LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 10-07-2007, 12:51 AM   #1
megerdin
Member
 
Registered: Jul 2007
Location: London
Distribution: FC11,FC10,FC7,FC4,Centos 5.1,Ubuntu,Mandrake Linux,puppy.LinuxMint.Opensuse
Posts: 181

Rep: Reputation: 31
postfix+amavisd


Dear friend
I m using FC7 in my server. And using postfix as mail server.
SO i configured amavis, clamav antivirus. My problem is when I send any mail, amavised try to scan it but failure...

Quote:
Oct 7 10:30:17 Server1 amavis[10025]: (10025-03) (!)run_av (ClamAV-clamd, built-in i/f): Too many retries to talk to /var/spool/amavisd/clamd.sock (Can't connect to UNIX socket /var/spool/amavisd/clamd.sock: Con nection refused) at (eval 45) line 310.
Oct 7 10:30:17 Server1 amavis[10025]: (10025-03) (!!)ClamAV-clamd av-scanner FAILED: CODE(0x8d38600) Too many retries to talk to /var/spool/amavisd/clamd.sock (Can't connect to UNIX socket /var/spool/amavisd/cla md.sock: Connection refused) at (eval 45) line 310. at (eval 45) line 511.
Oct 7 10:30:17 Server1 amavis[10025]: (10025-03) (!!)WARN: all primary virus scanners failed, considering backups
the file already exit and user is amavise permission set to 644 later 777. I don't know whats wrong with me. please help.........
 
Old 10-07-2007, 03:24 AM   #2
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Do you have SELinux properly set up to allow these programs' activities?
 
Old 10-08-2007, 02:31 AM   #3
megerdin
Member
 
Registered: Jul 2007
Location: London
Distribution: FC11,FC10,FC7,FC4,Centos 5.1,Ubuntu,Mandrake Linux,puppy.LinuxMint.Opensuse
Posts: 181

Original Poster
Rep: Reputation: 31
Selinux has been stooped.
 
Old 10-08-2007, 04:04 AM   #4
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
What's the perms on /var/spool/amavisd?
Code:
ls -l /var/spool | grep amavisd
Kinda weird to be using an "amavisd" directory for clamd's socket file, no?

Last edited by win32sux; 10-08-2007 at 04:09 AM.
 
Old 10-08-2007, 11:47 PM   #5
megerdin
Member
 
Registered: Jul 2007
Location: London
Distribution: FC11,FC10,FC7,FC4,Centos 5.1,Ubuntu,Mandrake Linux,puppy.LinuxMint.Opensuse
Posts: 181

Original Poster
Rep: Reputation: 31
Quote:
Originally Posted by megerdin View Post
Selinux alreadystoped.
and result same,
What should I do?
 
Old 10-08-2007, 11:54 PM   #6
megerdin
Member
 
Registered: Jul 2007
Location: London
Distribution: FC11,FC10,FC7,FC4,Centos 5.1,Ubuntu,Mandrake Linux,puppy.LinuxMint.Opensuse
Posts: 181

Original Poster
Rep: Reputation: 31
there is no amavised log., all in maillog, the msg is........
Quote:
Oct 9 09:46:10 Server1 amavis[2991]: (02991-14) (!)ClamAV-clamd: Can't connect to UNIX socket /var/spool/amavisd/clamd.sock: Connection refused, retrying (2)

Oct 9 09:46:16 Server1 amavis[2991]: (02991-14) (!)run_av (ClamAV-clamd, built-in i/f): Too many retries to talk to /var/spool/amavisd/clamd.sock (Can't connect to UNIX socket /var/spool/amavisd/clamd.sock: Connection refused) at (eval 45) line 310.

Oct 9 09:46:16 Server1 amavis[2991]: (02991-14) (!!)ClamAV-clamd av-scanner FAILED: CODE(0x9b245a0) Too many retries to talk to /var/spool/amavisd/clamd.sock (Can't connect to UNIX socket /var/spool/amavisd/clamd.sock: Connection refused) at (eval 45) line 310. at (eval 45) line 511.

Oct 9 09:46:16 Server1 amavis[2991]: (02991-14) (!!)WARN: all primary virus scanners failed, considering backups
 
Old 10-09-2007, 05:51 AM   #7
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by megerdin View Post
What should I do?
A good start would be to post the output of the ls command as requested.
 
Old 10-09-2007, 06:30 AM   #8
billymayday
Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
In clamd.conf, what do you have for LocalSocket, and what do you have set in amavisd.conf along the lines of

# ### http://www.clamav.net/
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.socket"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
# # NOTE: run clamd under the same user as amavisd, or run it under its own
# # uid such as clamav, add user clamav to the amavis group, and then add
# # AllowSupplementaryGroups to clamd.conf;
# # NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in
# # this entry; when running chrooted one may prefer socket "$MYHOME/clamd".

They need to be the same file and if they are, then it's probably a permissions issue

Do you have clamd running ("chkconfig clamd on" and "service clamd start" - second command before first reboot only)?

Last edited by billymayday; 10-09-2007 at 06:38 AM.
 
Old 10-10-2007, 10:38 PM   #9
dreyrugr
LQ Newbie
 
Registered: Jun 2006
Posts: 2

Rep: Reputation: 0
I had this same issue and your answer lead me to the proper fix billmayday. Thanks for that. I am using FC6 and with amavisd and clamav the actual script to start is clamd.amavisd, so....
chkconfig clamd.amavisd on
service clamd.amavisd start
service postfix restart

This got me up and running. Thanks so much for the help.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
rbl problem with postfix-amavisd-spamassassin rointy Linux - Server 6 01-25-2007 11:01 AM
amavisd and postfix saavik Linux - Networking 4 10-27-2006 08:10 PM
Spamassassin setup with Postfix, Dovecot and Amavisd snurckle Linux - General 2 04-07-2005 01:16 PM
Postfix - amavisd (?) localhost.com joseph_1970 Linux - Software 1 02-13-2004 06:42 PM
Postfix/amavisd-new virus scaning only thesnaggle Linux - Software 0 12-16-2003 11:08 AM


All times are GMT -5. The time now is 02:42 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration