Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 25th January 2010, 10:30
prisfeo prisfeo is offline
Member
 
Join Date: Jan 2010
Posts: 37
Thanks: 3
Thanked 2 Times in 2 Posts
Default amavis & clamav - strange behaviour?! misconfiguration ?

hi i am newbie here
i have installed perfectly without any errors or warnings ISP 3.0.1.6 onto Centos 5.4 server; following the perfect related guide at your site!

i have tested sending a virus message(eicar test file attached) to a test user @ domain newly created inside ispconfig in order to check spam/virus detections;
well, seeing /var/log/maillog i can see virus is correctly detected and blocked
("Blocked INFECTED (Eicar-Test-Signature)")
but a line log before i see:

"amavis[31018]: (31018-03) (!!)WARN: all primary virus scanners failed, considering backups"

(i have removed my sensible server data name)

so i have goggled for a solution ad i saw it is related to privileges of user "clamav" in relation to amavis group..
so i checked, but user "clamav" is correctly already a member of "amavis" group;
so i checked the socket configuration:
in /etc/clamd.conf
-> LocalSocket /var/run/clamav/clamd.sock

and /etc/amavisd/amavisd.conf
->
# ### http://www.clamav.net/
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],


and you can see that they match.

..so where is the problem ?
..
another "wrong" thing is that in /var/log/maillog
i saw the system tries to send email from=<virusalert@example.com>
but i have configured in ispconfig mydomain that is not "example.com"
if i check /etc/amavisd/amavisd.conf
i can see:
$mydomain = 'websites.nameofmydomain.it'; # a convenient default for other settings

so it is correct!
but i have discovered another configuration file in /etc:
/etc/amavisd.conf
and inside it there is:
$mydomain = 'example.com'; # a convenient default for other settings

so it seems,
there are two amavis configuration files ..so my question is:
what configuration file is used from ispconfig and by the server ?

in addition, i saw that (obviously i think)
in "second" amavis config file: /etc/amavisd.conf
the "clamav" related configuration is all commented


thanks in advance..,
bye,
prisfeo.

p.s.: forgive my poor english, i am not english.

Last edited by prisfeo; 25th January 2010 at 11:20.
Reply With Quote
Sponsored Links
 

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Amavis + ClamAV Problem m61 Server Operation 11 18th June 2008 19:24
ProFTPD - Strange behaviour - double config? skara Server Operation 4 19th September 2007 15:15
CLAMAV & amavis updating problem herbie Server Operation 0 15th February 2007 23:03
Postfix + Amavis + SpamAssassin + ClamAV michele HOWTO-Related Questions 4 1st July 2006 14:36
Strange Behaviour ratebri General 2 30th November 2005 11:57


All times are GMT +2. The time now is 16:53.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.