Given that the PhishTank signatures, specifically, have been causing the performance issues, no. It's not unreasonable to want to pull them, and only them, out. Having them in a separate db file would be highly beneficial to those of us that don't want or need them at all. Barring that, having a configuration option to disable them that is separate from heuristics and safebrowsing would be just as effective.

--Maarten

On Sat, Apr 6, 2019 at 10:43 AM Matus UHLAR - fantomas <uhlar@fantomas.sk> wrote:

On 05.04.19 22:05, Tim Hawkins wrote:
>Does clamav partition the database so that signatures that are mainly associated with email scanning can be dropped out for folks only needing filesystems scans, none of our systems use email, and we dont make use of the mailer extension.

how do you imagine e-mails are scanned, when not as files?
it's not usually efficient to pass them to clamav through a socket, it's
better to store them locally and pass a file descriptor...

>Having to load all the email focused signatures could as you have observed impact performance.

I doubt so.

--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
On the other hand, you have different fingers.

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml