Re: autoupdate confusion?
Jim Flowers <jflowers <at> EZO.NET>
2003-11-01 16:38:50 GMT
On Fri, 31 Oct 2003 17:58:02 +0000, Kevin Spicer <kevins <at> BMRB.CO.UK> wrote:
>You run update_virus_scanners as an hourly cron job (twice daily is way
>too infrequent), this calls the appropriate autoupdate script. In most
>cases the autoupdate script is a wrapper to the virus scanners own
>update mechanism (certainly true in the case of clam) which also creates
>a lock which prevents MailScanner trying to scan mail whilst the update
>is in progress.
I studied update_virus_scanners as a possible undocumented? solution but it
has a number of problems:
1. It expects virus_scanners.conf to have three fields; the one in my
distribution has only two. Without the PACKAGEDIR field, it will do
nothing as written.
2. If the PACKAGEDIR field is present, the x$1 test in the clamav-wrapper
program will fail as $1 is passed as PACKAGEDIR, not -IsItInstalled.
These are easy enough to fix for a shell hacker and even easier to just run
the freshclam wrapper directly, however, my question was really about
documentation of the intended operation.
As to the update frequency, I am really appreciative of the service that
the ClamAV folks provide as the only truly effective no-cost virus scanner
(at least that I have been able to find and qualify) so I don't like to
overdo it. My logs show that they infrequently update more than once a day
so I think that checking twice a day is sufficient. ClamAV currently traps
4.3% of all incoming mail as containing a known virus and as most of them