We use clamav-milter with sendmail on a pool of SMTP servers to handle
email delivery for some 10k mailboxes. This has been working well for a
long time, but we've noticed a subtle problem creep up on us.
Occasionally a small percentage of email will seemingly unnecessarily
get held in the queue when using clamav-milter, although it will get
delivered successfully on the first attempt with the next queue run. The
size, time, sender, and recipient all seem to be irrelevant. Our
work-around is to simply process the queue every 5 minutes, but this is
not sustainable. We've conclusively narrowed it down to ClamAV, as the
problem vanishes when we comment out the INPUT_MAIL_FILTER line in our
sendmail.cf file. Here's that milter line:
INPUT_MAIL_FILTER(`clamav',
`S=local:/var/run/clamav-milter/clamav-milter.sock, F=T, T=S:4m;R:4m')
My first thought was some sort of resource contention, but honestly the
servers are individually not very busy. I had briefly thought the
problem might align with database reloads in the clamd.log file, but
that just didn't seem to be the case either. We're currently using
ClamAV 0.100.0 with sendmail 8.15.2 on CentOS 7.4, although the problem
has been with us though most of the 0.9x series as well. I can send a
lot more details if it will help.
I guess I'm just wondering if three are any "gotchas" with using ClamAV
in this way, and if there are any best-practices we may be missing. Thanks!
_______________________________________________
clamav-users mailing list
[email protected]
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
