Tom Bombadil wrote:
> Greetings all...
>
> We are trying to failover clamav scanning to a 2nd server in case the
> 1st server is down, or not functioning properly.
>
> Exim doc gives us an example on how to scan the the message twice using
> two different AV scanners.
>
> But I couldn't figure out a way of using the 2nd scanner just in case
> the 1st one fails.
>
> Any hints?
>
> Thanks :)
>
As you saw in the docs, "if the value of av_scanner starts with a dollar
character, it is expanded before use."
You can use this to check the scanner is there and to provide an
alternative with an ${if expansion.
Since you are using clamav and it's got a sense of humor, you can PING
it to see if it's there - it will reply PONG if it's there.
Here's a simple one.. it could be expanded out to as many servers as you
want I suppose. You can either use the UNIX socket or X.X.X.X:PORT
connection of your clamd.
av_scanner = \
${if eq\
{${readsocket{/tmp/clamd}{PING}{5s}{ }{GNIP}}}\
{PONG}\
{clamd:/tmp/clamd}\
{clamd:backup.clamd.server.com:6969}\
}
Of course, you have to waste the cycles to check if clamd is up and then
actually scan with it : /
Also, using the string expansion means that the malware condition no
longer caches so don't call it more than once.
Ted
--
The Exim Manual
http://www.exim.org/docs.html
http://www.exim.org/exim-html-current/doc/html/spec_html/index.html
