Yang Xiao wrote:
Hi,
Is anyone using ClamAV in a production environment? How does it stack
up against the commecial Anti-Virus programs such as symantec etc... I
want to setup and spam filter with vuirus scan on FC2, but have some
reservations on using a free software antivirus product because I have
no idea whether their virus defnitions are good and up to date.
Many Thanks,
I use ClamAV in a fairly large production environment (three outgoing
servers, four incoming servers) serving 10,000 domains and 120,000
accounts.
I currently have ClamAV 0.80j running along with automatic freshclam
updates and clamd. Each server has its own copy of clamd so they don't
cross-pollinate, but a single clamd on a main server was also used. In
general, we handle between 6M and 12M messages a day (yes, that's
"million" with an "m"). This is all done with open-source software
(sendmail, procmail, ClamAV, OpenLDAP) and one custom-written package on
P4 SMP FC1 machines. We intend to move to FC2 fairly soon, and possibly
on SMP Opterons if I can convince the "powers that be" that it would be
a "good thing".
For the most part, I'm very happy with ClamAV. One of the fun things
to do is watch the logs roll by and grep for "detected". It's
frightening how many worms and virii attempts go on. We average about
100 attempts per hour--more if a new variant comes out. Yes, ClamAV
gets a workout with us and it's not failed yet. I give ClamAV my vote.
For spam, take a look at Bogofilter. I've found that things such as
spam-asassin don't scale well when you have traffic levels like we do
(perl-based code just isn't fast enough in our experience).
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens@xxxxxxxxxxxxxxx -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- When in doubt, mumble. -
----------------------------------------------------------------------