HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Server Operation (http://www.howtoforge.com/forums/forumdisplay.php?f=5)
-   -   Amavis + ClamAV Problem (http://www.howtoforge.com/forums/showthread.php?t=23983)

m61 7th June 2008 22:50

Amavis + ClamAV Problem
 
I followed the 'Perfect Server - Debian Etch' guide, and added the Amavis + ClamAV spam filtering guide, and everything worked awesome up until about a week ago. Now I have two processes each tacking 49% of my CPU power (Amavis using ClamAV) and nightly emails (pflogsum, mysql stats, etc) don't get through. In my inbox of my "root" user, I get "Undelivered Mail Returned to Sender" with a big long message
Code:

<root@killer.hitmenforhire.com> (expanded from <root>): host
127.00.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=31815-041,
virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd
av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd/ctl
(Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or
directory) at (eval 44) line 268.; ClamAV-clamscan av-scanner FAILED:
/usr/bin/clamscan timed out at (eval 44) line 462. (in reply to end of DATA
command)

Like I said above, everything worked great until about a week, maybe a week and a half ago and I haven't changed anything (it just sits under my desk chugging along doing what it's supposed to do).

Any ideas?

falko 8th June 2008 12:52

Please restart Clamd.

m61 8th June 2008 20:31

restarted clam, nothing changes
attempted to restart amavis [in the theory that amavis calls clam], could not restarts, just sits at "stopping amavis:", no failed, nothing
attempted to restart postfix, error
restarted machine, still have two processes of clam running taking up 49% each

falko 9th June 2008 12:28

What's the output of
Code:

ls -la /var/run/clamav/clamd/
?

m61 9th June 2008 20:40

Code:

# ls -la /var/run/clamav/clamd/
ls: /var/run/clamav/clamd/: No such file or directory

upon that, ran this:
Code:

# updatedb
# locate clamd
/etc/clamav/clamd.conf
/usr/bin/clamdscan
/usr/sbin/clamd
/usr/share/doc/clamav-base/examples/clamd.conf
/usr/share/doc/clamav/examples/clamdmon
/usr/share/doc/clamav/examples/clamdmon/clamdmon-1.0.tar.gz
/usr/share/doc/clamav/examples/clamdwatch
/usr/share/doc/clamav/examples/clamdwatch/clamdwatch.tar.gz
/usr/share/man/man1/clamdscan.1.gz
/usr/share/man/man5/clamd.conf.5.gz
/usr/share/man/man8/clamd.8.gz
/var/lib/ucf/cache/:etc:clamav:clamd.conf


falko 10th June 2008 14:40

Please try this:
Code:

mkdir -p /var/run/clamav/clamd/
Restart clamd afterwards.

m61 10th June 2008 16:48

ran it, no errors, restarted clam, no errors

now i have 3 process each taking up 30-ish%
top output:
Code:

19372 amavis    25  0 19032  13m 1076 R 31.6  2.7  0:34.17 clamscan
12996 clamav    25  0 31572  25m  516 R 29.9  5.0  8:54.84 clamd
19371 amavis    25  0 19036  13m 1076 R 29.9  2.7  0:34.31 clamscan


m61 11th June 2008 02:30

don't know what happened, but as of now, i have emails in my inbox and no processor load. i'll find out more in the morning after all the cron jobs run

m61 11th June 2008 20:02

well, it's the next morning, i have 0 emails in my inbox and have the same two processes running, amavis calling clamscan
Code:

11688 amavis    25  0 19444  13m 1076 R 49.9  2.8  0:45.52 clamscan
11689 amavis    25  0 19440  13m 1076 R 49.9  2.8  0:45.52 clamscan


falko 12th June 2008 14:50

What's the output of
Code:

ls -la /var/run/clamav/clamd/
now?


All times are GMT +2. The time now is 20:58.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.