[clamav-win32] Clam for W32 updates? Forgotten project?

rkml rkml at cyberglobe.net
Mon Jan 26 16:38:47 CET 2009


--------------------------------------------------
From: "Bret Miller" <bret.miller at wcg.org>
Sent: Thursday, January 22, 2009 3:22 PM
To: <clamav-win32 at lists.clamav.net>
Subject: Re: [clamav-win32] Clam for W32 updates?  Forgotten project?

> To be fair, I've rarely had problems with the SOSDG build. I just prefer
> to run native when there is one that is stable and up-to-date. ClamAV
> performance has never been a real issue on our mail server (can anyone
> say "SpamAssassin"?). Stability has, at times been an issue, so we've
> used most of the Windows builds at one time or another. I currently
> prefer the one I just recommended (http://oss.netfarm.it/clamav), but
> the SOSDG and tBB builds also work well. I haven't tested all the latest
> build, but in the last few, clamd seems reasonably stable in these three
> up-to-date builds.
>
Likewise, I prefer the Win32 Native mode as well.  Our Mail Server performs 
exceptionally well with CLAMAV.  We don't use SpamAssassin as we have an 
all-in-one mail server that works for our needs.  Surgemail by Netwinsite is 
the least expensive, Full featured mail server we found out there and 
feature request/bug updates that have a minimum of 8 business hours to a max 
of 40 business hours turnaround is something I prefer to have and is NOT 
available by any other mail server vendor I have seen to date.

My old Mail server vendor, Rockliffe Mailsite, took forever to release new 
features and updates to fix bugs, let alone that I had to develop the mail 
sieve filters for the community to help reduce junk mail for all as in 
interim... until I got fed up with the 100% nailed up CPU for about 100k 
daily messages.  Plus it costed almost 10 times more than what Surgemail 
costs.  Surgemail is Multi-platformed too.

ClamAV in daemon mode works beautifully with this product (even though it 
also has its own AVAST AV plugin, they support third party AVs.)  My CPU on 
the mail server, which processes about 250,000 messages daily, never exceeds 
7% and averages around 5% with both mail server and ClamAV running.  CPU is 
only a Athlon 1700+ with 1gb ram.  Currently for the past 24 hours, CPU 
average is about 2%.

If you guys really want to lock things down, consider turning on SPF and DK 
authentication only.  Watch the Spam level drop 95+%.  Only issue you will 
have are other domains who refuse to add either a SPF or DK signature.  With 
modern times, calls for modern security measures.  Upgrade or be left behind 
is what I think most mail admins should be doing.  We warned incoming 
clients, 1 year beforehand, who did not have a minimum of a SPF record and 
let them know that their domain will no longer talk with our mail server if 
they did not have one.  Virus activity went from an average of 45 
messages/hour to only 3 messages/hour.

Therefore, if you really need to protect your clients, It is not only that 
you need to put in an Anti-virus solution to work, you also need to start 
securing your mail server with modern recommendations to reduce the spread 
of the viruses as well.

The one thing I would really like to see is if ClamAV can run in service 
mode natively.  Then I would not need to login the machine after a restart 
to start up the dos batch file to keep it up and running.

 



More information about the clamav-win32 mailing list