[Mimedefang] Connecting Clamd via inet socket?
Kris Deugau
kdeugau at vianet.ca
Mon Dec 5 11:55:29 EST 2016
Benoit Panizzon wrote:
> Hi all
>
> Does anyone know, if it's possible to use
>
> ClamdSock = "host:port";
>
> in MIMEDefang?
>
> I found very old posts stating, that clamd can only scan local files,
> thus has to be called on the machine the file resides.
>
> Is still this the case, or can the content to be scanned streamed via
> inet socket to a clamd host?
Not with the built-in Clam support.
What we did on our outbound mail cluster was to call clamdscan on a
slightly modified copy INPUTMSG (something we needed for other
processing anyway), and parse the results. Originally we also used
--config-file with several config files set either per-server,
randomized on MD child initialization, or randomized per call to
pseudo-randomize which clamd host got tried; at the time we ran into
some strange issues running clamd behind a Linux LVM load-balancer. We
tried again recently and it runs fine behind LVM so now we just use one
standard config file to direct the call to the load-balancer IP.
It works quite well, although pushing mail messages back and forth over
a network socket like that eats local bandwidth - I'd suggest making
sure that activity runs on a physically separate NIC to a private network.
-kgd
More information about the MIMEDefang
mailing list