Dear ClamAv Users,
In my environment I have 2 external mail gateway in the DMZ, forwarding all
e-mails to an internal mail server.
All of them are running Solaris 11 with sendmail and mimedefang as milter.
I am running this constellation since about more than a year very successfully
without any downtime till 2 weeks.
Around 2 weeks ago all 3 servers stopped working for mail forwarding because
the process clamd core dumped.
At that time I had in use a beta version of 0.98.4 it was clamav-0.98.4-rc1
I traced back the problem due to the fact I didn't use the latest version.
So I upgraded to clamav-0.98.4 and in the same step also mimedefang to the
latest version 2.75
This is how mimedefang involves clamd in /usr/local/bin/mimedefang.pl
$Features{'Virus:CLAMD'} = ('/usr/local/sbin/clamd' ne '/bin/false' ?
'/usr/local/sbin/clamd' : 0);
The system worked stable for 2 weeks.
Yesterday evening I noticed the same problem. A restart didn't help. After
short time clamed crashed again.
As short solution I disabled the virus scanning overnight.
Today I have a stable situation without changing anything. Of course pattern
updates are running.
I assume an ugly attachment did crash the virus scanning process. Now this mail
is passed and it's running fine.
I am worried about the fact that the ClamAV solution becomes more and more
instable.
How can I support the ClamAV team with additional information to reach a stable
system again ?
What I have is a 305 MB core dump from clamd for Sparc platform. But I think,
this will not help.
In the meantime I started clamd with the option --debug
Till now I didn't find any entries in the syslog.
Kind regards
Hans
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
