Re: [Exim] Exiscan and Clam AntiVirus

Top Page
Delete this message
Reply to this message
Author: Markus Fischer
Date:  
To: exim-users
Subject: Re: [Exim] Exiscan and Clam AntiVirus
Hello,

    thanks for the advice!


    I've upgraded now and will take a closer look at monit, looks like a
    very handy tool!


    - Markus


On Thu, Mar 04, 2004 at 11:40:05PM +0000, Calum Mackay wrote :
> Markus Fischer wrote:
> >    I'm facing exactly this problem since a few days. Every 4 to six
> >    hours clamav suddenly dies away (in mainlog: timeout error) and that
> >    was it. I need to manually kill all clamd processes and restart it.
> >    I'm not very happy with it.

> >
> >    Strange however, this exacrly not-touched-since-months setup worked
> >    before. I'm using debian testing and updating on a regular basis,
> >    however I haven't see clamav or exim updates for a while.

> >
> >    I'm lost currently. Disabled clamav is too high a security risk
> >    however ... I don't know what I shold do :|

>
> You could try taking the latest clam from unstable, which has the 0.67
> tree - supposed to be much more stable.
>
> I'm running it here, and it works well.
>
> also consider monit to monitor, and restart, exim/clam. My /etc/monitrc
> appended.
>
> cheers,
> c.
>
>
> # Global set-statements
> set init
> #
> set alert monit@??? mail-format { from: monit@??? }
> set daemon 180
> set httpd port 2812
>         address localhost
>         allow localhost
>         allow root:XXXXX
>         allow crypt /etc/monit/monit.passwd
> set logfile syslog facility log_daemon

>
> # exim mail daemon
> check process exim4
>         pidfile /var/run/exim4/exim.pid
>         group mail
>         start program = "/etc/init.d/exim4 start"
>         stop  program = "/etc/init.d/exim4 stop"
>         if failed port 25 proto smtp then restart
>         if 5 restarts within 5 cycles then timeout
>         depends on clamd

>
> # ClamAV virus checking daemon - vital for exim
> check process clamd
>         pidfile /var/run/clamav/clamd.pid
>         group virus
>         start program = "/etc/init.d/clamav-daemon start"
>         stop  program = "/etc/init.d/clamav-daemon stop"
>         if failed unix /var/run/clamd.ctl send "PING\nQUIT\n" expect
> "PONG\n"
>                 timeout 10 seconds then restart
>         if 5 restarts within 5 cycles then timeout
> # virus database updater
> check process freshclam
>         pidfile /var/run/clamav/freshclam.pid
>         group virus
>         start program = "/etc/init.d/clamav-freshclam start"
>         stop  program = "/etc/init.d/clamav-freshclam stop"
>         if 5 restarts within 5 cycles then timeout