Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #11  
Old 19th April 2010, 16:25
jariasca jariasca is offline
Member
 
Join Date: Jan 2010
Posts: 42
Thanks: 2
Thanked 8 Times in 4 Posts
Default

Hi Falko

yes it is started

[root@mail log]# service clamd status
clamd (pid 4208) is running...
[root@mail log]#

Apr 19 08:21:41 mail pop3d: Connection, ip=[::ffff:216.25.164.14]
Apr 19 08:21:41 mail pop3d: LOGIN, user=rgonzalez@hotspotexpress.net, ip=[::ffff:216.25.164.14], port=[52643]
Apr 19 08:21:41 mail pop3d: LOGOUT, user=rgonzalez@hotspotexpress.net, ip=[::ffff:216.25.164.14], port=[52643], top=0, retr=0, rcvd=12, sent=39, time=0
Apr 19 08:21:45 mail postfix/smtpd[30676]: connect from unknown[58.64.87.129]
Apr 19 08:21:47 mail postfix/smtpd[30676]: 17F3414D0F3B: client=unknown[58.64.87.129]
Apr 19 08:21:49 mail postfix/cleanup[31121]: 17F3414D0F3B: message-id=<20100419142147.17F3414D0F3B@mail.x-peditenetworks.com>
Apr 19 08:21:49 mail postfix/qmgr[2752]: 17F3414D0F3B: from=<suscripciones@hotspotexpress.net>, size=9548, nrcpt=1 (queue active)
Apr 19 08:21:49 mail amavis[29659]: (29659-10) (!!)WARN: all primary virus scanners failed, considering backups
Apr 19 08:21:50 mail postfix/smtpd[30676]: disconnect from unknown[58.64.87.129]
Apr 19 08:21:57 mail amavis[29659]: (29659-10) Blocked SPAM, [58.64.87.129] [58.64.87.129] <suscripciones@hotspotexpress.net> -> <suscripciones@hotspotexpress.net>, quarantine: spam-EsmTDthKJ3B1.gz, Message-ID: <20100419142147.17F3414D0F3B@mail.x-peditenetworks.com>, mail_id: EsmTDthKJ3B1, Hits: 14.809, size: 9533, 8196 ms
Apr 19 14:21:57 mail postfix/smtp[31122]: 17F3414D0F3B: to=<suscripciones@hotspotexpress.net>, relay=127.0.0.1[127.0.0.1]:10024, delay=11, delays=3/0/0/8.2, dsn=2.5.0, status=sent (250 2.5.0 Ok, id=29659-10, DISCARD(bounce.suppressed))
Apr 19 08:21:57 mail postfix/qmgr[2752]: 17F3414D0F3B: removed
Apr 19 08:22:12 mail postfix/smtpd[30676]: connect from localhost[127.0.0.1]
Apr 19 08:22:12 mail postfix/smtpd[30676]: lost connection after CONNECT from localhost[127.0.0.1]
Apr 19 08:22:12 mail postfix/smtpd[30676]: disconnect from localhost[127.0.0.1]
Apr 19 08:22:15 mail pop3d: Connection, ip=[::ffff:216.25.164.14]
Apr 19 08:22:15 mail pop3d: LOGIN, user=valentin@hotspotexpress.net, ip=[::ffff:216.25.164.14], port=[52670]
Apr 19 08:22:15 mail pop3d: LOGOUT, user=valentin@hotspotexpress.net, ip=[::ffff:216.25.164.14], port=[52670], top=0, retr=0, rcvd=12, sent=39, time=0
Apr 19 08:22:15 mail pop3d: Connection, ip=[::ffff:216.25.164.14]
Apr 19 08:22:15 mail pop3d: LOGIN, user=rgonzalez@hotspotexpress.net, ip=[::ffff:216.25.164.14], port=[52673]
Apr 19 08:22:15 mail pop3d: LOGOUT, user=rgonzalez@hotspotexpress.net, ip=[::ffff:216.25.164.14], port=[52673], top=0, retr=0, rcvd=12, sent=39, time=0
Apr 19 08:22:15 mail postfix/smtpd[30676]: warning: 189.107.105.233: hostname 189107105233.user.veloxzone.com.br verification failed: Name or service not known
Apr 19 08:22:15 mail postfix/smtpd[30676]: connect from unknown[189.107.105.233]
Apr 19 08:22:16 mail postfix/smtpd[30676]: 1443814D0F3B: client=unknown[189.107.105.233]
Apr 19 08:22:17 mail postfix/cleanup[31121]: 1443814D0F3B: message-id=<20100419142216.1443814D0F3B@mail.x-peditenetworks.com>
Apr 19 08:22:17 mail postfix/qmgr[2752]: 1443814D0F3B: from=<neenu9816@veloxzone.com.br>, size=8718, nrcpt=1 (queue active)
Apr 19 08:22:17 mail amavis[31208]: (31208-01) (!!)WARN: all primary virus scanners failed, considering backups
Apr 19 08:22:17 mail postfix/smtpd[30676]: disconnect from unknown[189.107.105.233]
Apr 19 08:22:19 mail pop3d: Connection, ip=[::ffff:209.213.178.252]
Apr 19 08:22:19 mail pop3d: Connection, ip=[::ffff:209.213.178.252]
Apr 19 08:22:19 mail pop3d: LOGIN, user=abuse@x-peditenetworks.com, ip=[::ffff:209.213.178.252], port=[57800]
Apr 19 08:22:19 mail pop3d: LOGIN, user=jarias@hotspotexpress.net, ip=[::ffff:209.213.178.252], port=[57801]
Apr 19 08:22:19 mail pop3d: LOGOUT, user=abuse@x-peditenetworks.com, ip=[::ffff:209.213.178.252], port=[57800], top=0, retr=0, rcvd=18, sent=69, time=0
Apr 19 08:22:19 mail pop3d: LOGOUT, user=jarias@hotspotexpress.net, ip=[::ffff:209.213.178.252], port=[57801], top=0, retr=0, rcvd=28, sent=91, time=0
Apr 19 08:22:20 mail pop3d: Connection, ip=[::ffff:216.25.164.14]
Apr 19 08:22:20 mail pop3d: Connection, ip=[::ffff:216.25.164.14]
Apr 19 08:22:20 mail pop3d: LOGIN, user=valentin@hotspotexpress.net, ip=[::ffff:216.25.164.14], port=[52682]
Apr 19 08:22:20 mail pop3d: LOGIN, user=rgonzalez@hotspotexpress.net, ip=[::ffff:216.25.164.14], port=[52683]
Reply With Quote
Sponsored Links
  #12  
Old 19th April 2010, 16:48
jariasca jariasca is offline
Member
 
