Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 15 Feb 2007 12:27:55 -0600
From:      Eric Anderson <anderson@freebsd.org>
To:        Francisco Reyes <lists@stringsutils.com>
Cc:        FreeBSD ISP <freebsd-isp@freebsd.org>, Oliver Brandmueller <ob@e-Gitt.NET>
Subject:   Re: Clamav replacement for FreeBSD+postfix?
Message-ID:  <45D4A62B.9030109@freebsd.org>
In-Reply-To: <cone.1171563142.426523.55347.1000@zoraida.natserv.net>
References:  <cone.1171556679.453588.55347.1000@zoraida.natserv.net>	<20070215174129.GB20210@e-Gitt.NET> <cone.1171563142.426523.55347.1000@zoraida.natserv.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On 02/15/07 12:12, Francisco Reyes wrote:
> Oliver Brandmueller writes:
> 
>> We're using clamav (clamd, together with exim) in our setup. Our setup 
>> consisting of currently four servers assigned to this task is processing 
>> around one million deliveries per day, around 3.5 million rejects in the 
> 
> :-)
> You get less spam than we do.
> We also get around 4 Million emails per day, but only about 500K are 
> accepted. (last I checked.. may be more volume now)
> 
> 
>> clamd processes, but for several months this setup is quite stable now. 
> 
> I had one machine that had been stable for months. Yesterday it just simply 
> stopped working. Upgraded to the latest clamav. Even worse. Copied another 
> version (older) from another machine. Working again.
> 
>> We're using FreeBSD 6, amd64. Servers have 4 GB of RAM, we needed to 
> 
> We are using FreeBSD 6 i386.
> Do you see better perfomance on the amd64 branch for this type of work?
> 
>> tune a bit in the config files of clamd so that it's leveld fine with 
>> our load.
> 
> Hm.. that config file is not that big. What variables did you set that were 
> helpfull? In particular no matter what I do I never see more than 4 threads 
> running.
> 
>>  Also we use it successfully with libthr instead of libpthred 
>> (through libmap.conf).
> 
> What was the procedure for that? Any pointers to docs appreciated.
> I am looking at /etc/libmap.conf, is it just an entry there?
> Wouldn't that be global? So all programs in the machine will use libthr 
> instead of libpthred?
> 
>> At least for a recent 6-STABLE, recent clamav and the given configs I 
>> cannot agree with you on missing stability.
> 
> Only thing I have not tried is amd64 and libthr.
> 
> However I am wondering if a process based virus scanner exists.
> Going over ports I see a handfull of virus scanners. I guess I will have to 
> setup a test machine and try them.
> 
> I suspsect the issue is FreeBSD's thread support, so your suggested thread 
> library  change may help until we find a process based antivirus (if there 
> is one that works well with FreeBSD). 

You can specify a lib mapping for a particular tool.  See libmap.conf(5) 
- here's the EXAMPLES section:


EXAMPLES
      # /etc/libmap.conf
      #
      # candidate             mapping
      #
      libc_r.so.6             libpthread.so.2 # Everything that uses 
'libc_r'
      libc_r.so               libpthread.so   # now uses 'libpthread'

      [/tmp/mplayer]          # Test version of mplayer uses libc_r
      libpthread.so.2         libc_r.so.6
      libpthread.so           libc_r.so

      [/usr/local/jdk1.4.1/]  # All Java 1.4.1 programs use libthr
                              # This works because "javavms" executes
                              # programs with the full pathname
      libpthread.so.2         libthr.so.2
      libpthread.so           libthr.so

      # Glue for Linux-only EPSON printer .so to be loaded into cups, etc.
      [/usr/local/lib/pips/libsc80c.so]
      libc.so.6               pluginwrapper/pips.so
      libdl.so.2              pluginwrapper/pips.so



Eric





Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45D4A62B.9030109>