amavis & clamav - strange behaviour?! misconfiguration ?

Discussion in 'Installation/Configuration' started by prisfeo, Jan 25, 2010.

  1. prisfeo

    prisfeo New Member

    hi i am newbie here :)
    i have installed perfectly without any errors or warnings ISP 3.0.1.6 onto Centos 5.4 server; following the perfect related guide at your site! :)

    i have tested sending a virus message(eicar test file attached) to a test user @ domain newly created inside ispconfig in order to check spam/virus detections;
    well, seeing /var/log/maillog i can see virus is correctly detected and blocked
    ("Blocked INFECTED (Eicar-Test-Signature)")
    but a line log before i see:

    "amavis[31018]: (31018-03) (!!)WARN: all primary virus scanners failed, considering backups"

    (i have removed my sensible server data name)

    so i have goggled for a solution ad i saw it is related to privileges of user "clamav" in relation to amavis group..
    so i checked, but user "clamav" is correctly already a member of "amavis" group;
    so i checked the socket configuration:
    in /etc/clamd.conf
    -> LocalSocket /var/run/clamav/clamd.sock

    and /etc/amavisd/amavisd.conf
    ->
    # ### http://www.clamav.net/
    ['ClamAV-clamd',
    \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
    qr/\bOK$/, qr/\bFOUND$/,
    qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],


    and you can see that they match.

    ..so where is the problem ?
    ..
    another "wrong" thing is that in /var/log/maillog
    i saw the system tries to send email from=<virusalert@example.com>
    but i have configured in ispconfig mydomain that is not "example.com"
    if i check /etc/amavisd/amavisd.conf
    i can see:
    $mydomain = 'websites.nameofmydomain.it'; # a convenient default for other settings

    so it is correct!
    but i have discovered another configuration file in /etc:
    /etc/amavisd.conf
    and inside it there is:
    $mydomain = 'example.com'; # a convenient default for other settings

    so it seems,
    there are two amavis configuration files :confused: ..so my question is:
    what configuration file is used from ispconfig and by the server ?

    in addition, i saw that (obviously i think)
    in "second" amavis config file: /etc/amavisd.conf
    the "clamav" related configuration is all commented


    thanks in advance..,
    bye,
    prisfeo.

    p.s.: forgive my poor english, i am not english.
     
    Last edited: Jan 25, 2010
  2. prisfeo

    prisfeo New Member

    i have succeeded in resolving the above problem..
    simply i have copied the
    /etc/amavisd/amavisd.conf
    in /etc folder
    so overwriting the actual /etc/amavisd.conf
    (that seems not configured by ispconfig, but used !)
    now the clamav problem is gone away..
    :)

    pls, tell me if i have made the right thing..
    however i wonder where it is written in ispconfig configuration
    which "amavisd.conf" file to use
    cause i think it have to be somewhat corrected

    bye,
    prisfeo.
     
  3. rutame

    rutame New Member

    I want desactive Clamav and Spam Out of memory

    Hello,

    Could I deactive Clamav and spam, because my server run out of memory all time with this daemons. The server has 640MB es a virtual server, but i have got another server based p3 - 512MB and goes very good.

    Or if somebody has any idea for this problem, i will be very happy and gratefull.

    Thanks a lot
     
  4. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    640 MB is not enough ram for a full ispconfig 3 server. You can deactivate clamav and spamassassin if you dont need the mail protection and spam filtering by commenting out the content_filter line in postfix main.cf and stopping these daemons.
     
  5. rutame

    rutame New Member

    Thank you Till,

    And for an Ispconfig 2 its enought memory?
     
  6. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    For ISPConfig 2 its fine, as long as you dont have to much emails and visitors on your websites.
     
  7. prisfeo

    prisfeo New Member

    hi Till..

    just to know:
    i have installed ISPconfig3 onto a linux server(not virtual) with Centos 5.4 with web&email services active (clamav, amavis, spamassassin,etc)..i think it will host about 30 joomla 1.5 web sites and manage about 60 email accounts (splitted in 30 different domains).
    (i do not think visitors will be so many towards the websites)

    the HW of the server is:
    dual core intel Xeon 3.00 Ghz
    1 GB RAM

    ..do you think is it suitable for the above tasks ?
     
  8. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    I would add another GB ram to speed up the system as ram is really cheap. But it should also work with your curent configuration, its not a vsever and the kernel is able to use swap temporarily. More ram has the benefit that mysql is able to create the temporary tables in ram instead on the harddisk and this will speed up the joomla sites as joomla uses mysql a lot.
     
  9. rutame

    rutame New Member

    And an another last question... what i should use? cgi, fastcgi, mod-php...

    In performance and consumer terms

    Thanks a lot Till
     
  10. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    That depends on the site that you host, the number of pageviews etc. By the way, this question has already been answered several times here in the forum.
     

Share This Page