Join Date: Jan 2010
Posts: 42
Thanks: 2
Thanked 8 Times in 4 Posts
Default

Hi Falko I can see I have a /etc/amavisd directory and inside I have the aamavisd.conf and I have another amavisd.conf in the /etc.

So what I just did is to copy the one from amavisd directory to the etc
and restarted the services.


Now I'm getting this

pr 19 08:44:09 mail amavis[32101]: (32101-03) lookup [banned_namepath_re] => undef, "P=p003\tL=1\tM=multipart/alternative\nP=p002\tL=1/2\tM=text/html\tT=html" does not match
Apr 19 08:44:09 mail amavis[32101]: (32101-03) p.path suscripciones@hotspotexpress.net: "P=p003,L=1,M=multipart/alternative | P=p002,L=1/2,M=text/html,T=html"
Apr 19 08:44:09 mail amavis[32101]: (32101-03) banned check: any=0, all=N (1)
Apr 19 08:44:09 mail amavis[32101]: (32101-03) lookup_re("MAIL"), no matches
Apr 19 08:44:09 mail amavis[32101]: (32101-03) lookup [keep_decoded_original] => undef, "MAIL" does not match
Apr 19 08:44:09 mail amavis[32101]: (32101-03) Calling virus scanners, 2 files to scan in /var/spool/amavisd/tmp/amavis-20100419T083943-32101/parts
Apr 19 08:44:09 mail amavis[32101]: (32101-03) run_av (ClamAV-clamd): query template(1,1): CONTSCAN {}\n
Apr 19 08:44:09 mail amavis[32101]: (32101-03) prolong_timer run_av: timer set to 480 s
Apr 19 08:44:09 mail amavis[32101]: (32101-03) prolong_timer run_av: timer set to 384 s
Apr 19 08:44:09 mail amavis[32101]: (32101-03) ask_av Using (ClamAV-clamd): CONTSCAN /var/spool/amavisd/tmp/amavis-20100419T083943-32101/parts\n
Apr 19 08:44:09 mail amavis[32101]: (32101-03) ask_daemon_internal: timer set to 10 s (was 384 s)
Apr 19 08:44:09 mail amavis[32101]: (32101-03) ClamAV-clamd: Sending CONTSCAN /var/spool/amavisd/tmp/amavis-20100419T083943-32101/parts\n to UNIX socket /var/spool/amavisd/clamd.sock
Apr 19 08:44:09 mail amavis[32101]: (32101-03) prolong_timer ask_daemon_internal: timer set to 384 s
Apr 19 08:44:09 mail amavis[32101]: (32101-03) ClamAV-clamd: Can't send to socket /var/spool/amavisd/clamd.sock: Transport endpoint is not connected, retrying (1)
Apr 19 08:44:09 mail amavis[32101]: (32101-03) ClamAV-clamd: sleeping for 1 s
Apr 19 08:44:09 mail postfix/smtpd[32171]: disconnect from unknown[93.86.145.251]
Apr 19 08:44:10 mail amavis[32101]: (32101-03) ask_daemon_internal: timer set to 10 s (was 384 s)
Apr 19 08:44:10 mail amavis[32101]: (32101-03) ClamAV-clamd: Connecting to socket /var/spool/amavisd/clamd.sock, retry #1
Apr 19 08:44:10 mail amavis[32101]: (32101-03) creating socket by IO::Socket::UNIX to /var/spool/amavisd/clamd.sock
Apr 19 08:44:10 mail amavis[32101]: (32101-03) prolong_timer ask_daemon_internal: timer set to 383 s
Apr 19 08:44:10 mail amavis[32101]: (32101-03) (!)ClamAV-clamd: Can't connect to UNIX socket /var/spool/amavisd/clamd.sock: No such file or directory, retrying (2)


