That was the point i was trying to make, these sigs are more applicable to people wishing to scan email communication (wether file based or via a plugin), if you are not dealing with email on your servers then tbey reperesent an unnessacary overhead. Our servers scan individual files uploaded via our app as part of the upload process. We dont have any way of recieving or storing on the disks any email communications.
We have to scan our servers for iso27001 and iso27018 compliance. Sent from Nine<http://www.9folders.com/> ________________________________ From: Maarten Broekman via clamav-users <clamav-users@lists.clamav.net> Sent: Sunday, April 7, 2019 00:48 To: ClamAV users ML Cc: Maarten Broekman Subject: [External] Re: [clamav-users] [External] Re: Scan very slow Given that the PhishTank signatures, specifically, have been causing the performance issues, no. It's not unreasonable to want to pull them, and only them, out. Having them in a separate db file would be highly beneficial to those of us that don't want or need them at all. Barring that, having a configuration option to disable them that is separate from heuristics and safebrowsing would be just as effective. --Maarten On Sat, Apr 6, 2019 at 10:43 AM Matus UHLAR - fantomas <uh...@fantomas.sk<mailto:uh...@fantomas.sk>> wrote: On 05.04.19 22:05, Tim Hawkins wrote: >Does clamav partition the database so that signatures that are mainly >associated with email scanning can be dropped out for folks only needing >filesystems scans, none of our systems use email, and we dont make use of the >mailer extension. how do you imagine e-mails are scanned, when not as files? it's not usually efficient to pass them to clamav through a socket, it's better to store them locally and pass a file descriptor... >Having to load all the email focused signatures could as you have observed >impact performance. I doubt so. -- Matus UHLAR - fantomas, uh...@fantomas.sk<mailto:uh...@fantomas.sk> ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. On the other hand, you have different fingers. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml DISCLAIMER The information contained in this email and any attachments are confidential. It is intended solely for the individual or entity to whom they are addressed. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by responding to this email and then delete it from your system. The Red Flag Group is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt. Any advice, recommendations or opinion contained within this email or its attachments are not to be construed as legal advice.
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
