Is there a way to upgrade the ClamAV to 0.90.2?
----- Original Message ----- From: "G M" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Thursday, May 10, 2007 5:16 PM Subject: Re: [Efw-user] ClamAV problems causing strange EFW behaviour Nothing strange on your /var/amavis/ , those amavis-xxxxxxx may come from clamav failures, you should find some "PRESERVING EVIDENCE" in your smtp log near clam failures. Scenario is changed from your post ? Have you routed incoming messages away from EFW on account of the failures ? Try to manually restart clamav: /usr/local/bin/restartclamav Wich version of clamav is now running ? Grab this from Clamav log or from the shell: freshclam -v I can drive you to upgrade to 0.90.2 but don't know what will happens starting from a corrupted one. >From: rune2001 <[EMAIL PROTECTED]> >Reply-To: [email protected] >To: [email protected] >Subject: Re: [Efw-user] ClamAV problems causing strange EFW behaviour >Date: Thu, 10 May 2007 06:02:00 -0700 (PDT) > > >Okay, here is the output for the commands you suggested: > >--------------------------------------------------------- ># du -h /tmp/ >--------------------------------------------------------- >264K /tmp/mailgraph/,cgi-bin >268K /tmp/mailgraph >272K /tmp/ > >--------------------------------------------------------- ># du -h /var/amavis/ >--------------------------------------------------------- >4.0K /var/amavis/db >4.0K /var/amavis/tmp >4.0K /var/amavis/var >96K /var/amavis/virusmails >4.0K /var/amavis/mime >4.0K /var/amavis/.spamassassin >8.0K /var/amavis/.pyzor >4.0K /var/amavis/amavis-20070509T162256-04757/parts >12K /var/amavis/amavis-20070509T162256-04757 >4.0K /var/amavis/amavis-20070509T160440-04125/parts >8.0K /var/amavis/amavis-20070509T160440-04125 >4.0K /var/amavis/amavis-20070509T162453-04756/parts >12K /var/amavis/amavis-20070509T162453-04756 >284K /var/amavis/ > > > > > > > > > > >G M-3 wrote: > > > > I ran into similar behaviour, clamav shoud be upgraded. > > Post the results of each of this command: > > > > du -h /tmp/ > > du -h /var/amavis/ > > > > > > > > > >>From: rune2001 <[EMAIL PROTECTED]> > >>Reply-To: [email protected] > >>To: [email protected] > >>Subject: [Efw-user] ClamAV problems causing strange EFW behaviour > >>Date: Wed, 9 May 2007 04:12:51 -0700 (PDT) > >> > >> > >>Hi there. > >> > >>I need some help with narrowing down and fix some problem(s) with my >Endian > >>FW. (Community Release 2.1) > >>First off, it has been working perfectly for a long time but recently >there > >>has been some strange problems. > >> > >> > >>Description of the problem(s): > >>-------------------------------------------------------------------------------------------------------------------- > >>1) I discovered that the EFW ran out of diskspace. The "/dev/hda4 /var" > >>mount/device was full, resulting in NDR's for my mail, saying "Relaying > >>Denied". > >> > >>2) I checked the logs and found messages indicating that the ClamAV was >a > >>potential candidate for the problem. > >> > >> freshclam[4308]: WARNING: Your ClamAV installation is OUTDATED! > >> freshclam[4308]: WARNING: Current functionality level = 10, > >>recommended > >>= 15 > >> freshclam[4308]: DON'T PANIC! Read http://www.clamav.net/faq.html > >> > >>3) I tried the suggested link to the ClamAV FAQ (wich by the way is >wrong) > >>and started reading the FAQ and WIKI. As I am not a Linux guru (and >didn't > >>think I would have to be when running EFW) I found myself scratching my > >>head, thinking that these FAQ/WIKI's is not written for beginners... > >> > >>4) Searched the "Endian Firewall" and "efw-user" forums here on Nabble >and > >>found out that it is not just me, but several persons that is wondering >how > >>to upgrade the ClamAV. I also found some posts from "Thomas Heimann" >where > >>he posts about new ClamAV versions for EFW. Sadly, there is no >information > >>for us Linux beginners on how to get started with these upgrades... > >> > >>5) Back at my out-of-disk problem, I found a KB article ( > >>http://kb.endian.com/entry/31/ ) that describes my problem, but not all >of > >>the symptoms. Connecting to my EFW via SSH through Putty, I managed to >find > >>that the files that was filling up my disk was ClamAV virus definition > >>update files: /var/amavis # clamav-* > >> > >>6) As I couldn't find any information about what to do, I took a chance >on > >>that the solution in the KB article would work in this case too. So I > >>managed to delete all the hundreds of "clamav-*" files filling up the >disk > >>(was this a