[AMaViS-user] amavis cannot contact clamd socket after upgradingclamav

This is a discussion on [AMaViS-user] amavis cannot contact clamd socket after upgradingclamav within the Amavis User forums, part of the Anti-Spam and Anti-Virus Related Forums category; I upgraded my OpenBSD system from 4.2 stable to 4.3 290408-snapshot and all was well. I'm ...


Go Back   Usenet Forums > Anti-Spam and Anti-Virus Related Forums > Amavis User

Reload this Page [AMaViS-user] amavis cannot contact clamd socket after upgradingclamav

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 06-01-2008
Juan Miscaro
 
Posts: n/a
Default [AMaViS-user] amavis cannot contact clamd socket after upgradingclamav
I upgraded my OpenBSD system from 4.2 stable to 4.3 290408-snapshot
and all was well. I'm using Clamav as my sole virus checker. After
upgrading Clamav from 0.92.1 to 0.93 by source I'm having problems.
The amavisd-new daemon can no longer talk to clamav through the clamd
socket:

amavis[20611]: (20611-01) (!)run_av (ClamAV-clamd, built-in i/f): Too
many retries to talk to /var/clamav/clamd_sock (timed out) at (eval
99) line 310.
amavis[20611]: (20611-01) (!!)ClamAV-clamd av-scanner FAILED:
CODE(0x87b45a44) Too many retries to talk to /var/clamav/clamd_sock
(timed out) at (eval 99) line 310. at (eval 99) line 511.
amavis[20611]: (20611-01) (!!)WARN: all primary virus scanners failed,
considering backups
amavis[20611]: (20611-01) (!!)TROUBLE in check_mail: virus_scan
FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner
FAILED: CODE(0x87b45a44) Too many retries to talk to
/var/clamav/clamd_sock (timed out) at (eval 99) line 310. at (eval 99)
line 511.
amavis[20611]: (20611-01) (!)PRESERVING EVIDENCE in
/var/amavisd/tmp/amavis-20080601T002552-20611

$ su - amavisd -c 'ls /var/clamav/clamd_sock'
srwxrwxrwx 1 amavisd amavisd 0B Jun 1 00:16 /var/clamav/clamd_sock

I start clamd like this:

su - amavisd -c /usr/local/clamav/sbin/clamd

Any ideas on how I can troubleshoot this?

/juan

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/...fo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/

Reply With Quote
  #2 (permalink)  
Old 06-04-2008
Mark Martinec
 
Posts: n/a
Default Re: [AMaViS-user] amavis cannot contact clamd socket afterupgrading clamav
Juan,

> I upgraded my OpenBSD system from 4.2 stable to 4.3 290408-snapshot
> and all was well. I'm using Clamav as my sole virus checker. After
> upgrading Clamav from 0.92.1 to 0.93 by source I'm having problems.
> The amavisd-new daemon can no longer talk to clamav through the clamd
> socket:
>
> amavis[20611]: (20611-01) (!)run_av (ClamAV-clamd, built-in i/f): Too
> many retries to talk to /var/clamav/clamd_sock (timed out)
> at (eval 99) line 310.

clamd is alive, socket exists and is connectable, but clamd did
not respond in reasonable time.

> $ su - amavisd -c 'ls /var/clamav/clamd_sock'
> srwxrwxrwx 1 amavisd amavisd 0B Jun 1 00:16 /var/clamav/clamd_sock
>
> I start clamd like this:
> su - amavisd -c /usr/local/clamav/sbin/clamd

Try using clamdscan or a plain socat (http://www.dest-unreach.org/socat/)
running as user 'amavisd' to simulate a client, and see what happens.
Turning up more verbose logging in clamd may provide more information.


# su amavisd

$ clamdscan 0.lis
/usr/local/src/0.lis: Email.ScamL.Gen293.Sanesecurity.07043019 FOUND

----------- SCAN SUMMARY -----------
Infected files: 1
Time: 1.051 sec (0 m 1 s)
patsy src# clamdscan -v 0.lis
/usr/local/src/0.lis: Email.ScamL.Gen293.Sanesecurity.07043019 FOUND

----------- SCAN SUMMARY -----------
Infected files: 1
Time: 1.467 sec (0 m 1 s)


or connect to a socket manually:

$ socat -v readline unix-connect:/var/run/clamav/clamd
SCAN /usr/local/src/0.lis

> 2008/06/04 17:24:23.383344 length=26 from=0 to=25
SCAN /usr/local/src/0.lis
< 2008/06/04 17:24:24.803284 length=69 from=0 to=68
/usr/local/src/0.lis: Email.ScamL.Gen293.Sanesecurity.07043019 FOUND
/usr/local/src/0.lis: Email.ScamL.Gen293.Sanesecurity.07043019 FOUND


Mark


-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/...fo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/

Reply With Quote
  #3 (permalink)  
Old 06-05-2008
Juan Miscaro
 
Posts: n/a
Default Re: [AMaViS-user] amavis cannot contact clamd socket afterupgrading clamav
2008/6/4 Charles Seeger <seeger@cise.ufl.edu>:
> +------ "Juan Miscaro" wrote (Sun, 1-Jun-2008, 09:05 -0400):
> |
> | I upgraded my OpenBSD system from 4.2 stable to 4.3 290408-snapshot
> | and all was well. I'm using Clamav as my sole virus checker. After
> | upgrading Clamav from 0.92.1 to 0.93 by source I'm having problems.
> | The amavisd-new daemon can no longer talk to clamav through the clamd
> | socket:
> |
> | amavis[20611]: (20611-01) (!)run_av (ClamAV-clamd, built-in i/f): Too
> | many retries to talk to /var/clamav/clamd_sock (timed out) at (eval
> | 99) line 310.
> | amavis[20611]: (20611-01) (!!)ClamAV-clamd av-scanner FAILED:
> | CODE(0x87b45a44) Too many retries to talk to /var/clamav/clamd_sock
> | (timed out) at (eval 99) line 310. at (eval 99) line 511.
> | amavis[20611]: (20611-01) (!!)WARN: all primary virus scanners failed,
> | considering backups
> | amavis[20611]: (20611-01) (!!)TROUBLE in check_mail: virus_scan
> | FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner
> | FAILED: CODE(0x87b45a44) Too many retries to talk to
> | /var/clamav/clamd_sock (timed out) at (eval 99) line 310. at (eval 99)
> | line 511.
> | amavis[20611]: (20611-01) (!)PRESERVING EVIDENCE in
> | /var/amavisd/tmp/amavis-20080601T002552-20611
> |
> | $ su - amavisd -c 'ls /var/clamav/clamd_sock'
> | srwxrwxrwx 1 amavisd amavisd 0B Jun 1 00:16 /var/clamav/clamd_sock
> |
> | I start clamd like this:
> |
> | su - amavisd -c /usr/local/clamav/sbin/clamd
> |
> | Any ideas on how I can troubleshoot this?
>
> Try this clamav patch:
>
> https://wwws.clamav.net/bugzilla/attachment.cgi?id=634
>
> The corresponding bugid is:
>
> https://wwws.clamav.net/bugzilla/show_bug.cgi?id=885


That's nasty. Thanks for your reply.

/juan

-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/...fo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/

Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 10:06 AM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0