clamscan 100% CPU usage and multiple processes
Hi:
In the last week or so, our Tiger (v10.4.11) mail server has really slowed down delivery of its mail. I tried putting in more RAM (now at 1.5 GB) to no avail on our G4 867 PowerMac.
We have about 20 IMAP users and 10 POP users.
It appears that mail is not being processed fast enough by the built-in virus and spam checkers. And Activity Monitor tells me that the CPU is almost constantly at 100% usage. Thus, mail stacks up in the queue (up to as many as 300 messages to be delivered) with two-hour delivery delays while 30 users pound on the mail server for new mail.
Our junk mail/virus databases are updated twice a day.
I see lot of these types of error messages in mail.log:
Apr 3 11:33:01 mail2 postfix/qmgr[9789]: warning: qmgr activecorrupt: save corrupt file queue active id C50574A93D05: No such file or directory
The freshclam.log says:
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.88.5 Recommended version: 0.92.1
DON'T PANIC! Read http://www.clamav.net/faq.html
main.cvd is up to date (version: 45, sigs: 169676, f-level: 21, builder: sven)
WARNING: Current functionality level = 9, recommended = 21
Much of the time messages appear to be scanned successfully, but amavis.log occasionally says:
Apr 3 11:50:40 mail2 /usr/bin/amavisd[18621]: (18621-07) WARN: all primary virus scanners failed, considering backups
And Activity Monitor tells me that usually two copies of clamscan are running at the same time with different PIDs. (Occasionally only one copy is shown as running, but a second process quickly appears.) And that's what seems to push the CPU load to 100%
I've read on web that 100% CPU usage for clamscan is common. But what about the multiple processes?
This thread seems to be identical to mine:
Apple - Support - Discussions - clamscan 100% CPU ...
I'm keeping service running fairly well (today for the first time the queue hasn't climbed above 50 messages; largely because several users are on the road) by manually deleting obvious junk messages, thus speeding up delivery of legitimate mail. But I can't do this forever, obviously.
Anyone have any guidance for me? Will getting clamscan to run just once solve it? If so, how do I do that?
TIA
mm
In the last week or so, our Tiger (v10.4.11) mail server has really slowed down delivery of its mail. I tried putting in more RAM (now at 1.5 GB) to no avail on our G4 867 PowerMac.
We have about 20 IMAP users and 10 POP users.
It appears that mail is not being processed fast enough by the built-in virus and spam checkers. And Activity Monitor tells me that the CPU is almost constantly at 100% usage. Thus, mail stacks up in the queue (up to as many as 300 messages to be delivered) with two-hour delivery delays while 30 users pound on the mail server for new mail.
Our junk mail/virus databases are updated twice a day.
I see lot of these types of error messages in mail.log:
Apr 3 11:33:01 mail2 postfix/qmgr[9789]: warning: qmgr activecorrupt: save corrupt file queue active id C50574A93D05: No such file or directory
The freshclam.log says:
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.88.5 Recommended version: 0.92.1
DON'T PANIC! Read http://www.clamav.net/faq.html
main.cvd is up to date (version: 45, sigs: 169676, f-level: 21, builder: sven)
WARNING: Current functionality level = 9, recommended = 21
Much of the time messages appear to be scanned successfully, but amavis.log occasionally says:
Apr 3 11:50:40 mail2 /usr/bin/amavisd[18621]: (18621-07) WARN: all primary virus scanners failed, considering backups
And Activity Monitor tells me that usually two copies of clamscan are running at the same time with different PIDs. (Occasionally only one copy is shown as running, but a second process quickly appears.) And that's what seems to push the CPU load to 100%
I've read on web that 100% CPU usage for clamscan is common. But what about the multiple processes?
This thread seems to be identical to mine:
Apple - Support - Discussions - clamscan 100% CPU ...
I'm keeping service running fairly well (today for the first time the queue hasn't climbed above 50 messages; largely because several users are on the road) by manually deleting obvious junk messages, thus speeding up delivery of legitimate mail. But I can't do this forever, obviously.
Anyone have any guidance for me? Will getting clamscan to run just once solve it? If so, how do I do that?
TIA
mm
Mac OS X (10.5.2)
