-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Michael Heiming wrote:
| Tests show pretty bad performance with 0.90.2 and clamscan. Running | Mailscanner it seems not trivial to switch to clamd, It is trivial, just change lib/clamav-wrapper and lib/MailScanner/SweepViruses.pm; I include my changes at the end. | which might although have other shortcomings in terms of Mailscanner not | knowing if it is running. It's not MS job to keep clamd running, that's what the programs in clamav's contrib directory are for. | The patch provided on the clamav-devel list seems to improve things, though | it is still to slow for real load. MS recommends using clamavmodule, the only way you can compete in performance with that is using clamdscan. | http://www.gossamer-threads.com/lists/clamav/devel/30795 | | Best regards | | BTW 0.90.1 isn't that much faster, iirc 0.88.x worked much better. These are the changes to MailScanner-4.58.9 for using clamd/clamdscan, I don't let MS do freshclam's job (i.e. I don't run update_virus_scanners), and I do run clamdmon. $ diff -Naur clamav-wrapper.orig clamav-wrapper - --- clamav-wrapper.orig 2007-02-14 18:15:05.984375000 -0600 +++ clamav-wrapper 2007-02-16 15:00:32.796875000 -0600 @@ -71,28 +71,28 @@ ~ # Common external unpackers you probably have installed (hence ~ # enabled by default) ~ # Uncomment ONE of the following lines if you have unzip installed - -ExtraScanOptions="$ExtraScanOptions --unzip" +#ExtraScanOptions="$ExtraScanOptions --unzip" ~ #ExtraScanOptions="$ExtraScanOptions --unzip=/path/to/unzip" ~ # Uncomment ONE of the following lines if you have unzip installed ~ # And want to be able to use it to scan jar files should the internal ~ # unzipper fail - -ExtraScanOptions="$ExtraScanOptions --jar" +#ExtraScanOptions="$ExtraScanOptions --jar" ~ #ExtraScanOptions="$ExtraScanOptions --jar=/path/to/unzip" ~ # Uncomment ONE of the following lines if you have tar installed - -ExtraScanOptions="$ExtraScanOptions --tar" +#ExtraScanOptions="$ExtraScanOptions --tar" ~ #ExtraScanOptions="$ExtraScanOptions --tar=/path/to/tar" ~ # Uncomment ONE of the following lines if you have tar installed ~ # AND it is GNU tar with gzip support - -ExtraScanOptions="$ExtraScanOptions --tgz" +#ExtraScanOptions="$ExtraScanOptions --tgz" ~ #ExtraScanOptions="$ExtraScanOptions --tgz=/path/to/tar" ~ # Uncomment ONE of the following lines if you have tar installed and ~ # want to scan debian .deb packages ~ # Must be GNU tar with gzip support - -ExtraScanOptions="$ExtraScanOptions --deb" +#ExtraScanOptions="$ExtraScanOptions --deb" ~ #ExtraScanOptions="$ExtraScanOptions --deb=/path/to/tar" ~ # LESS COMMON unpackers, which probably aren't installed by default @@ -118,12 +118,12 @@ ~ #ExtraScanOptions="$ExtraScanOptions --zoo=/path/to/unzoo" ~ # Now increase the allowed expansion size of zip files - -ExtraScanOptions="$ExtraScanOptions --max-ratio=500" +#ExtraScanOptions="$ExtraScanOptions --max-ratio=500" ~ # Uncomment next line if you need to disable Clam's DoS protection ~ #ExtraScanOptions="--max-files=0 --max-space=0 --max-recursion=0 $ExtraScanOptions" - -ClamScan=$1/bin/clamscan +ClamScan=$1/bin/clamdscan ~ shift ~ if [ ! -x $ClamScan ]; then @@ -140,34 +140,34 @@ ~ export PATH ~ # Check if the tmpdir exists, if so delete so we start with a clean slate - -if [ -x "${TempDir}" ]; then - - rm -rf ${TempDir} >/dev/null 2>&1 - -fi +##if [ -x "${TempDir}" ]; then +## rm -rf ${TempDir} >/dev/null 2>&1 +##fi ~ # Make the Temp dir - -umask 0077 - -mkdir "${TempDir}" >/dev/null 2>&1 +##umask 0077 +##mkdir "${TempDir}" >/dev/null 2>&1 ~ # In case we get interupted.... - -trap "rm -rf ${TempDir}" EXIT +##trap "rm -rf ${TempDir}" EXIT - -if [ $? ]; then - - ExtraScanOptions="$ExtraScanOptions --tempdir=${TempDir}" +##if [ $? ]; then +## ExtraScanOptions="$ExtraScanOptions --tempdir=${TempDir}" ~ # If we are root chown it to the clamav user/group - - if [ `whoami` = "root" ]; then - - chown ${ClamUser}:${ClamGroup} "${TempDir}" - - fi - - fi +## if [ `whoami` = "root" ]; then +## chown ${ClamUser}:${ClamGroup} "${TempDir}" +## fi +## fi ~ $ClamScan $ExtraScanOptions $ScanOptions "$@" ~ retval=$? ~ #Clean up the temp directory - -if [ -x "${TempDir}" ]; then - - rm -rf ${TempDir} - -fi - -trap '' EXIT +##if [ -x "${TempDir}" ]; then +## rm -rf ${TempDir} +##fi +##trap '' EXIT ~ if [ "$retval" = "40" ]; then ~ # Clam complained we passed an illegal command-line option $ diff -Naur MailScanner/SweepViruses.pm.orig MailScanner/SweepViruses.pm - --- MailScanner/SweepViruses.pm.orig 2007-02-14 18:23:59.515625000 -0600 +++ MailScanner/SweepViruses.pm 2007-02-16 19:07:04.609375000 -0600 @@ -293,7 +293,7 @@ ~ "clamav" => { ~ Name => 'ClamAV', ~ Lock => 'ClamAVBusy.lock', - - CommonOptions => '-r --disable-summary --stdout', + CommonOptions => '--no-summary --stdout', ~ DisinfectOptions => '', ~ ScanOptions => '', ~ InitParser => \&InitClamAVParser, @@ -442,7 +442,7 @@ ~ if (grep /^clamav$/, @scanners) { ~ my $rarcmd = MailScanner::Config::Value('unrarcommand'); ~ if ($rarcmd && -x $rarcmd) { - - $Scanners{clamav}->{CommonOptions} .= " --unrar=$rarcmd"; +## $Scanners{clamav}->{CommonOptions} .= " --unrar=$rarcmd"; ~ MailScanner::Log::InfoLog("ClamAV scanner using unrar command %s", ~ $rarcmd); ~ } - -- René Berber -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (Cygwin) iD8DBQFGLQU2L3NNweKTRgwRCAMyAKDuqqW3eP9WkN9U9/E90I8RXw1BwwCgyrMG idt1TGF7i/BLlrqXZSFrZmc= =6LOZ -----END PGP SIGNATURE----- _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
