Amavis trouble with Postfix

Discussion in 'Installation/Configuration' started by lordshadow, Jul 23, 2008.

  1. lordshadow

    lordshadow New Member

    Hi,

    I changed over from using Exim on my Domain server as I wasn't happy with it.

    Now I'm trying to get Amavis working with Spamassassin and ClamAV, so I found a few sites on google however I keep getting errors when Amavis tries to start scanning the email.

    Code:
    Jul  2 23:16:24 OptiplexGX270T amavis[2891]: (02891-01) (!) /usr/bin/clamscan is taking longer than 315 s and will be killed
    Jul  2 23:16:24 OptiplexGX270T amavis[2891]: (02891-01) (!) killing process [3720] running /usr/bin/clamscan
    Jul  2 23:16:24 OptiplexGX270T amavis[2890]: (02890-01) (!) /usr/bin/clamscan is taking longer than 315 s and will be killed
    Jul  2 23:16:24 OptiplexGX270T amavis[2890]: (02890-01) (!) killing process [3721] running /usr/bin/clamscan
    Jul  2 23:16:24 OptiplexGX270T amavis[2890]: (02890-01) (!) run_av: timed out
    Jul  2 23:16:24 OptiplexGX270T amavis[2890]: (02890-01) (!!) ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462.
    Jul  2 23:16:24 OptiplexGX270T amavis[2890]: (02890-01) (!!) TROUBLE in check_mail: virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.; ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462.
    Jul  2 23:16:24 OptiplexGX270T amavis[2890]: (02890-01) (!) PRESERVING EVIDENCE in /var/lib/amavis/tmp/amavis-20080702T231102-02890
    Jul  2 23:16:24 OptiplexGX270T amavis[2890]: (02890-01) TIMING [total 322468 ms] - SMTP EHLO: 6 (0%)0, SMTP pre-MAIL: 1 (0%)0, mkdir tempdir: 85 (0%)0, create email.txt: 0 (0%)0, SMTP pre-DATA-flush: 4 (0%)0, SMTP DATA: 7 (0%)0, body_digest: 1 (0%)0, gen_mail_id: 1 (0%)0, mkdir parts: 0 (0%)0, mime_decode: 16 (0%)0, get-file-type2: 314 (0%)0, decompose_part: 1 (0%)0, parts_decode: 0 (0%)0, AV-scan-1: 7018 (2%)2, AV-scan-2: 0 (0%)2, AV-scan-3: 315011 (98%)100, rundown: 2 (0%)100
    Jul  2 23:16:24 OptiplexGX270T amavis[2891]: (02891-01) (!) run_av: timed out
    Jul  2 23:16:24 OptiplexGX270T amavis[2891]: (02891-01) (!!) ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462.
    Jul  2 23:16:24 OptiplexGX270T amavis[2891]: (02891-01) (!!) TROUBLE in check_mail: virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.; ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462.
    Jul  2 23:16:24 OptiplexGX270T amavis[2891]: (02891-01) (!) PRESERVING EVIDENCE in /var/lib/amavis/tmp/amavis-20080702T231102-02891
    Jul  2 23:16:24 OptiplexGX270T amavis[2891]: (02891-01) TIMING [total 322458 ms] - SMTP EHLO: 6 (0%)0, SMTP pre-MAIL: 1 (0%)0, mkdir tempdir: 70 (0%)0, create email.txt: 1 (0%)0, SMTP pre-DATA-flush: 4 (0%)0, SMTP DATA: 29 (0%)0, body_digest: 1 (0%)0, gen_mail_id: 1 (0%)0, mkdir parts: 0 (0%)0, mime_decode: 17 (0%)0, get-file-type2: 277 (0%)0, decompose_part: 1 (0%)0, parts_decode: 0 (0%)0, AV-scan-1: 7021 (2%)2, AV-scan-2: 0 (0%)2, AV-scan-3: 315023 (98%)100, rundown: 5 (0%)100
    Jul  2 23:16:24 OptiplexGX270T postfix/smtp[3210]: C4E185AA34: to=<kayasaman@optiplex-networks.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=77127, delays=76804/0.19/0.01/322, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=02891-01, virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.; ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462. (in reply to end of DATA command))
    Jul  2 23:16:24 OptiplexGX270T postfix/smtp[3209]: 66D1C5AA22: to=<kayasaman@optiplex-networks.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=79388, delays=79066/0.18/0.01/322, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=02890-01, virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.; ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462. (in reply to end of DATA command))
    
    Also I can't understand why Amavis can't connect to socket:

    Code:
    (Can't connect to UNIX socket /var/run/clamav/clamd.ctl
    
    as the dir is there?:
    Code:
    kayasaman@OptiplexGX270T:/var/run/clamav$ ls
    clamd.ctl  clamd.pid  freshclam.pid
    
    As a result I had many error emails sent back to me when I tried using my other accounts to send a test mail to my server - this is why I ran away from Exim in the first place!

