ISPConfig and Clamassassin

Discussion in 'Developers' Forum' started by till, Mar 4, 2007.

  1. till

    till Super Moderator Staff Member ISPConfig Developer


    I encounter a strange problem with the ISPConfig 2.2.11 (Thats why I didnt release it yet).

    Sometimes I get a Clamav error 50 which indicates a problem with the antivirus database, in this case clamav creates a directory in /tmp/ with "clamav" plus a random string as name which contains a antivirus database. This directory is owned by the user that received the mail.

    Does anyone else encounter this with either the 2.2.11 beta or 2.2.10 and the clamasassin fix (--mbox removed in clamav option)? Any ideas what may cause this?
  2. edge

    edge Active Member Moderator

    Yes, I also have 2 directory's in my /tmp dir. (using ISPconfig 2.2.10 and the clamasassin fix)
    host:/tmp# ls
    One of the dir's does have some stuff in it!
    host:/tmp# cd clamav-24465acfba690eb49a98090fe5bd3f70
    host:/tmp/clamav-24465acfba690eb49a98090fe5bd3f70# ls
    COPYING  main.db  main.hdb  main.ndb
    I have no clue what's causing this..!
    Last edited: Mar 4, 2007
  3. jnsc

    jnsc rotaredoM Moderator

    I also have this directories on a server not using clamasassin. And one is dated from december 2004, so this does not look as something new. But personally I nerver got an error 50.
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    How old are the directories? Have they been created on the day you updated ISPConfig to 2.2.10 / 2.2.11 or later?
  5. edge

    edge Active Member Moderator

    Both directories are from march the 3rd (yesterday) The last ISPconfig update was before that.

    I do not have the directories on my other servers as I do not have email users on it.
  6. Hans

    Hans Moderator ISPConfig Developer

    On my server with ISPConfig 2.2.10 i have also some files provided by ClamAV like these:


    I do not have that files on my testserver with ISPConfig 2.2.11 beta1, as i do not use that server as a mailserver.
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    I searched a bit in the clamav mailing lists and this seems to be a common problem with the new release. It looks like almost all systems are broken that invoke clamav from different users. They created a patch release 0.90.1 that shall fix some of the issues and additionally a change in freshclam prevents that clamav can access the signature databases because they changed the chmod of the files from 0755 to 0700. I added some patches to ISPConfig and test it now. Lets hope that this fixes the problems :)
  8. till

    till Super Moderator Staff Member ISPConfig Developer

  9. Hans

    Hans Moderator ISPConfig Developer


    I've downloaded 2.2.11 beta2 on my testing-server with Debian Sarge.
    Everything looks fine.

    After that (i think i trust you a lot) i installed it on one of my production servers.
    (Debian Sarge unofficial 64 bit)

    Everything looks ok, but i have to wait to see if the strange clamav-files within /tmp do not appear again.

    Thanks for your work, i think you did it!
  10. till

    till Super Moderator Staff Member ISPConfig Developer

    Thats great to hear :)

    By the wy, I enabled logging in freshclam to the mail logfile, if you run a grep for clam or freshclam on the logfile, you should now be able to monitor if the update of the signatures is ok :)
  11. Hans

    Hans Moderator ISPConfig Developer

    That's a nice option.

    I will give that a try as well!

    ((( :)))))
  12. Hans

    Hans Moderator ISPConfig Developer


    After one night, i've checked my /tmp file and no clamav stuff anymore.
    So, that's good.

    Within the my email-header, i can see that the new clamav is functioning:

    X-Virus-Checker-Version: clamassassin 1.2.3 with clamscan / ClamAV 0.90.1/2735/Mon Mar 5 16:23:59 2007

    No problems, so far! :)

Share This Page