Re: [Fwd: [exim] deferring when clamd/spamd is down]

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Ian Eiloart
Dátum:  
Címzett: exim-users, Exim-users
CC: 
Tárgy: Re: [Fwd: [exim] deferring when clamd/spamd is down]


--On February 23, 2005 18:21:05 +0100 exim-users@??? wrote:

> I have a cron job, checking once a minute. And in a minute, a lot of mail
> can flow in unscanned. But I want zero mail in this condition.
>
> Why do you use defer_ok? Doing so, you tell exim to accept the mail even
> though it wasn't scanned!


Because clamav can be killed by certain incoming email - at least that has
been the case, I'm not sure that it still is. If that happens, I don't want
to lose *all* my incoming mail.

clamav's instability (if it still exists) makes it vulnerable to a denial
of service attack. I don't want my SMTP service to vulnerable to that same
attack - which would be the effect if I didn't use defer_ok.

Another possibility is that I misconfigure clamav, and it simply won't
start. Again, I don't want to lose my mail service.

Using watchdog ensures that (except for the DoS condition, and a
misconfiguration on my part), clamav should always be available.

--
Ian Eiloart
Servers Team
Sussex University ITS