    Can anyone help me with how to solve this issue?

    Many Thanks
     
  2. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    What's the output of
    Code:
    ls -la /var/run/clamav
    ?
    Are amavisd or Postfix running chrooted?
     
  3. lordshadow

    lordshadow New Member

    OptiplexGX270T:/home/kayasaman# ls -la /var/run/clamav
    total 16
    drwxr-xr-x 2 clamav clamav 4096 2008-07-21 14:14 .
    drwxr-xr-x 22 root root 4096 2008-07-21 13:40 ..
    srwxrwxrwx 1 clamav clamav 0 2008-07-21 14:14 clamd.ctl
    -rw-rw---- 1 clamav clamav 4 2008-07-21 14:14 clamd.pid
    -rw-rw---- 1 clamav clamav 4 2008-07-21 13:39 freshclam.pid

    Is output.

    How can I test for amavisd and postfix is using chrooted?

    I don't think they are but I'm not certain.
     
  4. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    What's in /etc/postfix/master.cf?
     
  5. lordshadow

    lordshadow New Member

    #
    # Postfix master process configuration file. For details on the format
    # of the file, see the master(5) manual page (command: "man 5 master").
    #
    # ==========================================================================
    # service type private unpriv chroot wakeup maxproc command + args
    # (yes) (yes) (yes) (never) (100)
    # ==========================================================================
    smtp inet n - - - - smtpd
    #submission inet n - - - - smtpd
    # -o smtpd_enforce_tls=yes
    # -o smtpd_sasl_auth_enable=yes
    # -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    #smtps inet n - - - - smtpd
    # -o smtpd_tls_wrappermode=yes
    # -o smtpd_sasl_auth_enable=yes
    # -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    #628 inet n - - - - qmqpd
    pickup fifo n - - 60 1 pickup
    cleanup unix n - - - 0 cleanup
    qmgr fifo n - n 300 1 qmgr
    #qmgr fifo n - - 300 1 oqmgr
    tlsmgr unix - - - 1000? 1 tlsmgr
    rewrite unix - - - - - trivial-rewrite
    bounce unix - - - - 0 bounce
    defer unix - - - - 0 bounce
    trace unix - - - - 0 bounce
    verify unix - - - - 1 verify
    flush unix n - - 1000? 0 flush
    proxymap unix - - n - - proxymap
    smtp unix - - - - - smtp
    # When relaying mail as backup MX, disable fallback_relay to avoid MX loops
    relay unix - - - - - smtp
    -o fallback_relay=
    # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
    showq unix n - - - - showq
    error unix - - - - - error
    discard unix - - - - - discard
    local unix - n n - - local
    virtual unix - n n - - virtual
    lmtp unix - - - - - lmtp
    anvil unix - - - - 1 anvil
    scache unix - - - - 1 scache
    #
    # ====================================================================
    # Interfaces to non-Postfix software. Be sure to examine the manual
    # pages of the non-Postfix software to find out what options it wants.
    #
    # Many of the following services use the Postfix pipe(8) delivery
    # agent. See the pipe(8) man page for information about ${recipient}
    # and other message envelope options.
    # ====================================================================
    #
    # maildrop. See the Postfix MAILDROP_README file for details.
    # Also specify in main.cf: maildrop_destination_recipient_limit=1
    #
    maildrop unix - n n - - pipe
    flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
    #
    # See the Postfix UUCP_README file for configuration details.
    #
    uucp unix - n n - - pipe
    flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)#
    # Other external delivery methods.
    #
    ifmail unix - n n - - pipe
    flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
    bsmtp unix - n n - - pipe
    flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipientscalemail-backend unix - n n - 2 pipe
    flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
    mailman unix - n n - - pipe
    flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
    ${nexthop} ${user}

    amavis unix - - - - 2 smtp
    -o smtp_data_done_timeout=1200
    -o smtp_send_xforward_command=yes
    -o disable_dns_lookups=yes
    -o max_use=20

