Auteur: Ian Eiloart Date: À: exim-users, Exim-users CC: Sujet: Re: [Fwd: [exim] deferring when clamd/spamd is down]
--On February 23, 2005 18:21:05 +0100 exim-users@??? wrote:
> I have a cron job, checking once a minute. And in a minute, a lot of mail
> can flow in unscanned. But I want zero mail in this condition.
>
> Why do you use defer_ok? Doing so, you tell exim to accept the mail even
> though it wasn't scanned!
Because clamav can be killed by certain incoming email - at least that has
been the case, I'm not sure that it still is. If that happens, I don't want
to lose *all* my incoming mail.
clamav's instability (if it still exists) makes it vulnerable to a denial
of service attack. I don't want my SMTP service to vulnerable to that same
attack - which would be the effect if I didn't use defer_ok.
Another possibility is that I misconfigure clamav, and it simply won't
start. Again, I don't want to lose my mail service.
Using watchdog ensures that (except for the DoS condition, and a
misconfiguration on my part), clamav should always be available.
