ClamAV fail to start - mail server not working

Discussion in 'Installation/Configuration' started by ataru, Mar 27, 2019.

  1. ataru

    ataru Member

    Hello, I'm in a CentOS 5.5 server with ISPConfig 3.1.1, configured using that tutorial: https://www.howtoforge.com/perfect-server-centos-5.5-x86_64-ispconfig-3

    after an hard reboot my system got tons of this error in mail log:
    Code:
    Mar 27 10:56:00 biancocelesti amavis[14993]: (14993-10-2) (!)run_av (ClamAV-clamscan) FAILED - unexpected exit 2, output="LibClamAV Error: cli_pcre_compile: PCRE compilation failed at offset 20: unrecognized character after (?<\nLibClamAV Error: cli_pcre_build: failed to build pcre regex\nERROR: Database initialization error: Malformed database"
    Mar 27 10:56:00 biancocelesti amavis[14993]: (14993-10-2) (!)ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan unexpected exit 2, output="LibClamAV Error: cli_pcre_compile: PCRE compilation failed at offset 20: unrecognized character after (?<\nLibClamAV Error: cli_pcre_build: failed to build pcre regex\nERROR: Database initialization error: Malformed database" at (eval 96) line 594.
    Mar 27 10:56:00 biancocelesti amavis[14993]: (14993-10-2) (!!)TROUBLE in check_mail: virus_scan FAILED: AV: ALL VIRUS SCANNERS FAILED
    Mar 27 10:56:00 biancocelesti amavis[14993]: (14993-10-2) (!)PRESERVING EVIDENCE in /var/spool/amavisd/tmp/amavis-20190327T105516-14993
    Mar 27 09:56:00 biancocelesti postfix/smtp[7432]: 8772D1DB86AF2: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10026, conn_use=2, delay=323737, delays=320669/3024/0/44, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=14993-10-2, virus_scan FAILED: AV: ALL VIRUS SCANNERS FAILED (in reply to end of DATA command))
    trying to restart clamd returns:

    Code:
    LibClamAV Error: cli_pcre_compile: PCRE compilation failed at offset 20: unrecognized character after (?<
    LibClamAV Error: cli_pcre_build: failed to build pcre regex
    ERROR: Database initialization error: Malformed database [FAILED]
    uninstalled and reinstalled clamav, upgraded pcre sorted no effects


    any idea?
     
    Last edited: Mar 27, 2019
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Reading the error messages you posted:
    Look at the file that refers to, there seems to be someting extra gunk there.
     
  3. ataru

    ataru Member

    can't find what file it refers to. where should i try to find it?
     
  4. Jesse Norell

    Jesse Norell Well-Known Member

    Seems to be a problem in one of the clamav databases, you could try to force the download of an update (I don't know how off the top of me head, so just search for that) in case it is corrupt. My first thought was wondering if your OS is simply too old and incompatible with current signature databases, but that is pure speculation, though if downloading a fresh db doesn't fix it, it's something more to explore. Also try a search for your exact error and OS version, of course.
     
  5. ataru

    ataru Member

    It's planned an upgrade, next week, but I need to make mail server run. I tried to force DB download, but no luck. Now I'm trying to disable clamd in amavis and see what happens
     
  6. Jesse Norell

    Jesse Norell Well-Known Member

    That should get mail flowing.

    FWIW, I cut & pasted the error from your log above and searched on that; there were only 2 hits, both from the same message thread which discusses this exact issue on Centos 5, and it sounds like the solution one party found was to upgrade the pcre library on the machine: https://www.mail-archive.com/[email protected]/msg47054.html
     
  7. Jesse Norell

    Jesse Norell Well-Known Member

    My mistake, there were 2 hits, but for 2 different threads with the same issue (old pcre library on centos 5) and solutions.
     
  8. ataru

    ataru Member

    Not sure how to upgrade pcre like. I tried with a yum pcre update, but no luck

    There's a workaround adding a file in etc/bin/clamav, but I haven't got that for, only etc/run/clamav

    Probably my poor English doesn't let me find the solution
     
    Last edited: Mar 27, 2019
  9. ataru

    ataru Member

    I really don't know why, it started working again.
     
  10. Jesse Norell

    Jesse Norell Well-Known Member

    My guess is the clamav database you had a problem with was changed to be compatible with your old pcre library, and started working after a subsequent update.
     

Share This Page