Virus scan + removal on a mdbox mail storage

David Pottage david at chrestomanci.org
Fri Feb 22 18:06:51 EET 2019


On 2019-02-21 22:14, Christoph Haas via dovecot wrote:

>>> NO! My mail storage is mdbox. And at the moment I have no intention 
>>> to
>>> convert it to Maildir!
>> Could I ask why? maildir is a better storage format is almost every 
>> respect.
> 
> well, I have a mailbox with about 50k emails ..., so one reason seems
> to me better backup performance with mdbox, since there are much less
> files to save.

Assuming that you backup regularly then maildir is much better, because 
new emails show up as new files, while old ones are left unchanged. This 
means that an incremental backup only has to process new emails. With 
mailbox, the file for the entire folder changes every time a new email 
is delivered or the user edits any of them, so the whole mailbox needs 
to be backed up again, resulting in far more I/O and time.

The main disadvantage that I have heard is that maildir consumes a lot 
of inodes, but you can fix that by formatting your filesystem with more 
to begin with. The ext4 default is 16k per inode, but it is easy to set 
a different value when you format, or use an FS that does not suffer 
from that limitation such as XFS, (I use btrfs so I can snapshot my 
maildir)

> [...]
>> For my day job I work for Sophos (A cyber security vendor), so all  
>> this is familiar to me. If you have the budget for a commercial  
>> product, then Sophos PureMessage does have postfix support.  Technical 
>> details here:
>> 
>> https://docs.sophos.com/msg/pmx/help/en-us/msg/pmx/tasks/GSGConfigExtPostfixConfig.html
>> 
>> Other AV vendors probably have similar support, but I don't know any 
>> details.
>> 
>> -- David Pottage
> 
> I know about Sophos. Since my infrastructure is only for me and my
> family, I'll use the SAV9-free package ... and will try to integrate
> this with Postfix or AmaVisd.

I am not certain, but I think the free versions of Sophos won't work as 
an email filter to avoid taking sales of the comercal product. I think 
you may have to stick with ClamAV, and just use Sophos on your 
endpoints.

-- 
David Pottage




More information about the dovecot mailing list