1 (edited by posa68 2013-09-28 07:17:41)

Topic: Problem receive/send

==== Required information ====
- iRedMail version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):
- Linux/BSD distribution name and version:
- Related log if you're reporting an issue:
====

Hi I'm on centos, latest iredmail.
I have trouble to send and receive mail, I have serious error in maillog involving amavis and clamav:

Sep 27 22:14:43 posta postfix/smtpd[8193]: disconnect from unknown[62.129.232.247]
Sep 27 22:14:44 posta amavis[8053]: (08053-04) (!)ClamAV-clamd: Can't connect to UNIX socket /tmp/clamd.socket: No such file or directory, retrying (2)
Sep 27 22:14:45 posta amavis[8052]: (08052-05) (!)ClamAV-clamd: Can't connect to UNIX socket /tmp/clamd.socket: No such file or directory, retrying (2)
Sep 27 22:14:50 posta amavis[8053]: (08053-04) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /tmp/clamd.socket (Can't connect to UNIX socket /tmp/clamd.socket: No such file or directory) at (eval 104) line 373.\n
Sep 27 22:14:50 posta amavis[8053]: (08053-04) (!!)WARN: all primary virus scanners failed, considering backups
Sep 27 22:14:50 posta amavis[8053]: (08053-04) (!)run_av (ClamAV-clamscan) FAILED - unexpected exit 2, output="WARNING: Ignoring deprecated option --disable-summary\nERROR: Option --tempdir requires a non-empty string argument\nERROR: Can't parse command line options"
Sep 27 22:14:50 posta amavis[8053]: (08053-04) (!)ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan unexpected exit 2, output="WARNING: Ignoring deprecated option --disable-summary\nERROR: Option --tempdir requires a non-empty string argument\nERROR: Can't parse command line options" at (eval 104) line 594.
Sep 27 22:14:50 posta amavis[8053]: (08053-04) (!!)TROUBLE in check_mail: virus_scan FAILED: AV: ALL VIRUS SCANNERS FAILED
Sep 27 22:14:50 posta amavis[8053]: (08053-04) (!)PRESERVING EVIDENCE in /var/amavis/tmp/amavis-20130927T221443-08053
Sep 27 22:14:50 posta postfix/smtp[8152]: 096681F6800C: to=<xxx@xxx.it>, relay=127.0.0.1[127.0.0.1]:10024, delay=7.2, delays=0.05/0/0/7.2, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=08053-04, virus_scan FAILED: AV: ALL VIRUS SCANNERS FAILED (in reply to end of DATA command))
Sep 27 22:14:51 posta amavis[8052]: (08052-05) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /tmp/clamd.socket (Can't connect to UNIX socket /tmp/clamd.socket: No such file or directory) at (eval 104) line 373.\n
Sep 27 22:14:51 posta amavis[8052]: (08052-05) (!!)WARN: all primary virus scanners failed, considering backups
Sep 27 22:14:51 posta amavis[8052]: (08052-05) (!)run_av (ClamAV-clamscan) FAILED - unexpected exit 2, output="WARNING: Ignoring deprecated option --disable-summary\nERROR: Option --tempdir requires a non-empty string argument\nERROR: Can't parse command line options"
Sep 27 22:14:51 posta amavis[8052]: (08052-05) (!)ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan unexpected exit 2, output="WARNING: Ignoring deprecated option --disable-summary\nERROR: Option --tempdir requires a non-empty string argument\nERROR: Can't parse command line options" at (eval 104) line 594.
Sep 27 22:14:51 posta amavis[8052]: (08052-05) (!!)TROUBLE in check_mail: virus_scan FAILED: AV: ALL VIRUS SCANNERS FAILED
Sep 27 22:14:51 posta amavis[8052]: (08052-05) (!)PRESERVING EVIDENCE in /var/amavis/tmp/amavis-20130927T221443-08052
Sep 27 22:14:51 posta postfix/smtp[8064]: D2CC21F6800D: to=<xxx@xxx.it>, relay=127.0.0.1[127.0.0.1]:10024, delay=7.3, delays=0.17/0/0/7.1, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=08052-05, virus_scan FAILED: AV: ALL VIRUS SCANNERS FAILED (in reply to end of DATA command))

How can I solve this?
The machine is working well about 2 years from now...

If I try to manually start clamd:

[root@posta ~]# service clamd restart
Stopping Clam AntiVirus Daemon:                            [FALLITO]
Starting Clam AntiVirus Daemon: ERROR: Can't open /var/log/clamav/clamd.log in append mode (check permissions!).
ERROR: Can't initialize the internal logger
                                                           [FALLITO]

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Problem receive/send

I solve for the moment deleting file /var/log/clamav/clamd.log, create a new one with touch and chmod to clam, then restart manually: service clamd restart.
SAME thing with freshclam (same error on freshclam log file).

I don't understand why this happened, in a stable and working server...

3

Re: Problem receive/send

Did you enable EPEL yum repository to upgrade ClamAV?
ClamAV packages in EPEL are different from the one installed by iRedMail-0.8.4 and earlier releases, but we use EPEL by default in iRedMail-0.8.5.

4

Re: Problem receive/send

Yes it seems so:

[root@mail ~]# yum repolist
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mi.mirror.garr.it
* epel: ftp-stud.hs-esslingen.de
* extras: mi.mirror.garr.it
* updates: mi.mirror.garr.it
repo id               repo name                                           status
base                  CentOS-5 - Base                                     2770
epel                  Extra Packages for Enterprise Linux 5 - i386        6040
extras                CentOS-5 - Extras                                    276
iRedMail              iRedMail                                             179
iRedMail-Dovecot-12   iRedMail-Dovecot-12                                   17
newrelic              New Relic packages for Enterprise Linux 5 - i386       5
updates               CentOS-5 - Updates                                   508
repolist: 9795

5 (edited by raystrach 2016-01-13 16:07:26)

Re: Problem receive/send

just an update on this post which i came to as a result of searching for the very same error (now 2016).

other posts on this site lead me to believe that the owner of clamd.log was clam:clam

this does not appear to be the case at least in iredmail version 0.8.6.

i am not sure when it happened (probably when i ran a yum update recently) but the new log file (which was empty) had a permissions problem.

i deleted the file and reused an old log file - not great practice i know.

in any case clamd restarted without a problem. i then ran

ls -lh /var/log/clamav/clamd.log

and got the output

-rw-r--r-- 1 amavis amavis 10K Jan 13 07:26 /var/log/clamav/clamd.log

so it appears that amavis owns the file

i then put the old log file back and created a new clamd.log file  like this in the /var/log/clamav directory:

# touch clamd.log
# chmod 0755 clamd.log
# chown amavis:amavis clamd.log
# service clamd restart
Stopping Clam AntiVirus Daemon:                            [  OK  ]
Starting Clam AntiVirus Daemon:                              [  OK  ]

it is now all working ok.

hope this helps someone

rs

*************************************************
UPDATE
*************************************************

i just checked another iredmail server that i am running (0.9.1) and noticed that clamd had stopped as well, although on restart it fired up ok without the errors of the other system.

i also noticed that the ownership of the clamd.log file there was clam:clam.

so as a result take my advice above with extreme caution.

i would be checking the permissions of the old log files first before taking any action.

rs