clamav as a milter

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

clamav as a milter

André Rodier
Hello all,

Does anyone suffered performance loss when using clamav as a milter for
postfix?

I would like to scan archives and emails with attachments. Is there any
other way to do than using a milter?

Thanks for your advices.

André
Reply | Threaded
Open this post in threaded view
|

Re: clamav as a milter

Scott Kitterman-4
On Monday, March 26, 2018 10:27:57 PM André Rodier wrote:
> Hello all,
>
> Does anyone suffered performance loss when using clamav as a milter for
> postfix?
>
> I would like to scan archives and emails with attachments. Is there any
> other way to do than using a milter?
>
> Thanks for your advices.

I use http://thewalter.net/stef/software/clamsmtp/ - it hasn't been updated in
a long time, but it does what it needs to do.

Scott K
Reply | Threaded
Open this post in threaded view
|

Re: clamav as a milter

André Rodier
On 26/03/18 23:35, Scott Kitterman wrote:

> On Monday, March 26, 2018 10:27:57 PM André Rodier wrote:
>> Hello all,
>>
>> Does anyone suffered performance loss when using clamav as a milter for
>> postfix?
>>
>> I would like to scan archives and emails with attachments. Is there any
>> other way to do than using a milter?
>>
>> Thanks for your advices.
>
> I use http://thewalter.net/stef/software/clamsmtp/ - it hasn't been updated in
> a long time, but it does what it needs to do.
>
> Scott K
>
Thank you.
Reply | Threaded
Open this post in threaded view
|

Re: clamav as a milter

lists@lazygranch.com
In reply to this post by Scott Kitterman-4
On Mon, 26 Mar 2018 18:35:19 -0400
Scott Kitterman <[hidden email]> wrote:

> On Monday, March 26, 2018 10:27:57 PM André Rodier wrote:
> > Hello all,
> >
> > Does anyone suffered performance loss when using clamav as a milter
> > for postfix?
> >
> > I would like to scan archives and emails with attachments. Is there
> > any other way to do than using a milter?
> >
> > Thanks for your advices.  
>
> I use http://thewalter.net/stef/software/clamsmtp/ - it hasn't been
> updated in a long time, but it does what it needs to do.
>
> Scott K

I stopped using clamav when I set up my new server due to amavisd-new
stalling once in a while on my former freeBSD server. Is this one
bulletproof?

Reply | Threaded
Open this post in threaded view
|

Re: clamav as a milter

Scott Kitterman-4


On March 26, 2018 11:12:37 PM UTC, "[hidden email]" <[hidden email]> wrote:

>On Mon, 26 Mar 2018 18:35:19 -0400
>Scott Kitterman <[hidden email]> wrote:
>
>> On Monday, March 26, 2018 10:27:57 PM André Rodier wrote:
>> > Hello all,
>> >
>> > Does anyone suffered performance loss when using clamav as a milter
>> > for postfix?
>> >
>> > I would like to scan archives and emails with attachments. Is there
>> > any other way to do than using a milter?
>> >
>> > Thanks for your advices.  
>>
>> I use http://thewalter.net/stef/software/clamsmtp/ - it hasn't been
>> updated in a long time, but it does what it needs to do.
>>
>> Scott K
>
>I stopped using clamav when I set up my new server due to amavisd-new
>stalling once in a while on my former freeBSD server. Is this one
>bulletproof?

I've never had any problems, but I'm running relatively low volume servers.

Not that any software is bulletproof, but I think you'll generally get more consistent performance from something made of C (as this is) than something made of Perl (or any interpreted language).

Scott K
Reply | Threaded
Open this post in threaded view
|

Re: clamav as a milter

Alex Bruce
In reply to this post by André Rodier
Thing is clamav-milter is a before-queue filter (used as milter in postfix) whereas ClamSMTP is after-queue filter (uses content filter in postfix)

These are fundamentally different ways of providing filtering in Postfix.

Before-Queue filtering can reject emails if they have a virus in the SMTP transaction (after DATA) whereas After-Queue cannot or should not without a bounce message (please no backscatter) so After-Queue should only quarantine or discard a virus email not reject/bounce.