    127.0.0.1:10025 inet n - - - - smtpd
    -o content_filter=
    -o local_recipient_maps=
    -o relay_recipient_maps=
    -o smtpd_restriction_classes=
    -o smtpd_delay_reject=no
    -o smtpd_client_restrictions=permit_mynetworks,reject
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o smtpd_data_restrictions=reject_unauth_pipelining
    -o smtpd_end_of_data_restrictions=
    -o mynetworks=192.168.1.0/24
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o smtpd_client_connection_count_limit=0
    -o smtpd_client_connection_rate_limit=0
    -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
    -o strict_rfc821_envelopes=yes
    -o smtpd_bind_address=127.0.0.1
     
  6. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    What happens when you replace
    Code:
    smtp inet n - - - - smtpd
    with
    Code:
    smtp inet n - n - - smtpd
    and restart Postfix?
     
  7. lordshadow

    lordshadow New Member

    I had a pretty fast delivery of mail so it seems to have worked I guess but I had another problem with aliases.db file which was older then file aliases.

    I did: nano /etc/aliases.db then ctrl o and restart postfix now my whole mail system seems to have gone kablueey?

    Code:
    Jul 27 11:55:47 OptiplexGX270T postfix/smtpd[4633]: fatal: open database /etc/aliases.db: Invalid argument
    
    Not sure if this is used by postfix and if I can simply rm /etc/aliases.db and let it create a new one.

    Anyway I can't be certain if the above worked untilll this works and I can read my mails posted by logcheck as they give me verbosity in amavis output!

    Have to run to work now but will investigate more about the aliases.db later when I come back.
     
  8. lordshadow

    lordshadow New Member

    hmm just found the newaliases command am seeing if it works! - but now I really need to get work :)
     
  9. lordshadow

    lordshadow New Member

    Ok aliases.db probelm fixed!!!! Few now I really gota run be back later heheheh
     
  10. lordshadow

    lordshadow New Member

    Ok finally I just checked the output of logcheck and amavis doesn't seem to be mentioned at all with mail delivery so I'm taking this to be a good sign.

    Can't find any logs for it so for now all I can do is wait till the next delivery of logcheck mail and see if things are consistant!

    -But all looks promising :)
     
  11. lordshadow

    lordshadow New Member

    Forced the issue by invoking logcheck prematurely and all is fine amavis says ok :D

    If there is a command to check full functionality I would realy apprieciate to be told but if not then not to wory as all is ok! - No more errors

    Thanks falko!!!!! P.s. check my P.M. :)
     
  12. brianwc

    brianwc New Member

    I've been having this same problem for a while

    I've been experiencing this same problem for a while and last time I fixed it I felt like it was a fluke and would recur, and it did. The solution described in this thread also doesn't seem to work for me.

    In /var/log/mail.err I get:

    Code:
    Jul 29 14:09:47 localhost amavis[32550]: (32550-01) (!!) WARN: all primary virus scanners failed, considering backups
    Jul 29 14:09:47 localhost amavis[32551]: (32551-01) (!!) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.
    and the postfix queue starts growing and won't deliver mail.

    I have not done anything to run postifx in a chroot. I just followed the HOWTO on this site.

    The file that the log file claims doesn't exist, doesn't in fact exist, but why it isn't created, I cannot figure out:

    Code:
    /var/run/clamav# ls -la
    total 12
    drwxr-xr-x  2 clamav clamav 4096 2008-07-27 13:35 .
    drwxr-xr-x 21 root   root   4096 2008-07-29 11:51 ..
    -rw-rw----  1 clamav clamav    5 2008-07-29 13:11 freshclam.pid
    My /etc/postfix/master.cf looks like so:

