[clamav-win32] Fw: Long bursts of inbound traffic from clamd

Jeff clamavlist at bedrox.com
Tue Oct 23 21:54:52 CEST 2007


Correction...... this has been happening since Friday, not Wednesday.


----- Original Message ----- 
From: "Jeff" <clamavlist at bedrox.com>
To: <clamav-win32 at lists.clamav.net>
Sent: Tuesday, October 23, 2007 3:25 PM
Subject: [clamav-win32] Long bursts of inbound traffic from clamd


> Since last Wednesday our mail server has seen frequent long bursts (upwards
of
> 30-60 minutes each) of inbound traffic of 1-2 Mbps.  Since this is a mail
> server (running Windows Server 2003) I first thought the mail server was
under
> a DOS or spam attack.  Not so.
>
> Shutting off all services, one by one through process of elimination,
revealed
> the culprit-- spamd.exe which runs as a service.  Every time one of these
> periods of sustained traffic occurs, we can immediately halt it by stopping
> the clamd service.
>
> This is possibly UDP traffic, because "netstat -n" does not show any
> established connections.
>
> We upgraded to the latest Clam version a few weeks ago, but this particular
> problem has only been happening since last Wednesday.   I've completely
> un-installed ClamAV 0.91.2 and re-installed, but that has not helped.
>
> Anyone else seeing this, or have any clues what might be happening?
>
>
> _______________________________________________
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-win32




More information about the clamav-win32 mailing list