scanned with ClamAV and Sophos. The interface to both is based on the amavisd-lite package. John From owner-freebsd-isp@FreeBSD.ORG Wed Feb 21 19:34:08 2007 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id BE7EE16AB9E for ; Wed, 21 Feb 2007 19:34:08 +0000 (UTC) (envelope-from charles@hatvany.com) Received: from seventy.hatvany.com (seventy.hatvany.com [67.100.200.7]) by mx1.freebsd.org (Postfix) with ESMTP id 7E8F313C4BB for ; Wed, 21 Feb 2007 19:34:08 +0000 (UTC) (envelope-from charles@hatvany.com) Received: from [127.0.0.1] ([10.0.0.2]) by seventy.hatvany.com (8.13.1/8.13.1) with ESMTP id l1LJBwFl017690 for ; Wed, 21 Feb 2007 14:11:59 -0500 (EST) (envelope-from charles@hatvany.com) Message-ID: <45DC99F1.3090908@hatvany.com> Date: Wed, 21 Feb 2007 14:13:53 -0500 From: Charles Hatvany User-Agent: Thunderbird 1.5.0.9 (Windows/20061207) MIME-Version: 1.0 To: freebsd-isp@freebsd.org Content-Type: multipart/mixed; boundary="------------030100060103030504010803" X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Separating users so they do not see each others's directories in FreeBSD X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Feb 2007 19:34:08 -0000 This is a multi-part message in MIME format. --------------030100060103030504010803 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Hi, Sorry to ask such a simple question, but I need to separate several users, so they cannot even see each other's directories. All will have significant data on the same server in different directory trees. What is the easiest way to accomplish this? Jails seem like a lot of work, but if that is the only way... Thanks in advance. Charles Hatvany --------------030100060103030504010803-- From owner-freebsd-isp@FreeBSD.ORG Wed Feb 21 20:31:01 2007 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2517816A401 for ; Wed, 21 Feb 2007 20:31:01 +0000 (UTC) (envelope-from simon@zaphod.nitro.dk) Received: from mx.nitro.dk (zarniwoop.nitro.dk [83.92.207.38]) by mx1.freebsd.org (Postfix) with ESMTP id DB3A413C474 for ; Wed, 21 Feb 2007 20:31:00 +0000 (UTC) (envelope-from simon@zaphod.nitro.dk) Received: from zaphod.nitro.dk (unknown [192.168.3.39]) by mx.nitro.dk (Postfix) with ESMTP id F31782D5B31; Wed, 21 Feb 2007 20:12:54 +0000 (UTC) Received: by zaphod.nitro.dk (Postfix, from userid 3000) id F174111434; Wed, 21 Feb 2007 21:12:54 +0100 (CET) Date: Wed, 21 Feb 2007 21:12:54 +0100 From: "Simon L. Nielsen" To: Charles Hatvany Message-ID: <20070221201254.GA976@zaphod.nitro.dk> References: <45DC99F1.3090908@hatvany.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <45DC99F1.3090908@hatvany.com> User-Agent: Mutt/1.5.11 Cc: freebsd-isp@freebsd.org Subject: Re: Separating users so they do not see each others's directories in FreeBSD X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Feb 2007 20:31:01 -0000 On 2007.02.21 14:13:53 -0500, Charles Hatvany wrote: > Hi, > > Sorry to ask such a simple question, but I need to separate several > users, so they cannot even see each other's directories. All will have > significant data on the same server in different directory trees. What > is the easiest way to accomplish this? Jails seem like a lot of work, > but if that is the only way... chmod 700 on the directories? -- Simon L. Nielsen From owner-freebsd-isp@FreeBSD.ORG Wed Feb 21 21:30:34 2007 Return-Path: X-Original-To: freebsd-isp@freebsd.org Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id B178F16A400 for ; Wed, 21 Feb 2007 21:30:34 +0000 (UTC) (envelope-from slogster@gmail.com) Received: from smtp.studnetz.uni-leipzig.de (smtp.studnetz.uni-leipzig.de [139.18.143.252]) by mx1.freebsd.org (Postfix) with ESMTP id 426DE13C48E for ; Wed, 21 Feb 2007 21:30:34 +0000 (UTC) (envelope-from slogster@gmail.com) Received: from localhost (localhost [127.0.0.1]) by smtp.studnetz.uni-leipzig.de (Postfix) with ESMTP id AFC88203 for ; Wed, 21 Feb 2007 21:57:14 +0100 (CET) X-Virus-Scanned: by amavisd-new at studnetz-ul Received: from smtp.studnetz.uni-leipzig.de ([127.0.0.1]) by localhost (smtp.studnetz.uni-leipzig.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kPBqovt1jI6h for ; Wed, 21 Feb 2007 21:57:14 +0100 (CET) Received: from a144026.studnetz.uni-leipzig.de (a144026.studnetz.uni-leipzig.de [139.18.144.26]) by smtp.studnetz.uni-leipzig.de (Postfix) with ESMTP id 9260A1FF for ; Wed, 21 Feb 2007 21:57:14 +0100 (CET) From: Momchil Ivanov To: freebsd-isp@freebsd.org Date: Wed, 21 Feb 2007 21:57:02 +0100 User-Agent: KMail/1.9.4 References: <45DC99F1.3090908@hatvany.com> In-Reply-To: <45DC99F1.3090908@hatvany.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1446406.H8cVSA7rjH"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200702212157.12982.slogster@gmail.com> Subject: Re: Separating users so they do not see each others's directories in FreeBSD X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: slogster@gmail.com List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Feb 2007 21:30:34 -0000 --nextPart1446406.H8cVSA7rjH Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline =D0=9D=D0=B0 21.2.2007 20:13 Charles Hatvany =D0=BF=D0=B8=D1=88=D0=B5: > Hi, > > Sorry to ask such a simple question, but I need to separate several > users, so they cannot even see each other's directories. All will have > significant data on the same server in different directory trees. What > is the easiest way to accomplish this? Jails seem like a lot of work, > but if that is the only way... > > Thanks in advance. > > Charles Hatvany The solution here depends on how to define: "they cannot even see each othe= r's=20 directories". You can use the following scenario: foo/ user1/ ... userN/ You can set foo`s ownership to root:wheel and perms to 711, so that everyon= e=20 can 'cd' to foo/, but only root can see what`s inside. Then set perms 700 f= or=20 every userdir (assuming every userdir is owned by different user). So what= =20 you get is: advantages: 1) every user can use it`s own directory 2) users are not aware of what`s inside foo/ (other users' dirs) disadvantages: 3) one can always open /etc/passwd and see what the other user's home dir = is,=20 though not being able to 'cd' to it or read its content 4) bruteforce is possible for finding out what`s inside foo/ If that`s what you are looking for, go for it. Using jails is also not a ba= d=20 idea, but it depends on what kind of service you will be providing your use= rs=20 with. =2D-=20 This correspondence is strictly confidential. Any screening, filtering and/or production for the purpose of public or otherwise disclosure is forbidden without written permission by the author signed above. If you are not the intended recipient, please immediately notify the sender and permanently delete any copies PGP KeyID: 0x3118168B Keyserver: pgp.mit.edu Key fingerprint BB50 2983 0714 36DC D02E 158A E03D 56DA 3118 168B --nextPart1446406.H8cVSA7rjH Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQBF3LIo4D1W2jEYFosRAoEUAJ4p/rNPpUPWfpLCyiKRB3lyNpe9hwCfSV45 Q4AwXhhkaaY7S4KFsmN0dUw= =fPqy -----END PGP SIGNATURE----- --nextPart1446406.H8cVSA7rjH--