    Code:
    #
    # Postfix master process configuration file.  Each logical line 
    # describes how a Postfix daemon program should be run. 
    #
    # A logical line starts with non-whitespace, non-comment text.
    # Empty lines and whitespace-only lines are ignored, as are comment 
    # lines whose first non-whitespace character is a `#'.  
    # A line that starts with whitespace continues a logical line.
    #
    # The fields that make up each line are described below. A "-" field
    # value requests that a default value be used for that field.
    #
    # Service: any name that is valid for the specified transport type
    # (the next field).  With INET transports, a service is specified as
    # host:port.  The host part (and colon) may be omitted. Either host
    # or port may be given in symbolic form or in numeric form. Examples
    # for the SMTP server:  localhost:smtp receives mail via the loopback
    # interface only; 10025 receives mail on port 10025.
    #
    # Transport type: "inet" for Internet sockets, "unix" for UNIX-domain
    # sockets, "fifo" for named pipes.
    #
    # Private: whether or not access is restricted to the mail system.
    # Default is private service.  Internet (inet) sockets can't be private.
    #
    # Unprivileged: whether the service runs with root privileges or as
    # the owner of the Postfix system (the owner name is controlled by the
    # mail_owner configuration variable in the main.cf file). Only the
    # pipe, virtual and local delivery daemons require privileges.
    #
    # Chroot: whether or not the service runs chrooted to the mail queue
    # directory (pathname is controlled by the queue_directory configuration
    # variable in the main.cf file). Presently, all Postfix daemons can run
    # chrooted, except for the pipe, virtual and local delivery daemons.
    # The proxymap server can run chrooted, but doing so defeats most of
    # the purpose of having that service in the first place.
    # The files in the examples/chroot-setup subdirectory describe how
    # to set up a Postfix chroot environment for your type of machine.
    #
    # Wakeup time: automatically wake up the named service after the
    # specified number of seconds. A ? at the end of the wakeup time
    # field requests that wake up events be sent only to services that
    # are actually being used.  Specify 0 for no wakeup. Presently, only
    # the pickup, queue manager and flush daemons need a wakeup timer.
    #
    # Max procs: the maximum number of processes that may execute this
    # service simultaneously. Default is to use a globally configurable
    # limit (the default_process_limit configuration parameter in main.cf).
    # Specify 0 for no process count limit.
    #
    # Command + args: the command to be executed. The command name is
    # relative to the Postfix program directory (pathname is controlled by
    # the daemon_directory configuration variable). Adding one or more
    # -v options turns on verbose logging for that service; adding a -D
    # option enables symbolic debugging (see the debugger_command variable
    # in the main.cf configuration file). See individual command man pages
    # for specific command-line options, if any.
    #
    # General main.cf options can be overridden for specific services.
    # To override one or more main.cf options, specify them as arguments
    # below, preceding each option by "-o".  There must be no whitespace
    # in the option itself (separate multiple values for an option by
    # commas).
    #
    # In order to use the "uucp" message tranport below, set up entries
    # in the transport table.
    #
    # In order to use the "cyrus" message transport below, configure it
    # in main.cf as the mailbox_transport.
    #
    # SPECIFY ONLY PROGRAMS THAT ARE WRITTEN TO RUN AS POSTFIX DAEMONS.
    # ALL DAEMONS SPECIFIED HERE MUST SPEAK A POSTFIX-INTERNAL PROTOCOL.
    #
    # DO NOT SHARE THE POSTFIX QUEUE BETWEEN MULTIPLE POSTFIX INSTANCES.
    #
    # ==========================================================================
    # service type  private unpriv  chroot  wakeup  maxproc command + args
    #               (yes)   (yes)   (yes)   (never) (100)
    # ==========================================================================
    smtp      inet  n       -       n       -       -       smtpd
    #submission inet n      -       -       -       -       smtpd
    #	-o smtpd_etrn_restrictions=reject
    #628      inet  n       -       -       -       -       qmqpd
    pickup    fifo  n       -       -       60      1       pickup
    cleanup   unix  n       -       -       -       0       cleanup
    qmgr      fifo  n       -       -       300     1       qmgr
    #qmgr     fifo  n       -       -       300     1       oqmgr
    rewrite   unix  -       -       -       -       -       trivial-rewrite
    bounce    unix  -       -       -       -       0       bounce
    defer     unix  -       -       -       -       0       bounce
    trace     unix  -       -       -       -       0       bounce
    verify    unix  -       -       -       -       1       verify
    flush     unix  n       -       -       1000?   0       flush
    proxymap  unix  -       -       n       -       -       proxymap
    smtp      unix  -       -       -       -       -       smtp
    relay     unix  -       -       -       -       -       smtp
    #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
    showq     unix  n       -       -       -       -       showq
    error     unix  -       -       -       -       -       error
    local     unix  -       n       n       -       -       local
    virtual   unix  -       n       n       -       -       virtual
    lmtp      unix  -       -       n       -       -       lmtp
    anvil     unix  -       -       n       -       1       anvil
    #
    # Interfaces to non-Postfix software. Be sure to examine the manual
    # pages of the non-Postfix software to find out what options it wants.
    #
    # maildrop. See the Postfix MAILDROP_README file for details.
    #
    maildrop  unix  -       n       n       -       -       pipe
      flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
    uucp      unix  -       n       n       -       -       pipe
      flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
    ifmail    unix  -       n       n       -       -       pipe
      flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
    bsmtp     unix  -       n       n       -       -       pipe
      flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender $recipient
    scalemail-backend unix	-	n	n	-	2	pipe
      flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
    
