Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Tips/Tricks/Mods

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 31st March 2011, 20:51
filipealvarez filipealvarez is offline
Member
 
Join Date: Apr 2009
Posts: 34
Thanks: 0
Thanked 1 Time in 1 Post
Default How to disable Clamav or Spamassassin check in amavis?

Hi everyone, I have a necessity to disable antivirus checks in amavis but I saw /etc/amavis/conf.d files but without success.

Can anyone help me?

Thanks
Reply With Quote
Sponsored Links
  #2  
Old 1st April 2011, 09:06
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 35,778
Thanks: 821
Thanked 5,333 Times in 4,184 Posts
Default

Uninstall clamav and restart amavisd.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 9th April 2011, 20:08
esmiz esmiz is offline
Member
 
Join Date: Dec 2009
Posts: 44
Thanks: 4
Thanked 3 Times in 3 Posts
Default

Hi Till

By the way. You wrote a great howto last year about this subject.

http://www.faqforge.com/linux/contro...n-ispconfig-3/

Thank you it's been very useful indeed, but I have always wondered if there is any reason why you do not disable spamassasin aswell ?

Regards
Reply With Quote
  #4  
Old 11th April 2011, 10:37
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 35,778
Thanks: 821
Thanked 5,333 Times in 4,184 Posts
Default

ISPConfig uses amavis (which internally uses the spamassassin libraries) and not spamassassin, so disabling amavis as described in the FAQ disables the spamfilter and antivirus filter.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
The Following User Says Thank You to till For This Useful Post:
esmiz (11th April 2011)
  #5  
Old 11th April 2011, 12:24
esmiz esmiz is offline
Member
 
Join Date: Dec 2009
Posts: 44
Thanks: 4
Thanked 3 Times in 3 Posts
Default

Hi Till

Thanks for your answer.
After following the FAQ, I do still have spamassassin running in the background.

Code:
server:~# ps aux | grep spamd
root      2079  0.0  2.1 106068 43648 ?        Ss   Mar23   5:11 /usr/sbin/spamd --create-prefs --max-children 5 --helper-home-dir -d --pidfile=/var/run/spamd.pid
root      2657  0.0  0.0   6588   780 pts/0    S+   12:08   0:00 grep spamd
root      3001  0.0  2.0 106068 41572 ?        S    Mar23   0:02 spamd child
root      3004  0.0  2.0 106068 41572 ?        S    Mar23   0:01 spamd child
server:~#
Is this normal, or do I have a misconfigured server?
If it is not going to be used, I guess it should be safe to stop in order to save some resources.

Code:
/etc/init.d/spamassassin stop
Regards
Reply With Quote
  #6  
Old 11th April 2011, 13:12
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 35,778
Thanks: 821
Thanked 5,333 Times in 4,184 Posts
Default

Quote:
Is this normal, or do I have a misconfigured server?
This is spamd not from ispconfig. You can disable it.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #7  
Old 11th April 2011, 14:12
esmiz esmiz is offline
Member
 
Join Date: Dec 2009
Posts: 44
Thanks: 4
Thanked 3 Times in 3 Posts
Default

Thanks for the answer.

Disabling spamassasin seems to free up to 44 MB of ram in my server.

Regards
Reply With Quote
  #8  
Old 3rd January 2012, 20:45
cbj4074 cbj4074 is offline
Senior Member
 
Join Date: Nov 2010
Posts: 392
Thanks: 29
Thanked 58 Times in 50 Posts
Default

I use Amavis and was looking to disable ClamAV, but not SpamAssassin.

First, I tried stopping the ClamAV service, but the following messages appeared in /var/log/mail.log:

Code:
amavis[3188]: (03188-16) (!)ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: 2, retrying (2)
amavis[3188]: (03188-16) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 117) line 373.\n
amavis[3188]: (03188-16) (!!)WARN: all primary virus scanners failed, considering backups
Needless to say, I didn't want these messages in my log, even though Amavis appeared to function OK despite them.

So, I tried this approach next:

Quote:
Originally Posted by till View Post
Uninstall clamav and restart amavisd.
But /var/log/mail.log began filling-up with these similar but slightly longer messages:

Code:
amavis[14163]: (14163-01) (!)ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: 2, retrying (2)
amavis[14163]: (14163-01) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 117) line 373.\n
amavis[14163]: (14163-01) (!!)WARN: all primary virus scanners failed, considering backups
amavis[14163]: (14163-01) (!!)TROUBLE in check_mail: virus_scan FAILED: AV: ALL VIRUS SCANNERS FAILED
amavis[14163]: (14163-01) (!)PRESERVING EVIDENCE in /var/lib/amavis/tmp/amavis-20120103T111031-14163
Next, I tried what seemed to be a "proper fix", per http://opensource.apple.com/source/a.../amavisd.conf:

Quote:
# COMMONLY ADJUSTED SETTINGS:

# @bypass_virus_checks_maps = (1); # uncomment to DISABLE anti-virus code
So, I un-commented the following lines in /etc/amavis/conf.d/15-content_filter_mode:

Code:
#@bypass_virus_checks_maps = (
#   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
and restarted Amavis:

Code:
service amavis restart
Well, this still didn't do the job. The same messages continued to appear in the mail log.