Thanks
Reply With Quote
  #13  
Old 19th April 2010, 17:45
jariasca jariasca is offline
Member
 
Join Date: Jan 2010
Posts: 42
Thanks: 2
Thanked 8 Times in 4 Posts
Default

I think I finally got it reading in google I got the answer to this error

in amavisd.conf I change the deamon to var/run/clamav/clamd.ctl

# ### http://www.clamav.net/
['ClamAV-clamd',
#\&ask_daemon, ["CONTSCAN {}\n", "/var/spool/amavisd/clamd.sock"],
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],


and in the clamd.conf I change the deamon to var/run/clamav/clamd.ctl

# Path to a local socket file the daemon will listen on.
# Default: disabled (must be specified by a user)
#LocalSocket /tmp/clamd.socket
LocalSocket /var/run/clamav/clamd.ctl

now look at my log

Apr 19 09:34:54 mail amavis[3073]: (03073-01) lookup_re("MAIL"), no matches
Apr 19 09:34:54 mail amavis[3073]: (03073-01) lookup [keep_decoded_original] => undef, "MAIL" does not match
Apr 19 09:34:54 mail amavis[3073]: (03073-01) Calling virus scanners, 2 files to scan in /var/spool/amavisd/tmp/amavis-20100419T093454-03073/parts
Apr 19 09:34:54 mail amavis[3073]: (03073-01) run_av (ClamAV-clamd): query template(1,1): CONTSCAN {}\n
Apr 19 09:34:54 mail amavis[3073]: (03073-01) prolong_timer run_av: timer set to 480 s
Apr 19 09:34:54 mail amavis[3073]: (03073-01) prolong_timer run_av: timer set to 384 s
Apr 19 09:34:54 mail amavis[3073]: (03073-01) ask_av Using (ClamAV-clamd): CONTSCAN /var/spool/amavisd/tmp/amavis-20100419T093454-03073/parts\n
Apr 19 09:34:54 mail amavis[3073]: (03073-01) ask_daemon_internal: timer set to 10 s (was 384 s)
Apr 19 09:34:54 mail amavis[3073]: (03073-01) ClamAV-clamd: Connecting to socket /var/run/clamav/clamd.ctl
Apr 19 09:34:54 mail amavis[3073]: (03073-01) creating socket by IO::Socket::UNIX to /var/run/clamav/clamd.ctl
Apr 19 09:34:54 mail amavis[3073]: (03073-01) ClamAV-clamd: Sending CONTSCAN /var/spool/amavisd/tmp/amavis-20100419T093454-03073/parts\n to UNIX socket /var/run/clamav/clamd.ctl
Apr 19 09:34:54 mail amavis[3073]: (03073-01) prolong_timer ask_daemon_internal: timer set to 307 s
Apr 19 09:34:55 mail amavis[3073]: (03073-01) prolong_timer ask_daemon_internal: timer set to 383 s
Apr 19 09:34:55 mail amavis[3073]: (03073-01) prolong_timer ask_av: timer set to 479 s
Apr 19 09:34:55 mail amavis[3073]: (03073-01) ask_av (ClamAV-clamd) result: /var/spool/amavisd/tmp/amavis-20100419T093454-03073/parts: OK\n
Apr 19 09:34:55 mail amavis[3073]: (03073-01) run_av (ClamAV-clamd): CLEAN
Apr 19 09:34:55 mail amavis[3073]: (03073-01) run_av (ClamAV-clamd) result: clean
Apr 19 09:34:55 mail amavis[3073]: (03073-01) wbl: checking sender <moancB@reuters.com>
Apr 19 09:34:55

Thanks for the help I will monitor my log to see what happends.
Reply With Quote
The Following 2 Users Say Thank You to jariasca For This Useful Post:
hfr (14th May 2010), Nicram (2nd September 2010)
  #14  
Old 20th April 2010, 17:34
abrahamcardenas abrahamcardenas is offline
Junior Member
 
Join Date: Apr 2010
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default clamav daemon

sudo aptitude update
sudo aptitude install clamav-daemon

it is ready for me!
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Spamassassin Issue Last_resort_33 Server Operation 8 4th September 2008 21:06
Lint test error raulb Server Operation 3 29th May 2008 18:33
Fedora Core 5 Spamassassin (Scalix Install) Viper_iii Installation/Configuration 1 19th September 2007 14:59
Systemimager (rsync) doesn't copy all comedit HOWTO-Related Questions 11 19th January 2007 17:17
How to install BFD (Brute Force Detection) domino Tips/Tricks/Mods 9 31st March 2006 22:40


All times are GMT +2. The time now is 03:27.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.