Hi Robert, clamav-milter is a separate process that interacts with clamd. What user are you running clamav-milter under? It seems as thought clamav-milter doesn't have permission to access the clamd socket file to interact with clamd.
Regarding multiple socket options: You are correct in that the ClamdSocket option in the milter config file may be used multiple times in case you have multiple clamd instances set up. However, each clamd instance will only listen on 1 socket, so you must select either 1 TCP or 1 Unix/Local. Cheers, Micah Micah Snyder ClamAV Development Talos Cisco Systems, Inc. On Jul 16, 2018, at 11:06 AM, Robert Kudyba <rkud...@fordham.edu<mailto:rkud...@fordham.edu>> wrote: Thanks Micah, now getting a different error: Jul 16 10:59:23 storm clamav-milter[32079]: ClamAV: Unable to remove /var/run/clamd.scan/clamd.sock: Permission denied Jul 16 10:59:23 storm clamav-milter[32079]: ERROR: Failed to create socket /var/run/clamd.scan/clamd.sock Jul 16 10:59:23 storm clamav-milter[32079]: ClamAV: Unable to create listening socket on conn /var/run/clamd.scan/clamd.sock ls -l /var/run/clamd.scan/clamd.sock srw-rw-rw- 1 clamscan clamscan 0 Jul 16 10:57 /var/run/clamd.scan/clamd.sock In the /etc/mail/clamav-milter.conf I have: MilterSocket /var/run/clamd.scan/clamd.sock ClamdSocket unix:/var/run/clamd.scan/clamd.sock Clamd is running, note as the user clamscan: ps -auwx | grep clam clamupd+ 2252 0.0 0.0 50740 3832 ? Ss Jul11 0:38 /usr/bin/freshclam -d -c 4 root 17462 0.0 0.0 119104 3264 ? Ss 09:00 0:00 /bin/bash /usr/share/clamav/freshclam-sleep clamscan 30407 0.0 4.6 1406020 1141612 ? Ssl 10:57 0:00 /usr/sbin/clamd -c /etc/clamd.d/scan.conf The last few lines of /var/log/clamav-milter.log has: Mon Jul 16 10:30:15 2018 -> Failed to establish a connection to clamd Mon Jul 16 10:30:15 2018 -> Probe for slot 1 returned: failed Mon Jul 16 10:30:15 2018 -> Failed to establish a connection to clamd Mon Jul 16 10:30:15 2018 -> Probe for slot 2 returned: failed Mon Jul 16 10:30:15 2018 -> Probe for slot 3 returned: success You wrote: "You should use only 1 ( TCP _or_ Unix/Local ) socket for clamd" But in the clamav-milter.conf it says: # This option can be repeated several times with different sockets or even # with the same socket: clamd servers will be selected in a round-robin # fashion. Anyways, seems to be a permission problem. Is clamav-milter trying to restart clamd based on the logs above?? On Fri, Jul 13, 2018 at 9:06 AM, Micah Snyder (micasnyd) <micas...@cisco.com<mailto:micas...@cisco.com>> wrote: It looks to me like you have 2 types of sockets set up in your milter config, and only 1 type of socket set up in your clamd config: ClamdSocket tcp:localhost:3310 ClamdSocket unix:/var/run/clamd.scan/clamd.sock Lines in /etc/clamd.d/scan.conf TCPSocket 3310 TCPAddr 127.0.0.1 You should use only 1 ( TCP _or_ Unix/Local ) socket for clamd. We recommend using Unix/Local sockets. Micah Snyder ClamAV Development Talos Cisco Systems, Inc. On Jul 10, 2018, at 5:12 PM, Robert Kudyba <rkud...@fordham.edu<mailto:rkud...@fordham.edu>> wrote: ClamdSocket tcp:localhost:3310 ClamdSocket unix:/var/run/clamd.scan/clamd.sock Lines in /etc/clamd.d/scan.conf TCPSocket 3310 TCPAddr 127.0.0.1 _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.clamav.net_cgi-2Dbin_mailman_listinfo_clamav-2Dusers&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=unhaF4uJnMs3AVEXQaA4Mffu_38QO9gp0_R1MQ-vQbQ&s=WuF3C5NO_kof-zA6OSL5C7p8pwYXzTfQq5aoMOg0GSM&e= Help us build a comprehensive ClamAV guide: https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_vrtadmin_clamav-2Dfaq&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=unhaF4uJnMs3AVEXQaA4Mffu_38QO9gp0_R1MQ-vQbQ&s=iUmHiP0ZFNaK22hm6e5QIA7sGao0Gh0ztdSLV2Qhg9U&e= https://urldefense.proofpoint.com/v2/url?u=http-3A__www.clamav.net_contact.html-23ml&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=unhaF4uJnMs3AVEXQaA4Mffu_38QO9gp0_R1MQ-vQbQ&s=d-9aIaJVTefoOJR2YIGYgVGiD73p8LHdsXg3uY8WeNs&e= _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
