Re: [Exim] Remote clamd can't access files

Top Page
Delete this message
Reply to this message
Author: Pat Lashley
Date:  
To: David S. Madole, Exim Users Mailing List
Subject: Re: [Exim] Remote clamd can't access files
--On Tuesday, June 29, 2004 20:21:51 -0400 "David S. Madole" <david@???> wrote:

>> "Pat Lashley" <patl+exim.users@???> wrote:
>>
>> (Linebreak added) Is it possible to actually use a remote clamd
>> with the exiscan ACLs? If so, what am I doing wrong?
>
> No, it's not really possible. Exiscan only passes clamd the path to the
> directory to scan, it does not pass the actual data.


Damn. That really should be made more obvious in the clamd section
of the exiscan acl spec.

I had really hoped that if the IP address was non-local it would
use the clamd STREAM command.


> If you really, really wanted to do it, I suppose you could NFS mount the
> appropriate directory to the clamd machine so it has the same path there.


No, enabling NFS on a publicly visible machine is a Very Bad Idea.

I could go with a commandline A/V scanner config in Exim; and use
something that contacted the remote clamd. Hmm. The clamdscan
man page doesn't list any parameters to tell it how to contact the
clamd; but a quick scan of the source seems to show that it gets
it from the clamd.conf file; so maybe that'll work. Although I'd
be interested in any statistics on the relative load of running a
local clamd -vs- the fork/exec/startup overhead of invoking clamdscan
for each message.

If clamdscan doesn't work with a remote clamd; then I could try
to fix it; but if I'm going to have to hack any code to do this;
I'd much rather do a patch for exiscan-acl to make it recur through
the directory using the clamd STREAM command if the av_scanner
value points to a non-local IP address.

In the mean time, I suppose I'll have to run clamd locally and
just hope that it doesn't cause too much load.



-Pat