[Mimedefang] Using clamdscan --fdpass
Daniel O'Connor
doconnor at gsoft.com.au
Mon Jul 22 18:51:05 EDT 2013
On 23/07/2013, at 5:33, David F. Skoll <dfs at roaringpenguin.com> wrote:
> On Mon, 22 Jul 2013 14:03:23 -0400
> Matt Garretson <mattg at assembly.state.ny.us> wrote:
>
>> Alternatively, you could simply put the clamav user into the
>> mimedefang group.
>
> This is my preferred approach. Using --fdpass requires a clamdscan
> invocation. Doing it from Perl is tricky, especially if you're
> scanning a directory tree. I would rather just use judicious group
> and permission settings.
Certainly at my mail volumes an extra fork/exec is not a problem and I would be pretty surprised it there was a setup with a high enough volume that a single extra fork/exec would cause a measurable performance impact (where it wasn't hidden by other more expensive tests).
I did actually write some code to do the FD pass from Perl, although it introduces a dependency on an external module (IO::FDPass).
--
Daniel O'Connor software and network engineer
for Genesis Software - http://www.gsoft.com.au
"The nice thing about standards is that there
are so many of them to choose from."
-- Andrew Tanenbaum
GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C
More information about the MIMEDefang
mailing list