I’ll be a little more kind, as this could be freshclam didn’t work maybe because of CGNAT and CloudFlare, and perhaps he’s troubleshooting with direct downloads.  My suggestion would be run "freshclam —debug”.  Heads up to the Clam team for really good logging on debug for showing such details going through SSL CAs, web transactions, et al…

CGNAT on ip4 wouldn’t surprise me, as I’ve personally seen issues with other CDNs, Netflix, Disney+, et al….

Sincerely,

Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300

On Jul 2, 2022, at 1:57 PM, G.W. Haywood via clamav-users <clamav-users@lists.clamav.net> wrote:

Hi Grant,

On Sat, 2 Jul 2022, Grant Taylor via clamav-users wrote:
On 7/2/22 7:50 AM, G.W. Haywood via clamav-users wrote:
Regular downloading of the entire daily database is not acceptable.

Please clarify what "regularly" means in this case?

I think Mr. Broekman has answered well enough, but I need to reply to
you because I don't want you to think I've ignored you, Grant.

Once a day / hour / week / month / other?

I don't know, it isn't my CDN.  But I did give a link for further
reading.  I think there's enough there for a reasonable man, and I
know you fit that description. :)

Regular just implies a cadence without specifying what that cadence is.

Yes, it does. :)

I understand that freshclam / cvupdate have some optimizations to
determine if an update is needed or not.

There's more to it than just whether or not an update is needed.

I fail to see how using chrome, et al., or anything other than
freshclam / cvupdate, with a weekly cadence will cause any problems
for any server, much less reputable CDN.
What am I not understanding?  Please clarify what problem(s) was
(were) caused.

To run a Content Delivery Network costs money.  Abuse of it costs a
lot of money unnecessarily - and there was chronic, egregious abuse.
In my view, the providers of ClamAV went *well* beyond the call of
duty before finally putting their metaphorical foot down.  If it had
been my own money, I would have been a lot less patient.

It isn't just the traffic.  There are processes hanging around waiting
for slow connections as well.  As of today, the daily file is around
185 Mbytes.  Downloading it here would take a quarter of an hour.  In
the past two months freshclam here has taken an average of 2.9 seconds
to download a diff file.  Scale that up to the global demand and it's
a factor of at least several hundred just on the process count.

When people download 185 Mbytes instead of downloading a few kilobytes
to get the same result it incurs very significant, unnecessary costs
which are borne by those who provide the data - free of charge - to
people who are routinely abusing the service.  And they've been asked
not to do it, so, well, it's just rude!

--

73,
Ged.
_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat