From b10e4ec2bc7b74e062939d573cf9e93a9a939890 Mon Sep 17 00:00:00 2001 From: Todd Lyons Date: Wed, 9 Oct 2013 08:48:39 -0700 Subject: [PATCH] Documentation for multiple TCP clamd servers --- doc/doc-docbook/spec.xfpt | 16 ++++++++++++++++ doc/doc-txt/ChangeLog | 2 ++ src/ACKNOWLEDGMENTS | 1 + src/README.UPDATING | 3 +++ 4 files changed, 22 insertions(+) diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt index 0d539b095..2598bc89e 100644 --- a/doc/doc-docbook/spec.xfpt +++ b/doc/doc-docbook/spec.xfpt @@ -29637,6 +29637,7 @@ number, and a port, separated by space, as in the second of these examples: av_scanner = clamd:/opt/clamd/socket av_scanner = clamd:192.0.2.3 1234 av_scanner = clamd:192.0.2.3 1234:local +av_scanner = clamd:192.0.2.3 1234 : 192.0.2.4 1234 .endd If the value of av_scanner points to a UNIX socket file or contains the local keyword, then the ClamAV interface will pass a filename containing the data @@ -29645,6 +29646,21 @@ more efficient. Normally in the TCP case, the data is streamed to ClamAV as Exim does not assume that there is a common filesystem with the remote host. There is an option WITH_OLD_CLAMAV_STREAM in &_src/EDITME_& available, should you be running a version of ClamAV prior to 0.95. + +The final example shows that multiple TCP targets can be specified. Exim will +randomly use one for each incoming email (i.e. it load balances them). Note +that only TCP targets may be used if specifying a list of scanners; a UNIX +socket cannot be mixed in with TCP targets. If one of the servers becomes +unavailable, Exim will try the remaining one(s) until it finds one that works. +When a clamd server becomes unreachable, Exim will log a message. Exim does +not keep track of scanner state between multiple messages, and the scanner +selection is random, so the message will get logged in the mainlog for each +email that the down scanner gets chosen first: +.code +2013-10-09 14:30:39 1VTumd-0000Y8-BQ malware acl condition: clamd:\ + connection to localhost, port 3310 failed (Connection refused) +.endd + If the option is unset, the default is &_/tmp/clamd_&. Thanks to David Saez for contributing the code for this scanner. diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index eb7b75572..384cf9755 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -250,6 +250,8 @@ TL/16 Bugzilla 1289 - Clarify host/ip processing when have errors looking up a hostname or reverse DNS when processing a host list. Used suggestions from multiple comments on this bug. +TL/17 Bugzilla 1057 - Multiple clamd TCP targets patch from Mark Zealey. + Exim version 4.80.1 ------------------- diff --git a/src/ACKNOWLEDGMENTS b/src/ACKNOWLEDGMENTS index 4bcf455f8..1c4a93445 100644 --- a/src/ACKNOWLEDGMENTS +++ b/src/ACKNOWLEDGMENTS @@ -455,6 +455,7 @@ Moritz Wilhelmy Pointed out PCRE_PRERELEASE glitch Alain Williams Patch supporting MySQL stored procedures Mark Zealey Patch updating $message_linecount for maildir_tag Patch improving spamd server selection + Patch to allow multiple TCP clamd servers Packagers diff --git a/src/README.UPDATING b/src/README.UPDATING index 0a7811281..8b39848b4 100644 --- a/src/README.UPDATING +++ b/src/README.UPDATING @@ -37,6 +37,9 @@ Exim version 4.82 unnecessary serialisation and load. External tools tracking the state of Exim by the hints databases may need modification to take this into account. + * The av_scanner option can now accept multiple clamd TCP targets, all other + setting limitations remain. + Exim version 4.80 ----------------- -- 2.30.2