[Pkg-clamav-devel] Bug#521661: Bug#521657: Rationale for specific debconf questions?

Török Edwin edwintorok at gmail.com
Sat Apr 17 14:11:34 UTC 2010 

On 04/17/2010 04:35 PM, Michael Tautschnig wrote:
> Hi Edwin,
>
> You requested that a few more debconf questions be added. Could you give a
> rationale why you would precisely want those additional questions? Note that we
> have nearly no questions for freshclam at the moment and lack most of the
> questions for clamd.

Hi Michael,

Sure, here are my thoughts:

1. The ScanMail question is outdated:
"It is recommended that you use a separate unpacker to extract any MIME 
parts of email messages if you want to scan email."
This is not the case since several years, ClamAV can extract MIME 
attachments.

"This option enables scanning mail contents for viruses.You need this 
option enabled if you want to use clamav-milter. "
This is true, but incomplete. You also need it if you want to scan mails 
for phishing.

You can either drop this question altogether, or remove the 
recommendation about MIME part scanning, and mention phishing.

2. *PUA questions
These change what the engine detects, much the same way as ScanMail 
changes it. If ScanMail stays I think *PUA should be added, if not dropped.
Although PUA has a rather specific use, and its better if the admin 
doesn't enable it if he doesn't know what it is.
So maybe it is better to not have it in debconf?

3. LogTime
This setting exists for both clamd and freshclam, but debconf only sets 
it for clamd. I think it should set it for freshclam too, no separate 
question is needed.

4. SubmitDetectionStats/DetectionStatsCountry
This would be a question like debian's popcon: do you want to submit 
stats or not?
There is now support for personal stats too (DetectionStatsHostID), but 
that probably shouldn't be part of debconf questions (it requires
the user to login using OpenID on www.stats.clamav.net and obtain an ID).

5. SafeBrowsing
It is an additional DB that users may want to use.

>
> As a rule of thumb, we would rather lower the number of questions instead of
> increasing them as configuration via config files seems to be easier anyway for
> both our users and us as package maintainers :-)

Well you can combine multiple questions into a single one.
For example one question for features:
  [*] ScanMail
  [*] ScanArchive
  [*] Bytecode
  [] SafeBrowsing
  [] PUA
....

[ OK ]  [ Back ] [ Help ]

Another question for stats in freshclam:
Do you want to submit detection statistics to the ClamAV website?

[ Yes ] [ No ] [ Help ]

[ Help ]

"When enabled freshclam will submit statistics to the ClamAV Project 
about the latest virus detections in your environment. The ClamAV 
maintainers will then use this data to determine what types of malware 
are the most detected in the field and in what geographic area they are.
This feature requires LogTime and LogFile to be enabled in clamd.conf.
If this installation is mainly used to scan data which comes from a 
different location, please enable DetectionStatsCountry.
If in addition you want to use "Personal Statistics" service, please 
visit www.stats.clamav.net, and follow the instructions"

^ and of course LogTime/LogFile should be enabled automatically, or you 
should refuse to enable stats if they are not.

Best regards,
--Edwin

More information about the Pkg-clamav-devel mailing list