[clamav-win32] Fw: Long bursts of inbound traffic from clamd
clamavlist at bedrox.com
Tue Oct 23 21:54:52 CEST 2007
Correction...... this has been happening since Friday, not Wednesday.
----- Original Message -----
From: "Jeff" <clamavlist at bedrox.com>
To: <clamav-win32 at lists.clamav.net>
Sent: Tuesday, October 23, 2007 3:25 PM
Subject: [clamav-win32] Long bursts of inbound traffic from clamd
> Since last Wednesday our mail server has seen frequent long bursts (upwards
> 30-60 minutes each) of inbound traffic of 1-2 Mbps. Since this is a mail
> server (running Windows Server 2003) I first thought the mail server was
> a DOS or spam attack. Not so.
> Shutting off all services, one by one through process of elimination,
> the culprit-- spamd.exe which runs as a service. Every time one of these
> periods of sustained traffic occurs, we can immediately halt it by stopping
> the clamd service.
> This is possibly UDP traffic, because "netstat -n" does not show any
> established connections.
> We upgraded to the latest Clam version a few weeks ago, but this particular
> problem has only been happening since last Wednesday. I've completely
> un-installed ClamAV 0.91.2 and re-installed, but that has not helped.
> Anyone else seeing this, or have any clues what might be happening?
More information about the clamav-win32