Re: [clamav-users] No good deed goes unpunished, or, why CVD files don't work

2018-12-19 Thread Al Varnell
Note these restrictions: > How many times per hour shall I run freshclam? > You can check for database update as often as 4 times per hour provided that > you have the following options in freshclam.conf: > > DNSDatabaseInfo current.cvd.clamav.net > > DatabaseMirror db.XY.clamav.net > >

Re: [clamav-users] No good deed goes unpunished, or, why CVD files don't work

2018-12-19 Thread Paul Kosinski
Whatever the TTL is, there's no reason to make the notification even more out of date than it needs to be. Suggestion: Whenever the ClamAV Team puts out an "important" update, they should set the DNS TXT TTL low (and then raise it after a while). -pk On Wed, 19 Dec 2018 13:22:26 -0800 Dennis

Re: [clamav-users] No good deed goes unpunished, or, why CVD files don't work

2018-12-19 Thread Paul Kosinski
Yeah, I know that the CDIFFs will/may be cached, but it shouldn't matter. The file daily-25221.cdiff has the same contents no matter when you download it via freshclam or whatever (assuming its contents hasn't been munged by "HTTP-Transform"). But daily.cvd changes over time, as it should. Thus

Re: [clamav-users] No good deed goes unpunished, or, why CVD files don't work

2018-12-19 Thread Dennis Peterson
The TTL of the TXT record is 30 minutes so unless you are directly polling one of the clamav.net dns servers you are going to get what ever is in your local NSCD cache. dp On 12/19/18 12:26 PM, Paul Kosinski wrote: snip They all do DNS TXT queries 3-5 times per hour, and *only* if that

Re: [clamav-users] No good deed goes unpunished, or, why CVD files don't work

2018-12-19 Thread J.R.
Joel - In regards to the comment on pointing everyone to Cloudflare... I'm guessing that statement means you are using a mix of the Cloudflare CDN and the original volunteer mirrors still? Also, is there a way to force a selection of a particular mirror (either by CF datacenter or previous

Re: [clamav-users] No good deed goes unpunished, or, why CVD files don't work

2018-12-19 Thread Paul Kosinski
In light of The Delays, and the fact that CVDs are so much bigger than CDIFFs, I have changed our ClamAVs to use Scripted Update (CDIFFs) and thus fetch directly from database.clamav.net. We currently have fewer than a half-dozen machines on our LAN, which share a single Comcast dynamic IP