On Tuesday 10 August 2004 02:41 pm, Damian Menscher wrote:
[snip: using a program delivery to process update mailing list mails]
> With sendmail, you could add to /etc/aliases something like:
> clamav-updates | sigtool --add
that's the ticket.
> Anyone know if it's really feasible for us to obtain a mailserver that
> can send out 2k emails to all (100,000?) users in a short (5-10 mins)
> time? Assuming those numbers are reasonable, that means 200 meg of
> data. Combined with SMTP overhead, it seems like it would be
> troublesome. Additionally, there are potential bandwidth issues if you
> consider we'd need to do that several times/day.
well, I would think this would be an 'optional' thing you could do, or maybe
part of a 'premium' service provided for a fee. As Jef mentioned, most small
time folks are perfectly happy with hourly updates in a pull configuration.
> Updating the "main" database is one concern. Sending out a 2-meg email
> to everyone seems like it might be too much load, but sending out the 1K
> email telling everyone to get it means the mirrors will get swamped. I
> can't think of a way around this, but hopefully someone else can?
well, I would hope that while also grabbing these daily.cvd updates via email,
that the admin is also running freshclam (perhaps less frequently now that
he/she only needs to check main.cvd once a day) to grab the main.cvd and
doesn't need notification for it. Forgive my ignorance if I'm not
interpreting the role of the main/daily.cvd files correctly:
main.cvd: updated daily with all of the updates done to daily.cvd throughout
the day
daily.cvd: 0sec updates to the database, get rolled into main.cvd nightly
> Also, this doesn't give much provision for removing "bad" signatures
> (that cause false positives) since it really just appends rules. We'd
> need to figure out a way to delete signatures also. I could imagine
> doing this by including a "null" signature, or using some other flag.
true. perhaps the first line of the email could be a command, and a simple
sh/perl/c program could parse it and then call the proper commands to add or
remove the signature that follows.
> Finally, there's the whole issue of multiplying your points of failure.
> If your current database is screwed, appending more to it will leave it
> screwed. And if you add stuff to it a few times a day, chances are it
> will get screwed up at some point. At least this issue has a simple
> fix: include an MD5 sum with the update which must match your MD5 sum
> after applying the update. If they don't match, you know something went
> wrong, either with this update or a previous one. (This has the danger
> that if the developers send an email with an incorrect MD5 hash,
> everyone will thrash the mirrors.)
eek.
> Note to the developers: please don't feel like you have to code up any
> of our random ideas. I'm just having fun brainstorming about how to
> optimize this process. I expect in another few days of discussion we'll
> have converged on a fairly sane idea.
or scrap the whole idea all together :)
-Jeremy
--
Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc.
[EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l
kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail
-------------------------------------------------------
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285
_______________________________________________
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users
