1

Topic: ClamAV problems

This morning I came in to a non-functioning mail server. After a little digging, ClamAV "updated" its database to a corrupt one, and refuses to start.

I removed the offending /var/lib/clamav/daily.cld, and it all comes back up. Good!  Except when I run a freshclam (Either manually or automatically) the database gets "updated" to the corrupt one again... Seems the new database is corrupt, and if that's the case, I can't imagine I'm the only one having that problem?

Needless to say that's not acceptable...  So the question I have is, how do I fix this problem, by either:
- Fix the database once and for all (I have a feeling this is up to the clamav people, but you never know)
or
- Prevent freshclam from running and corrupting the database again (I did stop the clamav-freshclam daemon. Is that enough?)
or
- Take clamav out of the whole system so it won't bring down the server?

2

Re: ClamAV problems

Hello Caliban.

You are not the one. There are a lot of people with same problem (me too).
You only have to upgrade de clamav packets.
In debian lenny there are not packet still, but you can get from debian volatile project:
deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free
And then:

aptitude update
aptitude safe-upgrade
/etc/init.d/amavis restart

3

Re: ClamAV problems

Thanks Sysdebian!

This is absurd... what gives them the right to take down my server whenever they feel like it?  I can not live with a mail server that can die at any moment at someone else's grace...

But, if this is the way they are going to do things, I think I prefer to not use Calmav at all, and have a reliable system instead.  I'll do my virus scanning on the user end.

What's the best way to remove it? just remove the package will break amavis I'm sure. I don't feel very confident with amavis yet:)

Thanks again,
Peter

4

Re: ClamAV problems

Here you can find how to disable it:
http://code.google.com/p/iredmail/wiki/Admin_Guide

5

Re: ClamAV problems

Ah, nice and simple. Thanks!

6 (edited by Snaky 2010-04-20 15:47:09)

Re: ClamAV problems

The Error is not with debian, it is with iredmail in this case.

It was announced a long time ago that clamav will change the signatures to an incompatible format to force admins to upgrade the clamav on their systems - clamav as a virus scanner has to stand many attacks and is therefore updated very often.

On a solid email system on debian it is best to check if this was inserted in your sources.list:

deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free

if this was not there, ask the admin who did the install, why he left this most important piece out.

7

Re: ClamAV problems

Thanks Snaky, i updated installation guide and uses http://volatile.debian.org/debian-volatile now.