[Mimedefang] Fwd: Re: clamav vs clamd vs clamscan

Cliff Hayes chayes at afo.net
Thu Oct 9 10:28:34 EDT 2014

Thanks to this list I am making progress :)
Now clamd is failing due to this...
Wed Oct  8 16:32:20 2014 -> WARNING: lstat() failed on: 
...I'm assuming this is because the mimedefang working directory is 
owned by defang and clamd runs as clamav.
I fixed by running clamd as root ... is this the preferred solution or 
is there a better way?

-------- Original Message --------
From: - Wed Oct 08 14:36:48 2014
X-Account-Key: account6
X-UIDL: 0004705d47d56bfd
X-Mozilla-Status: 0011
X-Mozilla-Status2: 00000000
Return-Path: <mimedefang-bounces at lists.roaringpenguin.com>
Received: from nitronium05.afomx.net (wsip-66-210-221-15.pn.at.cox.net 
[]) by sendmail.afo.net (8.14.7/8.14.7) with ESMTP id 
s98JZNUc019081 for <chayes at afo.net>; Wed, 8 Oct 2014 14:35:23 -0500
Received: from colo3.roaringpenguin.com (roaringpenguin.com 
[]) by nitronium05.afomx.net (8.14.4/8.14.4) with ESMTP id 
s98JZK7f005795 for <chayes at afo.net>; Wed, 8 Oct 2014 14:35:20 -0500
Received: from colo3.roaringpenguin.com (localhost []) by 
colo3.roaringpenguin.com (8.14.3/8.14.3/Debian-9.4) with ESMTP id 
s98JZCbl013124; Wed, 8 Oct 2014 15:35:14 -0400
Received: from mail-ig0-f180.google.com (mail-ig0-f180.google.com 
[]) by colo3.roaringpenguin.com (8.14.3/8.14.3/Debian-9.4) 
with ESMTP id s98JZ9xd013097 for <mimedefang at lists.roaringpenguin.com>; 
Wed, 8 Oct 2014 15:35:10 -0400
Received: by mail-ig0-f180.google.com with SMTP id uq10so50255igb.7 for 
<mimedefang at lists.roaringpenguin.com>; Wed, 08 Oct 2014 12:35:09 -0700 (PDT)
MIME-Version: 1.0
X-Received: by with SMTP id 
gc2mr19990383igd.40.1412796908717; Wed, 08 Oct 2014 12:35:08 -0700 (PDT)
Received: by with HTTP; Wed, 8 Oct 2014 12:35:08 -0700 (PDT)
In-Reply-To: <54358AFE.8090406 at afo.net>
References: <54356BDE.30305 at afo.net> 
<CAOAgVpy3vPQEH_-ozdji6BOt=ce3FBcSA1tXNtrEY4EUONtH-g at mail.gmail.com> 
<54358AFE.8090406 at afo.net>
Date: Wed, 8 Oct 2014 14:35:08 -0500
<CAOAgVpzRmMW_28RvmnQXhiN6oN=x93_3J=xuC8+WgkWjqrLXdQ at mail.gmail.com>
From: Les Mikesell <lesmikesell at gmail.com>
To: mimedefang at lists.roaringpenguin.com
X-Spam-Score: undef - lesmikesell at gmail.com is whitelisted.  For help, 
please call +1 613 231-6599.
X-RP-Info: score=0.0, reason=sender-whitelisted, tests=, 
remote=, cc=US, city=Mountain View, trained=none, os=Linux 
2.2.x-3.x, link=Google, s=
X-CanIt-Geo: ip=; country=US; region=California; 
city=Mountain View; latitude=37.4192; longitude=-122.0574; 
X-CanItPRO-Stream: nolinks (inherits from default)
X-Canit-Stats-ID: 01N0HzaBq - d9e2254476c8 - 20141008
X-CanIt-Archive-Cluster: SQVyZJxqklY5buiWXYCN4T/BjiM
X-CanIt-Archived-As: base/20141008 / 01N0HzaBq
X-Auto-Response-Suppress: OOF, DR, RN, NRN
X-Scanned-By: MIMEDefang 2.73
X-Scanned-By: MIMEDefang 2.75
X-Scanned-By: CanIt (www . roaringpenguin . com) on
Subject: Re: [Mimedefang] clamav vs clamd vs clamscan
X-BeenThere: mimedefang at lists.roaringpenguin.com
X-Mailman-Version: 2.1.13
Precedence: list
Reply-To: mimedefang at lists.roaringpenguin.com
List-Id: For users of the MIMEDefang mail scanner 
<mailto:mimedefang-request at lists.roaringpenguin.com?subject=unsubscribe>
List-Archive: <http://lists.roaringpenguin.com/pipermail/mimedefang>
List-Post: <mailto:mimedefang at lists.roaringpenguin.com>
List-Help: <mailto:mimedefang-request at lists.roaringpenguin.com?subject=help>
<mailto:mimedefang-request at lists.roaringpenguin.com?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: mimedefang-bounces at lists.roaringpenguin.com
Errors-To: mimedefang-bounces at lists.roaringpenguin.com

On Wed, Oct 8, 2014 at 2:05 PM, Cliff Hayes <chayes at afo.net> wrote:
> I will have to go with clamd because clamav is taking 12 seconds to scan an
> email with five words in it.
> I tried disabling all repositories except epel like this...
> yum --disablerepo=atrpms-bleeding --disablerepo=atrpms
> --disablerepo=atrpms-testing --disablerepo=elrepo --disablerepo=epel-testing
> --disablerepo=rpmforge --disablerepo=sl6x --disablerepo=sl install clamd
> ... but then I got a long list of dependencies, then a bunch of errors and
> requires, then ended with this...
>  You could try using --skip-broken to work around the problem
>  You could try running: rpm -Va --nofiles --nodigest
> ... so I guess I should go back to binaries?

Mixing 3rd party repos generally leads to conflicts.  On a Centos
system with EPEL as the only extra repo it 'just works'.  Either you
already have some conflicting package from a different repo or you
needed something from the base SL.    Also, if you get mimedefang and
clamd from different repos you may end up with a mismatch in
user/group settings that will cause permission problems on the socket
they use to communicate.

    Les Mikesell
      lesmikesell at gmail.com
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang at lists.roaringpenguin.com

More information about the MIMEDefang mailing list