Upgrade to clamav 0.90.2 makes scanning extremely slow

Kapetanakis Giannis bilias at edu.physics.uoc.gr
Wed Apr 25 13:16:27 IST 2007 

On Wed, 25 Apr 2007, Daniel Maher wrote:

>> So I'm going back to clamd which at least works fine and fast
>> for me. 1-3 seconds for each MailScanner batch, including
>> the virus scanning by all scanners. Load 0.5-1.0 aprox.
>>
>> Clamd also comes with a clamdwatch that watches
>> if the daemon dies or stops responding for those who
>> are afraid of that.
>>
>> Giannis
>
>
> Would you be willing to share you patch(es) w/ the list?
>  _
> °v°  Daniel Maher

I think I discovered the patches in this same list.
Anyway I'll post them again (wrapper might be slightly
modified -- I don't remember)

Apply SweepViruses.patch:
cp SweepViruses.patch /usr/lib/MailScanner/MailScanner/
cd /usr/lib/MailScanner/MailScanner/
cp SweepViruses.pm SweepViruses.pm-org
patch -p0 < SweepViruses.patch

cp clamd-wrapper /usr/lib/MailScanner/
chmod 755 /usr/lib/MailScanner/clamd-wrapper

edit /etc/MailScanner/virus.scanners.conf
and put the line
clamd	/usr/lib/MailScanner/clamd-wrapper  /usr

(Change /usr at the end according to where clamdscan
in located in your system. Mine is in /usr/bin/clamdscan)

Check if it works
/usr/lib/MailScanner/clamd-wrapper  /usr /tmp/test_file
(clamav user must have read access to the test_file)

Edit /etc/MailScanner/MailScanner.conf
Incoming Work Group = clamav
Incoming Work Permissions = 0640
add clamd to virus scanners, like bellow
Virus Scanners = clamd bitdefender antivir

Find where is your Incoming Work Dir directive
Incoming Work Dir = /var/spool/MailScanner/incoming

chgrp clamav /var/spool/MailScanner/incoming
chmod g+rx /var/spool/MailScanner/incoming

Clamd must be able to read there
otherwise it will fail.

do a /usr/sbin/MailScanner -lint
it should report clamd now
do a /usr/sbin/MailScanner -debug

You might also want to install clamdwatch from clamav's source
clamav-0.90.2/contrib/clamdwatch
There are install instructions there

That's all.
I don't remember doing something else,
apart from telling the system that clamd
should be running on system reboot.

Good luck

Giannis
ps. This configuration works for me,
Apply at your own risk.
-------------- next part --------------
--- SweepViruses.pm	2007-04-25 14:51:24.000000000 +0300
+++ SweepViruses.pm-clamd	2007-04-25 14:51:05.000000000 +0300
@@ -301,6 +301,17 @@
     SupportScanning     => $S_SUPPORTED,
     SupportDisinfect    => $S_NONE,
   },
+  "clamd"  => {
+    Name		=> 'ClamAV',
+    Lock                => 'ClamAVBusy.lock',
+    CommonOptions       => '--no-summary --stdout',
+    DisinfectOptions    => '',
+    ScanOptions         => '',
+    InitParser          => \&InitClamAVParser,
+    ProcessOutput       => \&ProcessClamAVOutput,
+    SupportScanning     => $S_SUPPORTED,
+    SupportDisinfect    => $S_NONE,
+  },
   "trend"   => {
     Name		=> 'Trend',
     Lock                => 'TrendBusy.lock',
-------------- next part --------------
#!/bin/sh

# clamd-wrapper --	invoke clamdscan for use with mailscanner
#
######  IF YOU ARE RUNNING MAILSCANNER AS ROOT ######
# You need to set the following in MailScanner.conf so that external 
# unpackers can be used...
#   Incoming Work Group = clamav
#   Incoming Work Permissions = 0640

# You may want to check this script for bash-isms

ClamUser="clamav"
ClamGroup="clamav"

ScanOptions=""
ExtraScanOptions=""

# Extra options we try to pass to clam but we handle it failing
# For each option there are two alternatives...
# --option   # if the required program is in the PATH
# --option=/path/to/program  # If its in a non standard location
# If you use the second option make sure you set the correct path in each case

ClamScan=$1/bin/clamdscan
shift

if [ ! -x $ClamScan ]; then
  ClamScan=/usr/bin/clamdscan
fi

if [ "x$1" = "x-IsItInstalled" ]; then
  [ -x $ClamScan ] && exit 0
  exit 1
fi

# Add this for Solaris users so they can find whoami
PATH=$PATH:/usr/ucb
export PATH

if [ $? ]; then 
  ExtraScanOptions="$ExtraScanOptions"
 fi

$ClamScan $ExtraScanOptions $ScanOptions "$@"

retval=$?

if [ "$retval" = "40" ]; then
  # Clam complained we passed an illegal command-line option
	# (As this calls without external unpackers the temp dir isn't used)
  exec $ClamScan $ScanOptions "$@"
else
  exit $retval
fi

More information about the MailScanner mailing list