    # only used by postfix-tls
    #tlsmgr	  fifo	-	-	n	300	1	tlsmgr
    #smtps	  inet	n	-	n	-	-	smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
    #587	  inet	n	-	n	-	-	smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
    
    # Added from howtoforge.com HOWTO
    amavis unix - - - - 2 smtp
            -o smtp_data_done_timeout=1200
    	-o smtp_send_xforward_command=yes
    
    127.0.0.1:10025 inet n - - - - smtpd
            -o content_filter=
            -o local_recipient_maps=
            -o relay_recipient_maps=
    	-o smtpd_restriction_classes=
            -o smtpd_client_restrictions=
            -o smtpd_helo_restrictions=
            -o smtpd_sender_restrictions=
            -o smtpd_recipient_restrictions=permit_mynetworks,reject
            -o mynetworks=127.0.0.0/8
            -o strict_rfc821_envelopes=yes
    	-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
    	-o smtpd_bind_address=127.0.0.1
    tlsmgr    unix  -       -       -       1000?   1       tlsmgr
    scache    unix  -       -       -       -       1       scache
    discard   unix  -       -       -       -       -       discard
    Thanks for any other suggestions on how to address this problem.
     
  13. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Can you try this?
    Code:
    chmod 777 /var/run/clamav
     
  14. brianwc

    brianwc New Member

    chmod may have improved things

    I did the chmod 777 /var/run/clamav and now, for the first time ever, I see clamd.ctl and clamd.pid files in that directory.

    I'll monitor things and see if this cures it. This problem has a habit of resolving itself and then cropping back up...
     
  15. lordshadow

    lordshadow New Member

    Hmm.........

    this is really wierd now just discovered this problem right now?

    This is the tailing end of my master.cf file

    Code:
    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.
    
    [...]
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    localhost
    relayhost =
    mynetworks = 192.168.1.0/24
    #mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    home_mailbox = Maildir/
    #content_filter = amavis:[127.0.0.1]:10024
    receive_override_options = no_address_mappings
    [...]
    
    however if I enable: #content_filter = amavis:[127.0.0.1]:10024

    then amavis still doesn't connect to socket 10025??