misstake?). After deleting them, I discovered that the > >>"/dev/hda4 /var" mount/device was only ~100 MB again. > >>Rebooted the EFW and tried sending mails, wich worked fine again. > >>Problem Solved, I thought. > >>Wrong. > >> > >>7) After this, I discovered that the EFW settings was screwed up. > >> - SSH Enabled was unchecked, even though I could connect with putty > >>without any problems. > >> - SMTP Proxy was unchecked, even though SMTP traffic worked. (All >of > >>the > >>configured domains was still there) > >> - Some more, similar settings were also screwed, dont remember them > >>though... > >> > >>(Rebooting again didn't change anything) > >> > >>8) I checked and reconfigured all my EFW settings and configuration and > >>rebooted again. > >>This time all settings where as they should. > >> > >>9) After this, everything was fine for a week, until today when the SMTP > >>proxy didn't respond anymore. > >>Tried logging on to the WEB GUI and check, but the WEB GUI didn't >respond > >>either. > >>Rebooted the EFW got the SMTP proxy working and I could also log on to >the > >>WEB GUI. > >> > >>10) When checking the logs, i can see that same message that the ClamAV >is > >>outdated. > >> > >>11) Checking the Mailqueue I can see: > >> (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, > >>id=03544-05-3, virus_scan FAILED: virus_scan: > >> ALL VIRUS SCANNERS FAILED: Clam Antivirus - clamscan av-scanner > >>FAILED: > >>/usr/bin/clamscan timed out at > >> (eval 40) line 466.; Clam Antivirus - clamscan av-scanner FAILED: > >>/usr/bin/clamscan timed out at (eval 40) > >> line 466. (in reply to end of DATA command)) > >> > >>12) As of now, the EFW is extremely slow and the disk activity wont >stop. > >>All mails are getting queued at the EFW. > >> > >>My thoughts is that it is the ClamAV that is the problem and needs to be > >>reinstalled or upgraded. > >>I have no idÃf©a on how to proceed with this though... > >>-------------------------------------------------------------------------------------------------------------------- > >> > >>Any assistance would be appriciated. > >> > >>BR. > >> > >>rune > >>-- > >>View this message in context: > >>http://www.nabble.com/ClamAV-problems-causing-strange-EFW-behaviour-tf3715117.html#a10392349 > >>Sent from the efw-user mailing list archive at Nabble.com. > >> > >> > >>------------------------------------------------------------------------- > >>This SF.net email is sponsored by DB2 Express > >>Download DB2 Express C - the FREE version of DB2 express and take > >>control of your XML. No limits. Just data. Click to get it now. > >>http://sourceforge.net/powerbar/db2/ > >>_______________________________________________ > >>Efw-user mailing list > >>[email protected] > >>https://lists.sourceforge.net/lists/listinfo/efw-user > > > > _________________________________________________________________ > > Personalizza la tua casella di posta con Windows Live Hotmail! > > http://imagine-windowslive.com/hotmail/default.aspx?locale=it#5 > > > > > > >------------------------------------------------------------------------- > > This SF.net email is sponsored by DB2 Express > > Download DB2 Express C - the FREE version of DB2 express and take > > control of your XML. No limits. Just data. Click to get it now. > > http://sourceforge.net/powerbar/db2/ > > _______________________________________________ > > Efw-user mailing list > > [email protected] > > https://lists.sourceforge.net/lists/listinfo/efw-user > > > > > >-- >View this message in context: >http://www.nabble.com/ClamAV-problems-causing-strange-EFW-behaviour-tf3715117.html#a10412853 >Sent from the efw-user mailing list archive at Nabble.com. > > >------------------------------------------------------------------------- >This SF.net email is sponsored by DB2 Express >Download DB2 Express C - the FREE version of DB2 express and take >control of your XML. No limits. Just data. Click to get it now. >http://sourceforge.net/powerbar/db2/ >_______________________________________________ >Efw-user mailing list >[email protected] >https://lists.sourceforge.net/lists/listinfo/efw-user _________________________________________________________________ Windows Live Hotmail: 2GB di spazio per la tua posta. GRATIS! http://imagine-windowslive.com/hotmail/default.aspx?locale=it#2 ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Efw-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/efw-user ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Efw-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/efw-user