Before-Queue requires more memory upfront to handle multiple connections as each connection is going to need realtime-access to clamav whereas After-Queue does not have such stringent requirements and can get away with lower memory as email can be processed slower but not perceived to be slower (as emails are accepted immediately but later discarded if virus etc).

See Pros and Cons of Before Queue -- http://www.postfix.org/SMTPD_PROXY_README.html

With clamav-milter it must wait for the milter to say virus or no virus before it can end the SMTP transaction which leads to potential performance issues if the mail server is not well speced for before-queue scanning but it has the advantage of rejecting mail in SMTP transaction.



From:        "André Rodier" <[hidden email]>
To:        [hidden email]
Date:        27/03/2018 12:10 PM
Subject:        Re: clamav as a milter
Sent by:        [hidden email]




On 26/03/18 23:35, Scott Kitterman wrote:
> On Monday, March 26, 2018 10:27:57 PM André Rodier wrote:
>> Hello all,
>>
>> Does anyone suffered performance loss when using clamav as a milter for
>> postfix?
>>
>> I would like to scan archives and emails with attachments. Is there any
>> other way to do than using a milter?
>>
>> Thanks for your advices.
>
> I use
http://thewalter.net/stef/software/clamsmtp/ - it hasn't been updated in
> a long time, but it does what it needs to do.
>
> Scott K
>
Thank you.


Reply | Threaded
Open this post in threaded view
|

Re: clamav as a milter

Robert Schetterer-2
In reply to this post by André Rodier
Am 26.03.2018 um 23:27 schrieb André Rodier:
> Hello all,
>
> Does anyone suffered performance loss when using clamav as a milter for
> postfix?

Not relevant, but for sure to scan something you need resources and time.

>
> I would like to scan archives and emails with attachments. Is there any
> other way to do than using a milter?
>
> Thanks for your advices.
>
> André
>



Best Regards
MfG Robert Schetterer

--
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
Reply | Threaded
Open this post in threaded view
|

Re: clamav as a milter

André Rodier
In reply to this post by Alex Bruce
On 27/03/18 03:18, Alex Bruce wrote:

> Thing is clamav-milter is a before-queue filter (used as milter in
> postfix) whereas ClamSMTP is after-queue filter (uses content filter in
> postfix)
>
> These are fundamentally different ways of providing filtering in Postfix.
>
> Before-Queue filtering can reject emails if they have a virus in the
> SMTP transaction (after DATA) whereas After-Queue cannot or should not
> without a bounce message (please no backscatter) so After-Queue should
> only quarantine or discard a virus email not reject/bounce.
>
> Before-Queue requires more memory upfront to handle multiple connections
> as each connection is going to need realtime-access to clamav whereas
> After-Queue does not have such stringent requirements and can get away
> with lower memory as email can be processed slower but not perceived to
> be slower (as emails are accepted immediately but later discarded if
> virus etc).
>
> See Pros and Cons of Before Queue --
> http://www.postfix.org/SMTPD_PROXY_README.html
>
> With clamav-milter it must wait for the milter to say virus or no virus
> before it can end the SMTP transaction which leads to potential
> performance issues if the mail server is not well speced for
> before-queue scanning but it has the advantage of rejecting mail in SMTP
> transaction.
>
>
>
> From:        "André Rodier" <[hidden email]>
> To:        [hidden email]
> Date:        27/03/2018 12:10 PM
> Subject:        Re: clamav as a milter
> Sent by:        [hidden email]
> ------------------------------------------------------------------------
>
>
>
> On 26/03/18 23:35, Scott Kitterman wrote:
>> On Monday, March 26, 2018 10:27:57 PM André Rodier wrote:
>>> Hello all,
>>>
>>> Does anyone suffered performance loss when using clamav as a milter for
>>> postfix?
>>>
>>> I would like to scan archives and emails with attachments. Is there any
>>> other way to do than using a milter?
>>>
>>> Thanks for your advices.
>>
>> I use http://thewalter.net/stef/software/clamsmtp/- it hasn't been updated in
>> a long time, but it does what it needs to do.
>>
>> Scott K
>>
> Thank you.
>
>
Thank you, Alex,

Now I remember the fundamental difference, I will make sure to use the
appropriate one.

I might use dovecot sieve and custom scripts as well, I will post on the
other list.

Kind regards,
André

--
https://github.com/progmaticltd/homebox