So, as a last resort, I commented-out the following lines (the lines with ##) in /etc/amavis/conf.d/15-av_scanners:

Code:
### http://www.clamav.net/
## ['ClamAV-clamd',
##   \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
##   qr/\bOK$/m, qr/\bFOUND$/m,
##   qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
# NOTE: run clamd under the same user as amavisd, or run it under its own
#   uid such as clamav, add user clamav to the amavis group, and then add
#   AllowSupplementaryGroups to clamd.conf;
# NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in
#   this entry; when running chrooted one may prefer socket "$MYHOME/clamd".
and, again, restarted Amavis.

I was shocked to find the following in the log, still:

Code:
amavis[17441]: (17441-01) (!!)WARN: all primary virus scanners failed, considering backups
amavis[17441]: (17441-01) (!!)TROUBLE in check_mail: virus_scan FAILED: AV: NO VIRUS SCANNERS AVAILABLE
amavis[17441]: (17441-01) (!)PRESERVING EVIDENCE in /var/lib/amavis/tmp/amavis-20120103T113827-17441
postfix/smtp[17600]: B499634E422E: to=<user@example.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.21, delays=0.12/0.01/0.01/0.08, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=17441-01, virus_scan FAILED: AV: NO VIRUS SCANNERS AVAILABLE (in reply to end of DATA command))
I'm running out of ideas. Does anyone know how to disable virus-checking within Amavis altogether?
Reply With Quote
  #9  
Old 3rd January 2012, 22:33
cbj4074 cbj4074 is offline
Senior Member
 
Join Date: Nov 2010
Posts: 392
Thanks: 29
Thanked 58 Times in 50 Posts
Default

Well, after making the changes mentioned in my previous post, email ceased to be delivered all together (the mail queue began to fill-up).

Upon further investigation, I realized that I had misread the Amavis documentation: it states that antivirus is disabled by default and that to enable it, un-comment

Code:
# @bypass_virus_checks_maps = (...
In other words, Amavis's behavior should be the default: not to virus scan.

Why, then, with the above line commented, am I seeing the following in /var/log/mail.log?

Code:
amavis[25694]: (25694-01) (!)ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: 2, retrying (2)
amavis[25694]: (25694-01) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 117) line 373.\n
amavis[25694]: (25694-01) (!!)WARN: all primary virus scanners failed, considering backups
amavis[25694]: (25694-01) (!!)TROUBLE in check_mail: virus_scan FAILED: AV: ALL VIRUS SCANNERS FAILED
amavis[25694]: (25694-01) (!)PRESERVING EVIDENCE in /var/lib/amavis/tmp/amavis-20120103T132643-25694
postfix/smtp[25871]: 4F4D334E4205: to=<user@example.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=7.4, delays=0.28/0.01/0.01/7.1, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=25694-01, virus_scan FAILED: AV: ALL VIRUS SCANNERS FAILED (in reply to end of DATA command))
Boy, this is frustrating.
Reply With Quote
  #10  
Old 3rd January 2012, 23:00
cbj4074 cbj4074 is offline
Senior Member
 
Join Date: Nov 2010
Posts: 392
Thanks: 29
Thanked 58 Times in 50 Posts
 
Default

Thanks to this post ( http://www.howtoforge.com/forums/showthread.php?t=44443 ), I realized my error: the change has to be made in /etc/amavis/conf.d/50-user, instead, as this file overrides 15-content_filter_mode.

Code:
# Place your configuration directives here.  They will override those in
# earlier files.
#
# See /usr/share/doc/amavisd-new/ for documentation and examples of
# the directives you can use in this file
#

#@bypass_virus_checks_maps = (
#   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
Don't forget to restart Amavis:

Code:
# service amavis restart
ClamAV can then be disabled at start-up (e.g., by disabling the service on boot) or uninstalled/removed completely.

Case closed.

Last edited by cbj4074; 4th January 2012 at 19:18. Reason: Added restart Amavis step.
Reply With Quote
The Following 2 Users Say Thank You to cbj4074 For This Useful Post:
falko (4th January 2012), Nicram (4th March 2014)
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Forbidden 403; Samba access; config of maildeamon fawkes Installation/Configuration 4 14th January 2010 18:16
disable SpamAssassin and ClamAV and amavis darkhoros Tips/Tricks/Mods 7 19th December 2009 12:15
ISP Config hesitation when opening web pages frankb Installation/Configuration 7 15th December 2008 13:06
ISP Config not working in mandriva 2008 bigdavid889 Server Operation 8 28th February 2008 20:05
Postfix + Amavis + SpamAssassin + ClamAV michele HOWTO-Related Questions 4 1st July 2006 14:36


All times are GMT +2. The time now is 04:33.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.