Is it possible to disable clamAV at start?

[Kicey]

The clamAV using lots of server resources, and may have confict with other protector on the server. Is it possible to disable it when I start the container. Is there any way to config that?

[siarheidudko]

I had the same problem, I was running a container in a kubernetes cluster. The container either consumed almost 2GB of memory, or clamav went into an eternal reboot and the container began to consume more than one dedicated core. I tried many ways, in the end I just turned off the service.
/etc/supervisor/conf.d/clamav.conf

;
;This file is managed by iRedMail Team <[support@iredmail.org](mailto:support@iredmail.org)> with Ansible,
;please do __NOT__ modify it manually.
;

[program:clamav]
command=/usr/sbin/clamd -c /etc/clamav/clamd.conf --foreground
priority=999
startsecs=0
autostart=false
autorestart=false
stdout_syslog=true
stderr_syslog=true

Changes:

• priority 20->999 (lower)
• autostart true->false
• autorestart true->false

To save the changes, attach the modified configuration file to the container. An example for kubernetes:

apiVersion: apps/v1
kind: Deployment
metadata:
  namespace: iredmail-server
  name: iredmail
  labels:
    app: iredmail
spec:
  replicas: 1
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: iredmail
  template:
    metadata:
      labels:
        app: iredmail
    spec:
      containers:
        - name: iredmail
          image: iredmail/mariadb:stable
          env:
            - name: FIRST_MAIL_DOMAIN
              value: $YOUR_DOMAIN
            - name: FIRST_MAIL_DOMAIN_ADMIN_PASSWORD
              value: $YOUR_PASSWORD
            - name: HOSTNAME
              value: $YOUR_HOSTNAME
            - name: MLMMJADMIN_API_TOKEN
              value: $(openssl rand -base64 32)
            - name: ROUNDCUBE_DES_KEY
              value: $(openssl rand -base64 24)
          ports:
            - containerPort: 80
            - containerPort: 443
            - containerPort: 110
            - containerPort: 995
            - containerPort: 143
            - containerPort: 993
            - containerPort: 25
            - containerPort: 465
            - containerPort: 587
          resources: {}
          volumeMounts:
            - mountPath: /var/vmail/backup/mysql
              subPath: backup_mysql
              name: iredmail-data
            - mountPath: /var/vmail/vmail1
              subPath: vmail1
              name: iredmail-data
            - mountPath: /var/vmail/mlmmj
              subPath: mlmmj
              name: iredmail-data
            - mountPath: /var/vmail/mlmmj-archive
              subPath: mlmmj-archive
              name: iredmail-data
            - mountPath: /var/vmail/imapsieve_copy
              subPath: imapsieve_copy
              name: iredmail-data
            - mountPath: /opt/iredmail/custom
              subPath: custom
              name: iredmail-data
            - mountPath: /opt/iredmail/ssl
              subPath: ssl
              name: iredmail-data
            - mountPath: /var/lib/mysql
              subPath: mysql
              name: iredmail-data
            - mountPath: /var/lib/clamav
              subPath: clamav
              name: iredmail-data
            - mountPath: /var/lib/spamassassin
              subPath: spamassassin
              name: iredmail-data
            - mountPath: /var/spool/postfix
              subPath: postfix
              name: iredmail-data
            - mountPath: /opt/iredmail/ssl/cert.pem
              subPath: tls.crt
              name: iredmail-certs
            - mountPath: /opt/iredmail/ssl/key.pem
              subPath: tls.key
              name: iredmail-certs
            - mountPath: /opt/iredmail/ssl/combined.pem
              subPath: tls-combined.pem
              name: iredmail-certs
            - mountPath: /etc/supervisor/conf.d/clamav.conf
              subPath: configs/supervisor/clamav.conf
              name: iredmail-data
      hostname: localhost
      restartPolicy: Always
      volumes:
        - name: iredmail-data
          persistentVolumeClaim:
            claimName: iredmail
        - name: iredmail-certs
          secret:
            secretName: iredmail-certs

[Kicey]

@siarheidudko Thanks for your detailed answer. I turn to use mailu (I also suggest that to you), so I can't verify it.