    Code:
    Aug  1 19:33:56 OptiplexGX270T imapd: Connection, ip=[::ffff:192.168.1.2]
    Aug  1 19:33:56 OptiplexGX270T imapd: LOGIN, user=kayasaman, ip=[::ffff:192.168.1.2], protocol=IMAP
    Aug  1 19:35:00 OptiplexGX270T imapd: Connection, ip=[::ffff:192.168.1.2]
    Aug  1 19:35:00 OptiplexGX270T imapd: LOGIN, user=kayasaman, ip=[::ffff:192.168.1.2], protocol=IMAP
    Aug  1 19:35:00 OptiplexGX270T imapd: LOGOUT, user=kayasaman, ip=[::ffff:192.168.1.2], headers=0, body=0, rcvd=52, sent=154, time=0
    Aug  1 19:35:41 OptiplexGX270T postfix/smtpd[14660]: warning: 192.168.1.2: hostname vaio verification failed: No address associated with hostname
    Aug  1 19:35:41 OptiplexGX270T postfix/smtpd[14660]: connect from unknown[192.168.1.2]
    Aug  1 19:35:41 OptiplexGX270T postfix/smtpd[14660]: 50AF35A9B5: client=unknown[192.168.1.2]
    Aug  1 19:35:41 OptiplexGX270T postfix/cleanup[14663]: 50AF35A9B5: message-id=<1217608539.30124.0.camel@localhost>
    Aug  1 19:35:41 OptiplexGX270T postfix/qmgr[12798]: 50AF35A9B5: from=<kayasaman@optiplex-networks.com>, size=639, nrcpt=1 (queue active)
    Aug  1 19:35:41 OptiplexGX270T amavis[8786]: (08786-01) ESMTP::10024 /var/lib/amavis/tmp/amavis-20080801T193541-08786: <kayasaman@optiplex-networks.com> -> <comptonm@hughes.net> SIZE=639 Received: from OptiplexGX270T.optiplex-networks.com ([127.0.0.1]) by localhost (OptiplexGX270T.optiplex-networks.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <comptonm@hughes.net>; Fri,  1 Aug 2008 19:35:41 +0300 (EEST)
    Aug  1 19:35:41 OptiplexGX270T amavis[8786]: (08786-01) Checking: ivIW-viiJ2Jq [192.168.1.2] <kayasaman@optiplex-networks.com> -> <comptonm@hughes.net>
    Aug  1 19:35:41 OptiplexGX270T amavis[8786]: (08786-01) p001 1 Content-Type: text/plain, size: 98 B, name:
    Aug  1 19:35:41 OptiplexGX270T postfix/smtpd[14660]: disconnect from unknown[192.168.1.2]
    Aug  1 19:35:43 OptiplexGX270T postfix/smtpd[14667]: connect from localhost[127.0.0.1]
    Aug  1 19:35:43 OptiplexGX270T postfix/smtpd[14667]: NOQUEUE: reject: CONNECT from localhost[127.0.0.1]: 554 5.7.1 <localhost[127.0.0.1]>: Client host rejected: Access denied; proto=SMTP
    Aug  1 19:35:43 OptiplexGX270T amavis[8786]: (08786-01) (!) FWD via SMTP: <kayasaman@optiplex-networks.com> -> <comptonm@hughes.net>, 450 4.4.1 Can't connect to 127.0.0.1 port 10025,  () at (eval 42) line 145, <GEN22> line 50., MTA([127.0.0.1]:10025), id=08786-01
    
    Also I don't know if this is linked or not but I used to be able to send mail from squirrelmail web interface and now this doesn't work either :( I however can send from mail client like Evolution;- from remote machine

    Any advice would be great
     
  16. lordshadow

    lordshadow New Member

    Squirrelmail problem solved! - Unrelated

    mynetworks = 192.168.1.0/24 line needed 127.0.0.1 added (localhost)

    Original problem still remains however :(
     
  17. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    What's the output of
    Code:
    netstat -tap
    , and what's in /etc/postfix/master.cf?
     
  18. lordshadow

    lordshadow New Member

    netstat -tap shows:

    Code:
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address           Foreign Address         State PID/Program name
    tcp        0      0 *:55008                 *:*                     LISTEN     3378/rpc.statd
    tcp        0      0 localhost:60000         *:*                     LISTEN     2773/postgrey.pid -
    tcp        0      0 localhost:2208          *:*                     LISTEN     2569/hpiod
    tcp        0      0 *:nfs                   *:*                     LISTEN     -
    tcp        0      0 *:afpovertcp            *:*                     LISTEN     3151/afpd
    tcp        0      0 *:swat                  *:*                     LISTEN     3206/inetd
    tcp        0      0 localhost:10024         *:*                     LISTEN     15704/amavisd (mast
    tcp        0      0 localhost:10025         *:*                     LISTEN     22419/master
    tcp        0      0 *:56681                 *:*                     LISTEN     -
    tcp        0      0 localhost:mysql         *:*                     LISTEN     2657/mysqld
    tcp        0      0 *:netbios-ssn           *:*                     LISTEN     3279/smbd
    tcp        0      0 localhost:spamd         *:*                     LISTEN     2777/spamd.pid
    tcp        0      0 *:sunrpc                *:*                     LISTEN     2220/portmap
    tcp        0      0 localhost:32912         *:*                     LISTEN     2572/python
    tcp        0      0 *:auth                  *:*                     LISTEN     3206/inetd
    tcp        0      0 *:munin                 *:*                     LISTEN     3534/munin-node
    tcp        0      0 OptiplexGX270T.o:domain *:*                     LISTEN     2511/named
    tcp        0      0 localhost:domain        *:*                     LISTEN     2511/named
    tcp        0      0 localhost:ipp           *:*                     LISTEN     3028/cupsd
    tcp        0      0 *:smtp                  *:*                     LISTEN     22419/master
    tcp        0      0 localhost:953           *:*                     LISTEN     2511/named
    tcp        0      0 localhost:4700          *:*                     LISTEN     3153/cnid_metad
    tcp        0      0 *:microsoft-ds          *:*                     LISTEN     3279/smbd
    tcp        0      0 *:831                   *:*                     LISTEN     3196/rpc.mountd
    tcp        0      0 OptiplexGX270T.opti:nfs mail.gx110.optiplex:886 ESTABLISHED-
    tcp6       0      0 *:imaps                 *:*                     LISTEN     2988/couriertcpd
    tcp6       0      0 *:pop3s                 *:*                     LISTEN     3007/couriertcpd
    tcp6       0      0 *:pop3                  *:*                     LISTEN     2993/couriertcpd
    tcp6       0      0 *:imap2                 *:*                     LISTEN     2976/couriertcpd
    tcp6       0      0 *:www                   *:*                     LISTEN     13135/apache2
    tcp6       0      0 *:domain                *:*                     LISTEN     2511/named
    tcp6       0      0 *:ssh                   *:*                     LISTEN     12987/sshd
    tcp6       0      0 ip6-localhost:953       *:*                     LISTEN     2511/named
    tcp6       0    720 OptiplexGX270T.opti:ssh vaio:58233              ESTABLISHED16659/sshd: kayasam
    tcp6       0      0 OptiplexGX270T.op:imap2 vaio:58176              ESTABLISHED31018/imapd
    
