On Sat, Sep 17, 2005 at 12:17:50PM -0700, OpenMacNews said: > > hi all, > > a general question ... > > i've clamd 0.87 running on the same box (OSX 10.4.2) as its caller > (currently, Exim 4.53RC1's Exiscan). > > my clamd listener options are: > > (1) clamd local unix socket > (2) clamd on 127.0.0.1 > (3) clamd on 10.0.0.6 (<-- LAN ip) > > what's the general reasoning for choosing one over the other? are the > significant performance/security variances among the options? > > currently, i simply use (2), under the assumption that 'someday' i may move > clamd to a different box, and changing 'everything' to support (3) should > be relatively easy ... > > i'm still slogging through the manual & wiki, but have not (yet!) found a > relevant section ... > > thoughts/comments? > > thx! > > richard
You cannot use exiscan with a remote clamd. Exiscan's clamd interface code connexcts to the socket, and isssues SCAN /path/to/email It does not use the STREAM command, so it will fail on a remote host (unless you do somethign like NFS mount the spool directory). So, all that being said, unix and tcp sockets are very similar in terms of speed and performance. One advantage of unix sockets is that you can filesystem acl's to protect them, but there are things you can do with firewalling that approximate the protections allowed by the filesystem. They are a bit less trivial to set up, and I have no idea if they are supported under OS X. -- -------------------------------------------------------------------------- | Stephen Gran | Wilner's Observation: All | | [EMAIL PROTECTED] | conversations with a potato should be | | http://www.lobefin.net/~steve | conducted in private. | --------------------------------------------------------------------------
signature.asc
Description: Digital signature
_______________________________________________ http://lurker.clamav.net/list/clamav-users.html
