Date: Thu, 15 Feb 2007 12:27:55 -0600 From: Eric Anderson <anderson@freebsd.org> To: Francisco Reyes <lists@stringsutils.com> Cc: FreeBSD ISP <freebsd-isp@freebsd.org>, Oliver Brandmueller <ob@e-Gitt.NET> Subject: Re: Clamav replacement for FreeBSD+postfix? Message-ID: <45D4A62B.9030109@freebsd.org> In-Reply-To: <cone.1171563142.426523.55347.1000@zoraida.natserv.net> References: <cone.1171556679.453588.55347.1000@zoraida.natserv.net> <20070215174129.GB20210@e-Gitt.NET> <cone.1171563142.426523.55347.1000@zoraida.natserv.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 02/15/07 12:12, Francisco Reyes wrote:
> Oliver Brandmueller writes:
>
>> We're using clamav (clamd, together with exim) in our setup. Our setup
>> consisting of currently four servers assigned to this task is processing
>> around one million deliveries per day, around 3.5 million rejects in the
>
> :-)
> You get less spam than we do.
> We also get around 4 Million emails per day, but only about 500K are
> accepted. (last I checked.. may be more volume now)
>
>
>> clamd processes, but for several months this setup is quite stable now.
>
> I had one machine that had been stable for months. Yesterday it just simply
> stopped working. Upgraded to the latest clamav. Even worse. Copied another
> version (older) from another machine. Working again.
>
>> We're using FreeBSD 6, amd64. Servers have 4 GB of RAM, we needed to
>
> We are using FreeBSD 6 i386.
> Do you see better perfomance on the amd64 branch for this type of work?
>
>> tune a bit in the config files of clamd so that it's leveld fine with
>> our load.
>
> Hm.. that config file is not that big. What variables did you set that were
> helpfull? In particular no matter what I do I never see more than 4 threads
> running.
>
>> Also we use it successfully with libthr instead of libpthred
>> (through libmap.conf).
>
> What was the procedure for that? Any pointers to docs appreciated.
> I am looking at /etc/libmap.conf, is it just an entry there?
> Wouldn't that be global? So all programs in the machine will use libthr
> instead of libpthred?
>
>> At least for a recent 6-STABLE, recent clamav and the given configs I
>> cannot agree with you on missing stability.
>
> Only thing I have not tried is amd64 and libthr.
>
> However I am wondering if a process based virus scanner exists.
> Going over ports I see a handfull of virus scanners. I guess I will have to
> setup a test machine and try them.
>
> I suspsect the issue is FreeBSD's thread support, so your suggested thread
> library change may help until we find a process based antivirus (if there
> is one that works well with FreeBSD).
You can specify a lib mapping for a particular tool. See libmap.conf(5)
- here's the EXAMPLES section:
EXAMPLES
# /etc/libmap.conf
#
# candidate mapping
#
libc_r.so.6 libpthread.so.2 # Everything that uses
'libc_r'
libc_r.so libpthread.so # now uses 'libpthread'
[/tmp/mplayer] # Test version of mplayer uses libc_r
libpthread.so.2 libc_r.so.6
libpthread.so libc_r.so
[/usr/local/jdk1.4.1/] # All Java 1.4.1 programs use libthr
# This works because "javavms" executes
# programs with the full pathname
libpthread.so.2 libthr.so.2
libpthread.so libthr.so
# Glue for Linux-only EPSON printer .so to be loaded into cups, etc.
[/usr/local/lib/pips/libsc80c.so]
libc.so.6 pluginwrapper/pips.so
libdl.so.2 pluginwrapper/pips.so
Eric
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45D4A62B.9030109>