LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   postfix+amavisd (https://www.linuxquestions.org/questions/linux-security-4/postfix-amavisd-589981/)

megerdin 10-06-2007 11:51 PM

postfix+amavisd
 
Dear friend
I m using FC7 in my server. And using postfix as mail server.
SO i configured amavis, clamav antivirus. My problem is when I send any mail, amavised try to scan it but failure...

Quote:

Oct 7 10:30:17 Server1 amavis[10025]: (10025-03) (!)run_av (ClamAV-clamd, built-in i/f): Too many retries to talk to /var/spool/amavisd/clamd.sock (Can't connect to UNIX socket /var/spool/amavisd/clamd.sock: Con nection refused) at (eval 45) line 310.
Oct 7 10:30:17 Server1 amavis[10025]: (10025-03) (!!)ClamAV-clamd av-scanner FAILED: CODE(0x8d38600) Too many retries to talk to /var/spool/amavisd/clamd.sock (Can't connect to UNIX socket /var/spool/amavisd/cla md.sock: Connection refused) at (eval 45) line 310. at (eval 45) line 511.
Oct 7 10:30:17 Server1 amavis[10025]: (10025-03) (!!)WARN: all primary virus scanners failed, considering backups
the file already exit and user is amavise permission set to 644 later 777. I don't know whats wrong with me. please help.........

win32sux 10-07-2007 02:24 AM

Do you have SELinux properly set up to allow these programs' activities?

megerdin 10-08-2007 01:31 AM

Selinux has been stooped.

win32sux 10-08-2007 03:04 AM

What's the perms on /var/spool/amavisd?
Code:

ls -l /var/spool | grep amavisd
Kinda weird to be using an "amavisd" directory for clamd's socket file, no?

megerdin 10-08-2007 10:47 PM

Quote:

Originally Posted by megerdin (Post 2916876)
Selinux alreadystoped.
and result same,

What should I do?

megerdin 10-08-2007 10:54 PM

there is no amavised log., all in maillog, the msg is........
Quote:

Oct 9 09:46:10 Server1 amavis[2991]: (02991-14) (!)ClamAV-clamd: Can't connect to UNIX socket /var/spool/amavisd/clamd.sock: Connection refused, retrying (2)

Oct 9 09:46:16 Server1 amavis[2991]: (02991-14) (!)run_av (ClamAV-clamd, built-in i/f): Too many retries to talk to /var/spool/amavisd/clamd.sock (Can't connect to UNIX socket /var/spool/amavisd/clamd.sock: Connection refused) at (eval 45) line 310.

Oct 9 09:46:16 Server1 amavis[2991]: (02991-14) (!!)ClamAV-clamd av-scanner FAILED: CODE(0x9b245a0) Too many retries to talk to /var/spool/amavisd/clamd.sock (Can't connect to UNIX socket /var/spool/amavisd/clamd.sock: Connection refused) at (eval 45) line 310. at (eval 45) line 511.

Oct 9 09:46:16 Server1 amavis[2991]: (02991-14) (!!)WARN: all primary virus scanners failed, considering backups

win32sux 10-09-2007 04:51 AM

Quote:

Originally Posted by megerdin (Post 2917932)
What should I do?

A good start would be to post the output of the ls command as requested.

billymayday 10-09-2007 05:30 AM

In clamd.conf, what do you have for LocalSocket, and what do you have set in amavisd.conf along the lines of

# ### http://www.clamav.net/
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.socket"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
# # NOTE: run clamd under the same user as amavisd, or run it under its own
# # uid such as clamav, add user clamav to the amavis group, and then add
# # AllowSupplementaryGroups to clamd.conf;
# # NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in
# # this entry; when running chrooted one may prefer socket "$MYHOME/clamd".

They need to be the same file and if they are, then it's probably a permissions issue

Do you have clamd running ("chkconfig clamd on" and "service clamd start" - second command before first reboot only)?

dreyrugr 10-10-2007 09:38 PM

I had this same issue and your answer lead me to the proper fix billmayday. Thanks for that. I am using FC6 and with amavisd and clamav the actual script to start is clamd.amavisd, so....
chkconfig clamd.amavisd on
service clamd.amavisd start
service postfix restart

This got me up and running. Thanks so much for the help.


All times are GMT -5. The time now is 04:29 PM.