Sander Holthaus wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
John Rudd wrote:
Sander Holthaus wrote:
A tempfail is not a disaster in most scenarios. You may not be
able to receive mail until it is fixed, but you still get the
mail after it is fixed.
I think that attitude works fine in trivially small email
environments.
I don't think it works at all in environments where you've got an
enterprise email system in a mission critical environment, where
having an email delayed significantly can have financial
implications.
A mission critial envirorement where having an email delayed
significantly can have financial implications will not rely on one
single virusscanner, but has two or three backups and never needs to
throw a hard or tempfail when just clamav fails. And they are likely
to employ much more scrutiny in using and updating non-standard db's.
All of those things are true, but they're not a license for lax
standards in how a process handles failures. "We can handle error
conditions poorly, because if it matters, they probably spent money on a
second line of defense" is bad coding discipline.
There's no good reason for a process to die quietly because it's _new_
data is bad. That's a reason to not use the new data. It is not a
reason to die (esp. not in a quiet manner).
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
