[clamav-users] We STILL cannot reliably get virus updates (since new mirrors)

Reindl Harald h.reindl at thelounge.net
Tue Jul 3 15:50:29 EDT 2018

Am 03.07.2018 um 18:28 schrieb Paul Kosinski:
> It's not a matter of using DNS TXT records, it's a matter of sourcing
> them on a *different* computer than the actual files. This separation
> virtually begs for synchronization problems.
it is!

simply because DNS knowns nothing about your selected mirror, at least a
smart setup would only propose a number in DNS which is just higher or
equal and don't tell what version on mirrors is expected

in case it's lower or equal nothing to at all

in case it's higher just figure out from the first mirror which is
available if his one is higher than the installed version, if that's the
case - fine, if not try another mirror and only mark mirrors as failed
if they don#t work at all and not just because they don#t have the
newest version at a specific point in time

and that is a brainstorming while write a reply with no intntion to
implement it - guess how fast, reliable and easy smart people could
implement a update without such out-of-sync issues at all

but again: just put the version in a always identical named file on the
mirror and look into that file instead all the silly http-header dieas
and what not - voila, you have the same as linux distributions but your
metadata are just a few bytes and they are sourced on the same computer
to use your wording

if a mirror can't stand the "load" of clients aksing for a static
textfile the mirror has to be thrown out anyways because it can't stand
real update load too

More information about the clamav-users mailing list