[Mimedefang] Setting clamd timeouts.

Matthew Schumacher matt.s at aptalaska.net
Wed Sep 26 16:46:22 EDT 2007


David F. Skoll wrote:
> Matthew Schumacher wrote:
> 
>> I think the best solution to this is to set a timeout on clamd so that
>> message_contains_virus() can return tempfail if clamd is taking more
>> than 20 seconds.  This would allow the system to correctly report what
>> the problem is in the logs while not waiting the full slave timeout.
> 
> Actually, I don't think this is a good solution.  Instead, we run a script
> from cron once a minute that asks clamd to scan /etc/hosts.  If that
> times out, we kill and restart clamd, thereby un-wedging it.
> 
> The script follows below.  Note that it's shipped with CanIt so
> there may be some CanIt-specific assumtions about file locations, but
> they should be easy to work around.
> 
> Regards,
> 
> David.

David,

That is really interesting that you say that, I just got done explaining
to another staff member that making mimedefang robust enough to handle
clamd brown outs without timing out every process would be the better
solution than kicking clamd because one makes mimedefang more robust and
the other is a hack to fix clamd.

Wouldn't the best solution be both to have timeouts in clamd and also
monitor it for failures?  Do you see anything wrong with adding timeouts
to the clamd functions?

Thanks for the script btw,

schu



More information about the MIMEDefang mailing list