On Sep 29, 2015, at 9:57 AM, Kris Deugau <kdeu...@vianet.ca<mailto:kdeu...@vianet.ca>> wrote:
Marco wrote: Hello, I installed clamd server (0.98.7) with clamav-milter using RPM of EPEL. With this installation, after every freshclam update session, clamd is forced to read the DB: 2015-09-29T09:12:41.244383+02:00 av1 clamd[15201]: Reading databases from /var/lib/clamav 2015-09-29T09:13:14.950256+02:00 av2 clamav-milter[11957]: Failed to stream to clamd 2015-09-29T09:13:14.950546+02:00 av2 clamav-milter[11957]: Streaming failed 2015-09-29T09:13:20.593439+02:00 av1 clamd[15201]: Database correctly reloaded (5342538 signatures) During this time clamav-milter have a trouble and the SMTP server experiences a delay receiving the mail. On a frontend MSA SMTP server this delay is a problem. I would like to know if there is a better way to configure the DB update, without interruption on service. Short of a patch to clamd to not discard the existing in-memory signature data while reloading fresh data (or somewhat more complex; replace signatures one-by-one during a reload), you are stuck with clamd not responding for 2-5 seconds with the stock signatures, and possibly up to 30 seconds even on modern hardware if you're using a lot of third-party signatures. This seems to come up every couple of months at least and it's been this way for quite a long time; is there any upstream interest in fixing clamd one way or another so it doesn't suffer this outage while reloading signatures? Don’t want to speak for the ClamAV team, but I’m sure they’d be welcome with ideas and feedback if you file a bug in the bugzilla system -- Joel Esler Manager, Threat Intelligence Team & Open Source Talos Group http://www.talosintel.com _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