    master.cf:

    Code:
    #
    # Postfix master process configuration file.  For details on the format
    # of the file, see the master(5) manual page (command: "man 5 master").
    #
    # ==========================================================================
    # service type  private unpriv  chroot  wakeup  maxproc command + args
    #               (yes)   (yes)   (yes)   (never) (100)
    # ==========================================================================
    smtp      inet  n       -       n       -       -       smtpd
    #submission inet n       -       -       -       -       smtpd
    #  -o smtpd_enforce_tls=yes
    #  -o smtpd_sasl_auth_enable=yes
    #  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    #smtps     inet  n       -       -       -       -       smtpd
    #  -o smtpd_tls_wrappermode=yes
    #  -o smtpd_sasl_auth_enable=yes
    #  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
    #628      inet  n       -       -       -       -       qmqpd
    pickup    fifo  n       -       -       60      1       pickup
    cleanup   unix  n       -       -       -       0       cleanup
    qmgr      fifo  n       -       n       300     1       qmgr
    #qmgr     fifo  n       -       -       300     1       oqmgr
    tlsmgr    unix  -       -       -       1000?   1       tlsmgr
    rewrite   unix  -       -       -       -       -       trivial-rewrite
    bounce    unix  -       -       -       -       0       bounce
    defer     unix  -       -       -       -       0       bounce
    trace     unix  -       -       -       -       0       bounce
    verify    unix  -       -       -       -       1       verify
    flush     unix  n       -       -       1000?   0       flush
    proxymap  unix  -       -       n       -       -       proxymap
    smtp      unix  -       -       -       -       -       smtp
    # When relaying mail as backup MX, disable fallback_relay to avoid MX loops
    relay     unix  -       -       -       -       -       smtp
            -o fallback_relay=
    #       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
    showq     unix  n       -       -       -       -       showq
    error     unix  -       -       -       -       -       error
    discard   unix  -       -       -       -       -       discard
    local     unix  -       n       n       -       -       local
    virtual   unix  -       n       n       -       -       virtual
    lmtp      unix  -       -       -       -       -       lmtp
    anvil     unix  -       -       -       -       1       anvil
    scache    unix  -       -       -       -       1       scache
    #
    # ====================================================================
    # Interfaces to non-Postfix software. Be sure to examine the manual
    # pages of the non-Postfix software to find out what options it wants.
    #
    # Many of the following services use the Postfix pipe(8) delivery
    # agent.  See the pipe(8) man page for information about ${recipient}
    # and other message envelope options.
    # ====================================================================
    #
    # maildrop. See the Postfix MAILDROP_README file for details.
    # Also specify in main.cf: maildrop_destination_recipient_limit=1
    #
    maildrop  unix  -       n       n       -       -       pipe
      flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
    #
    # See the Postfix UUCP_README file for configuration details.
    #
    uucp      unix  -       n       n       -       -       pipe
      flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)#
    # Other external delivery methods.
    #
    ifmail    unix  -       n       n       -       -       pipe
      flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
    bsmtp     unix  -       n       n       -       -       pipe
      flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipientscalemail-backend unix  -       n       n       -       2       pipe
      flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
    mailman   unix  -       n       n       -       -       pipe
      flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
      ${nexthop} ${user}
    
    amavis unix - - - - 2 smtp
     -o smtp_data_done_timeout=1200
     -o smtp_send_xforward_command=yes
     -o disable_dns_lookups=yes
     -o max_use=20
    
