David,
> We are using amavisd-new + amavisd-milter and, once in a while, a mail
> comes in that can't be scanned in the given $child_timeout time. The
> mail gets temporarily rejected like this (amavisd-new 2.6.2):
>
> 4.5.0 Error in processing, id=04844, virus_scan FAILED: virus_scan:
> ALL VIRUS SCANNERS FAILED:
> Sophie av-scanner FAILED:
> run_av error: ask_daemon_internal: Exceeded allowed time
> at (eval 89) line 308, <GEN16> line 33.;
> ClamAV-clamd av -scanner FAILED:
> run_av error: ask_daemon_internal: Exceeded allowed time
> at (eval 89) line 308, <GEN16> line 33.
>
> I have two questions about that:
>
> 1. Would it be possible to use a somewhat nicer error message? Giving
> error line numbers is a little bit ugly. The best for us would be to
> just say the following:
>
> 4.5.0 Error in processing, id=04844, virus_scan FAILED: virus_scan: ALL
> VIRUS SCANNERS FAILED
I agree it is too long. I'll make the following change:
--- amavisd.orig 2008-12-15 01:50:09.000000000 +0100
+++ amavisd 2009-03-16 18:34:27.000000000 +0100
@@ -10385,5 +10385,5 @@
do_log(-1, "virus_scan TIMED OUT, ASSUME NOT A VIRUS !!!");
} else {
- $hold = "virus_scan: $@"; # request HOLD
+ $hold = "AV: $@"; # request HOLD
$av_ret = 0; # pretend it was ok (msg should be held)
die "$hold\n"; # die, TEMPFAIL is preferred to HOLD
@@ -20204,5 +20204,6 @@
last; # error, bail out
}
- die "run_av: Exceeded allowed time" if time >= $deadline;
+ die "Exceeded allowed time\n" if time >= $deadline;
+ die "Exceeded allowed time\n";
}
1;
@@ -20213,5 +20214,8 @@
if defined($scan_status) && !$scan_status;
chdir($tempdir) or die "Can't chdir to $tempdir: $!";
- if (defined $eval_stat) { die "run_av error: $eval_stat" }
+ if (defined $eval_stat) {
+ prolong_timer('run_av', $deadline - time); # restart timer
+ die "run_av error: $eval_stat\n";
+ }
if (!defined($scan_status) && defined($error_str)) {
die "$command $error_str"; # die is more informative than return value
@@ -20225,5 +20229,5 @@
my($anyone_done) = 0; my($anyone_tried) = 0;
my($bare_fnames_ref,$names_to_parts);
- my(@errors); my($j); my($tier) = 'primary';
+ my($j); my($tier) = 'primary';
for my $av (@{ca('av_scanners')}, "\000", @{ca('av_scanners_backup')}) {
next if !defined $av;
@@ -20259,5 +20263,5 @@
my($err) = $@ ne '' ? $@ : "errno=$!"; chomp $err;
$err = sprintf("%s av-scanner FAILED: %s", $scanner_name, $err);
- do_log(-2,"%s",$err); push(@errors,$err);
+ do_log(-2,"%s", $err);
$this_status = undef;
die $err if $err =~ /^timed out\b/; # resignal timeout
@@ -20341,6 +20345,5 @@
$output =~ s{\Q$tempdir\E/parts/?}{}gs if defined $output; # hide path info
if (!$anyone_tried) { die "NO VIRUS SCANNERS AVAILABLE\n" }
- elsif (!$anyone_done)
- { die("ALL VIRUS SCANNERS FAILED: ".join("; ",@errors)."\n") }
+ elsif (!$anyone_done) { die "ALL VIRUS SCANNERS FAILED\n" }
($scan_status, $output, \...@virusname, \...@detecting_scanners); # return
a quad
}
> 2. Is it possible to put the mail in the quarantine for analysis? The
> mail is completely gone and we need to wait for it to come back
> again. It would be nice to have it in the quarantine because then we
> could analyze it offline and also release it if it is not a virus.
Each temporary failure should leave behind preserved temporary
directory, along with a mail message (email.txt), available for
later examination. The directory path should be logged:
PRESERVING EVIDENCE in /var/amavis/tmp/amavis-20090316T182947-15812
but can also be deduced from a process ID or timestamp of
the failing task.
Mark
------------------------------------------------------------------------------
Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
easily build your RIAs with Flex Builder, the Eclipse(TM)based development
software that enables intelligent coding and step-through debugging.
Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
