clamav major problem

Discussion in 'Server Operation' started by nikolaosp, Oct 24, 2017.

  1. nikolaosp

    nikolaosp Member

    Hi everyone,
    I have a server setup using the tutorial for the perfect server on debian 8, apache, postfix etc etc. It is a machine with a xeon processor with 4 cores, 16gb ram and 1tb of sata hdd.

    I have setup this machine and it was working perfectly until roughly a week ago. It could be a coincidence but it appears that the issues started after the 3.1.7p1 update (if that makes any sense). i have a vm running in this server that occupies abot 6 of the 16gb of RAM. I noticed that the server was practically unresponsive in most respects, i.e. apache was not serving websites, mail was not getting delivered, ftp was timing out and ssh was extremely slow. After seeing that all my memory was occupied i first cast the blame at the virtualbox vm that was running within the server. However, 2-3 hours after the vm was removed from the server i noticed that the same issue was reappearing and the culprit was /usr/bin/clamscan process that was using approximately 200mb of ram but had more that 50-60 different instances running.
    I proceeded to restart the server but an hour or something later the same happened all over again.
    I ended up removing clamav and all its dependencies by using apt-get remove --purge clam*
    The server is back to its old good working order but all my emails now have the *** UNCHECKED *** tag in front of all subjects. I tried to reinstall clamav and everything else from the tutorial but same thing happened in 2-3 hours (server becomes unresponsive, running a command from ssh takes forever, etc).

    Can anybody please point to the right direction as to how to make this work as it should?
  2. nikolaosp

    nikolaosp Member

    In an article I found by Toby Heywood, the exact same symptoms are described and the exactly same way of thinking was undertaken by Mr Toby. I too have an installation of owncloud with an antivirus and it was indeed the first option (executable) that was selected by default. i have now reinstalled clamav and the rest of the programs and changed this setting to Daemon (socket). I hope that it will work.

Share This Page