Disable ClamAV

Discussion in 'General' started by SamTzu, Aug 22, 2022.

  1. SamTzu

    SamTzu Active Member

    I'm tired of using large amounts of memory to check for Viruses.
    Is there an easy way to disable Clam but still keep Rspam running?
  2. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    How much RAM does it use? Did you schedule regular scans of your filesystem? Or?
  3. SamTzu

    SamTzu Active Member

    Normally ISPconfig uses about 1.5Gb of RAM. Clam DB takes almost a full Gb. If we disable Clam then the VM shouuld only need ~500Mb of memory. Working SPAM filter takes care of most Viruses anyway.
  4. SamTzu

    SamTzu Active Member

    With 10 containers running on host that's almost 10Gb of RAM wasted. With 100 containers... you do the math.
  5. SamTzu

    SamTzu Active Member

    Actually it looks like you can just decrase container memory (from 4) to 2Gb and Clam dies on its own. Mail still works fine without it.

    At the moment our ISPcontainers are only using ~500mb of RAM. (No swap.)
  6. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    You already know that its database need that much of ram and may be more in the future as viruses grows more and more but you may also know that you need clamav in order for your system to work properly.

    The closest one I found is to only load linux-specific definitions rather than all of them, which is discussed in the answer here: https://unix.stackexchange.com/a/685322. Linux only cvd size at that time was only 321KB which may be a little bit more now.

    If you find a way to only load that instead of everything into the memory, it might reduced it usages without reducing its speed and efficiency in scanning for viruses. But to extract linux only cvd on each update will require a very good scripting implementation so that it will work when use.

    Just few cents of thought that may be or may not be worth it.
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    2GB should be enough RAM even if you run ClamAV. Maybe your system lacks a swap drive?
  8. SamTzu

    SamTzu Active Member

    Nested Proxmox using ZFS. A lot more flexible and secure. None of the KVM Proxmox's (that only have LXC containers) have a SWAP. The hosts handle that. When one of the KVM hosts "dies" it wont kill the HardWare host (usually.) It also allows a LOT more control and flexibility to move stuff around. Only problem is that ZFS uses a LOT of RAM.
  9. SamTzu

    SamTzu Active Member

    OpenSource "Proxmox" also has the OpenSource "Proxmox Mail Gateway" that only took me 1min to setup. I can't believe it took me years to come around trying it. (Buying support license is optional.) I love it. Easiest way to secure your email (as long as it's on different HardWare than the email server.) All you really need is go to the "Configuration" | Mail Proxy and name your "Default Relay" ie. your email server. Then you can add as many "Relay Domains" as you have customer domains. That's it. Don't forget to modify your DNS MX records. I have been testing it over a month now and only negative thing about it is that it does not use RspamD. (So far.)
    Last edited: Sep 2, 2022

Share This Page