Christopher X. Candreva wrote:
On Sat, 30 Dec 2006, Sander Holthaus wrote:
There is no point in using a malformed database and could even spell
disaster. (Imagine it starts generating FP's en masse, which could be
a side effect of a corrupted database).
Having clam die spells disaster. If you've set your system to tempfail on
clam failure, you can't receive mail until it is fixed. If you accept mail
unscanned, you could infect your users, start spreading viruses, and have a
big clean-up job.
For a mission critical environment, it seems like the better behavior
would be:
1) keep the previous db
2) download the new db
3) if the new db is bad, throw an error in the logs/stdout, and keep
functioning propperly on the old db
4) if the new db is good, move it over to the old db's location and
start using it.
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html