[Mimedefang] Connect to clamav/clamd and/or SA on other host

Michiel Brandenburg apex at prezent.nl
Mon Jun 23 19:05:27 EDT 2008

C.M. Burns wrote:
>> For clamav we are scanning localhost only.  Clamav (unlike 
>> spamassassin) does not play wel with load balancers. I'm currently 
>> looking into a clam-milter implementation so that clamd can be 
>> balanced but have not implemented this in our production servers.
> thanks for the info! meanwhile I implemented the spamd/spamc patch from 
> the mimedefang home, and it works like a charm!
> at the moment 3 mailservers with mimedefang use a central spamd server 
> and so far no problems.
Good to hear .. you might want to plan ahead to using more spamd 
servers, if one crashes ppl will not be getting their email and start to 
complain :), not only that but u will only be able to scan about 5-7 
mails at the same time.  Not nearly enough in our situation.

> what exactly should be the problem in using a central clamd installation?
Clamavd uses an FTP like protocol to talk back to the client.  No 
problems if u have one central scanning machines but in our situation it 
would not work, for you it might, remember to open up ports in your 
firewall :). Although clamav is a lot more robust than spamassassin I 
have seen it dying for strange reasons. We would rather have one clamd 
scanning only for that server and it temp failing delivery if that 
failed. Our secondary would pick up the slack.
Because of that FTP like protocol it cannot be balanced.  clam-milter 
will "wrap" all them connections though a single port.  This can be 
balanced. There are some discussions / patches in the clamav mailing list.

With kind regards,

Michiel Brandenburg

More information about the MIMEDefang mailing list