bypass_decode_parts and clamd

Mark Martinec Mark.Martinec+amavis at ijs.si
Mon Feb 27 17:14:48 CET 2012


Andrea,

> I'm migrating from Sendmail+MIMEdefang to Postfix+Amavisd (both with
> SpamAssassin and ClamAV).
> 
> I read about enabling bypass_decode_parts if clamd is used for better
> performance. I don't use the banned filename checks.
> 
> Is it correct? Which is the best practice?

Yes, it is correct. Setting the:

  $bypass_decode_parts = 1;
 @decoders = ();

makes sense if you trust your virus scanners are capable of decoding most
archive formats and are capable of defenging themselves against mail bombs,
*and* you have no need for information on mail structure, which is used
by banned filename checks.

> Which is the best practice?

Hard to say, both approaches have their merits.

The performance is probably the least important decision factor here,
especially if you have spam scanning enabled which is typically much
slower than decoding. Deciding whether to better trust decoders as used
by amavisd, or the ones implemented in a virus scanner is more important
in my view.

  Mark


More information about the amavis-users mailing list