[clamav-users] wget blocks - was Re: ClamAV 0.105 release candidate

[Joel Esler]

> On Mar 16, 2022, at 10:55 AM, Andrew C Aitchison <andrew at aitchison.me.uk> wrote:
> 
> On Wed, 16 Mar 2022, Joel Esler via clamav-users wrote:
>>> On Mar 16, 2022, at 5:35 AM, Gary R. Schmidt <grschmidt at acm.org <mailto:grschmidt at acm.org>> wrote:
>>> 
>>> On 16/03/2022 20:19, Christoph Moench-Tegeder via clamav-users wrote:
>>>> ## Joel Esler via clamav-users (clamav-users at lists.clamav.net <mailto:clamav-users at lists.clamav.net>):
>>>>> Can’t use wget.
>>>> Looks like "can't use anything which doesn't look like a web browser",
>>>> as BSD fetch hits the 403, too.
>>>> That's a major PITA on the BSD side (just like openSuse), but it
>>>> was working just fine at the time of the 0.104.2 release (and all
>>>> the time prior to that). Is there any reason behind making the source
>>>> (not talking about the database files) inaccessible like that?
>>> 
>>> Hanlon's Razor: "Never attribute to malice what can be adequately explained by neglect, ignorance, or incompetence."
>>> 
>>> With the added FLOSS variant, "or trying to show just how much smarter they are than everybody else.”
>> 
>> It was done because there are people that download the entire ClamAV package from the same every every 1 minute and do a complete reinstall.
> 
> I still do not understand why rate limiting failed to solve this issue.
> Was the problem technical or did policy mean it couldn't be used ?

Rate limiting mitigated it.  It didn’t stop it.  Data transfer is expensive.  ClamAV is funded out of a larger budget, so expenses must be minded.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20220316/d3f9d36e/attachment.htm>