Date: Thu, 15 Feb 2007 12:27:55 -0600 From: Eric Anderson <anderson@freebsd.org> To: Francisco Reyes <lists@stringsutils.com> Cc: FreeBSD ISP <freebsd-isp@freebsd.org>, Oliver Brandmueller <ob@e-Gitt.NET> Subject: Re: Clamav replacement for FreeBSD+postfix? Message-ID: <45D4A62B.9030109@freebsd.org> In-Reply-To: <cone.1171563142.426523.55347.1000@zoraida.natserv.net> References: <cone.1171556679.453588.55347.1000@zoraida.natserv.net> <20070215174129.GB20210@e-Gitt.NET> <cone.1171563142.426523.55347.1000@zoraida.natserv.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 02/15/07 12:12, Francisco Reyes wrote: > Oliver Brandmueller writes: > >> We're using clamav (clamd, together with exim) in our setup. Our setup >> consisting of currently four servers assigned to this task is processing >> around one million deliveries per day, around 3.5 million rejects in the > > :-) > You get less spam than we do. > We also get around 4 Million emails per day, but only about 500K are > accepted. (last I checked.. may be more volume now) > > >> clamd processes, but for several months this setup is quite stable now. > > I had one machine that had been stable for months. Yesterday it just simply > stopped working. Upgraded to the latest clamav. Even worse. Copied another > version (older) from another machine. Working again. > >> We're using FreeBSD 6, amd64. Servers have 4 GB of RAM, we needed to > > We are using FreeBSD 6 i386. > Do you see better perfomance on the amd64 branch for this type of work? > >> tune a bit in the config files of clamd so that it's leveld fine with >> our load. > > Hm.. that config file is not that big. What variables did you set that were > helpfull? In particular no matter what I do I never see more than 4 threads > running. > >> Also we use it successfully with libthr instead of libpthred >> (through libmap.conf). > > What was the procedure for that? Any pointers to docs appreciated. > I am looking at /etc/libmap.conf, is it just an entry there? > Wouldn't that be global? So all programs in the machine will use libthr > instead of libpthred? > >> At least for a recent 6-STABLE, recent clamav and the given configs I >> cannot agree with you on missing stability. > > Only thing I have not tried is amd64 and libthr. > > However I am wondering if a process based virus scanner exists. > Going over ports I see a handfull of virus scanners. I guess I will have to > setup a test machine and try them. > > I suspsect the issue is FreeBSD's thread support, so your suggested thread > library change may help until we find a process based antivirus (if there > is one that works well with FreeBSD). You can specify a lib mapping for a particular tool. See libmap.conf(5) - here's the EXAMPLES section: EXAMPLES # /etc/libmap.conf # # candidate mapping # libc_r.so.6 libpthread.so.2 # Everything that uses 'libc_r' libc_r.so libpthread.so # now uses 'libpthread' [/tmp/mplayer] # Test version of mplayer uses libc_r libpthread.so.2 libc_r.so.6 libpthread.so libc_r.so [/usr/local/jdk1.4.1/] # All Java 1.4.1 programs use libthr # This works because "javavms" executes # programs with the full pathname libpthread.so.2 libthr.so.2 libpthread.so libthr.so # Glue for Linux-only EPSON printer .so to be loaded into cups, etc. [/usr/local/lib/pips/libsc80c.so] libc.so.6 pluginwrapper/pips.so libdl.so.2 pluginwrapper/pips.so Eric
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45D4A62B.9030109>