aCaB wrote: > Frank Bures wrote: >> May 4 09:13:13 alchemy sendmail[27492]: n44DDBf8027492: Milter (clamav): >> write(L) returned -1, expected 61: Broken pipe >> May 4 09:13:13 alchemy sendmail[27492]: n44DDBf8027492: Milter (clamav): >> to error state >> May 4 09:13:13 alchemy sendmail[27454]: n44DDAda027454: Milter (clamav): >> write(L) returned -1, expected 91: Broken pipe >> May 4 09:13:13 alchemy sendmail[27454]: n44DDAda027454: Milter (clamav): >> to error state >> May 4 09:13:19 alchemy sendmail[27261]: n44DCvN5027261: Milter (clamav): >> write(D) returned -1, expected 201: Broken pipe >> May 4 09:13:19 alchemy sendmail[27261]: n44DCvN5027261: Milter (clamav): >> to error state >> May 4 09:13:37 alchemy sendmail[27057]: n44DCaW0027057: Milter (clamav): >> write(Q) returned -1, expected 5: Broken pipe >> May 4 09:13:37 alchemy sendmail[27057]: n44DCaW0027057: Milter (clamav): >> to error state >> May 4 09:13:57 alchemy sendmail[27255]: n44DCvuW027255: Milter (clamav): >> write(Q) returned -1, expected 5: Broken pipe >> May 4 09:13:57 alchemy sendmail[27255]: n44DCvuW027255: Milter (clamav): >> to error state >> May 4 09:14:11 alchemy sendmail[27332]: n44DD1nU027332: Milter (clamav): >> write(Q) returned -1, expected 5: Broken pipe >> May 4 09:14:11 alchemy sendmail[27332]: n44DD1nU027332: Milter (clamav): >> to error state >> May 4 09:14:51 alchemy sendmail[28578]: n44DEpeg028578: Milter (clamav): >> error connecting to filter: Connection refused by >> /var/run/clamd/clamav-milter.sock >> May 4 09:14:57 alchemy sendmail[28611]: n44DEvw8028611: Milter (clamav): >> error connecting to filter: Connection refused by >> /var/run/clamd/clamav-milter.sock >> May 4 09:15:03 alchemy sendmail[28661]: n44DF34I028661: Milter (clamav): >> error connecting to filter: Connection refused by >> /var/run/clamd/clamav-milter.sock > > Up to this point ^^^ clamav milter was not running or hung or the socket > privs were not right.
Please, let me point out that I did not change anything during the whole log period quoted here. I did not change privileges of anything. So, if you are right, does it mean that milter was not running after the start and then it spontaneously started? Why is the connection refused by clamav-milter.sock and then it is granted for no apparent reason? BTW, I use /etc/rc.d/init.d/clamav-milter from 0.94.2 to start, reload and stop the service. No script was included in 0.95.1 package. Is that script suitable to use with 0.95.1? > >> May 4 09:15:07 alchemy clamav-milter[28717]: Local socket >> unix:/var/run/clamd/clamav.sock added to the pool (slot 1) >> May 4 09:15:07 alchemy clamav-milter[28717]: Probe for slot 1 returned: >> success > > This ^^^ is clamav milter talking to clamd. Usually you get this kind of > messages at startup so my guess is that before 9:15 clamav-milter was > not running at all. > >> May 4 09:15:20 alchemy sendmail[28865]: n44DFI7f028865: Milter change: >> header X-Virus-Scanned: from by amavisd-new at nmrweb.chem.utoronto.ca to >> clamav-milter 0.95.1 at alchemy.chem.utoronto.ca >> >> May 4 09:16:37 alchemy sendmail[29470]: n44DGbHN029470: Milter change: >> header X-Virus-Scanned: from Debian amavisd-new at ldl.fc.hp.com to >> clamav-milter 0.95.1 at alchemy.chem.utoronto.ca > > These ^^^ are the sign that clamav-milter is alive and working fine. > However these lines are NOT coming from clamav milter but rather from > sendmail. > >> There were many incoming messages between 09:15:20 and 09:16:37 that were >> silently ignored by the Milter. > > No idea TBH... Were they whitelisted? No, I have no whitelist for milter. > Try setting LogVerbose yes or increase verbosity in confMILTER_LOG_LEVEL. I will, but I have to wait till weekend. I cannot mess with my production server too much... What's really weird is that 0.94.2 works OK with the exactly same setup (with the exception of clamav-milter.conf of course). Cheers Frank -- <[email protected]> _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