    127.0.0.1:10025 inet n - - - - smtpd
     -o content_filter=
     -o local_recipient_maps=
     -o relay_recipient_maps=
     -o smtpd_restriction_classes=
     -o smtpd_delay_reject=no
     -o smtpd_client_restrictions=permit_mynetworks,reject
     -o smtpd_helo_restrictions=
     -o smtpd_sender_restrictions=
     -o smtpd_recipient_restrictions=permit_mynetworks,reject
     -o smtpd_data_restrictions=reject_unauth_pipelining
     -o smtpd_end_of_data_restrictions=
     -o mynetworks=192.168.1.0/24
     -o smtpd_error_sleep_time=0
     -o smtpd_soft_error_limit=1001
     -o smtpd_hard_error_limit=1000
     -o smtpd_client_connection_count_limit=0
     -o smtpd_client_connection_rate_limit=0
     -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
     -o strict_rfc821_envelopes=yes
     -o smtpd_bind_address=127.0.0.1
    
     
  19. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Looks ok. Can you try
    Code:
    chmod 777 /var/run/clamav
    ?
     
  20. brianwc

    brianwc New Member

    chmod 777 doesn't seem to be a permanent fix

    So, this problem persists for me, and appears to even be worse, as this server which previously had uptime averages of months, now locks up where I cannot even ssh in and even physically at the terminal cannot get it to respond, so that only pressing the reset button returns it to functionality.

    Here's some of the errors I get mailed to me by logcheck:

    Code:
    Aug  5 03:28:35 localhost amavis[5024]: (05024-05) (!!) WARN: all primary virus scanners failed, considering backups
    Aug  5 03:33:57 localhost amavis[5025]: (05025-07) (!!) WARN: all primary virus scanners failed, considering backups
    and

    Code:
    Aug  5 03:28:28 localhost amavis[5025]: (05025-06) (!) ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory, retrying (2)
    Aug  5 03:28:29 localhost amavis[5024]: (05024-05) (!) ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory, retrying (2)
    Aug  5 03:28:34 localhost amavis[5025]: (05025-06) (!!) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.
    Aug  5 03:28:35 localhost amavis[5024]: (05024-05) (!!) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.
    Aug  5 03:33:49 localhost amavis[5025]: (05025-06) (!) /usr/bin/clamscan is taking longer than 315 s and will be killed
    Aug  5 03:33:49 localhost amavis[5025]: (05025-06) (!) killing process [12044] running /usr/bin/clamscan
    Aug  5 03:33:50 localhost amavis[5025]: (05025-06) (!) run_av: timed out
    Aug  5 03:33:50 localhost amavis[5025]: (05025-06) (!!) ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462.
    Aug  5 03:33:50 localhost amavis[5025]: (05025-06) (!!) TROUBLE in check_mail: virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.; ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462.
    Aug  5 03:33:50 localhost amavis[5025]: (05025-06) (!) PRESERVING EVIDENCE in /var/lib/amavis/tmp/amavis-20080805T032827-05025
    Aug  5 03:33:50 localhost amavis[5024]: (05024-05) (!) /usr/bin/clamscan is taking longer than 315 s and will be killed
    Aug  5 03:33:50 localhost amavis[5024]: (05024-05) (!) killing process [12045] running /usr/bin/clamscan
    Aug  5 03:33:50 localhost amavis[5024]: (05024-05) (!) run_av: timed out
    Aug  5 03:33:50 localhost amavis[5024]: (05024-05) (!!) ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462.
    Aug  5 03:33:50 localhost amavis[5024]: (05024-05) (!!) TROUBLE in check_mail: virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.; ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462.
    Aug  5 03:33:50 localhost amavis[5024]: (05024-05) (!) PRESERVING EVIDENCE in /var/lib/amavis/tmp/amavis-20080805T032827-05024
    Aug  5 03:33:51 localhost amavis[5025]: (05025-07) (!) ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory, retrying (2)
    Aug  5 03:33:57 localhost amavis[5025]: (05025-07) (!!) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.
    Any other thoughts on what I could try?
     

Share This Page