So, is clamd running?
# systemctl status clamd@scan
On 8/7/2020 6:14 PM, Diego Piñon Conde wrote:
Finally after an eternity it completes!
% Total % Received % Xferd Average Speed Time Time Time
Current
Dload Upload Total Spent Left
Speed
100 2040 100 2040 0 0 434 0 0:00:04 0:00:04
--:--:-- 434
Stopping qmail-toaster: svscan qmail logging.
Failed to stop clamav-daemon.socket: Unit clamav-daemon.socket not loaded.
Failed to stop clamav-daemon.service: Unit clamav-daemon.service not
loaded.
Preparing packages...
clamav-0.102.4-1.el7.x86_64
Loaded plugins: fastestmirror, priorities
Loading mirror speeds from cached hostfile
epel/x86_64/metalink | 55 kB 00:00:02
* base: centos.zero.com.ar <http://centos.zero.com.ar>
* epel: mirror.globo.com <http://mirror.globo.com>
* extras: centos.zero.com.ar <http://centos.zero.com.ar>
* updates: centos.zero.com.ar <http://centos.zero.com.ar>
base | 3.6 kB 00:00:00
epel | 4.7 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/4): extras/7/x86_64/primary_db | 206 kB 00:00:15
(2/4): updates/7/x86_64/primary_db | 3.8 MB 00:00:19
(3/4): epel/x86_64/updateinfo | 1.0 MB 00:00:19
(4/4): epel/x86_64/primary_db | 6.9 MB 00:00:21
Package clamav-update-0.102.4-1.el7.x86_64 already installed and
latest version
Package clamd-0.102.4-1.el7.x86_64 already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package clamav.x86_64 0:0.102.4-1.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
=============================================================================================
Package Arch Version Repository
Size
=============================================================================================
Installing:
clamav x86_64 0.102.4-1.el7 epel
446 k
Transaction Summary
=============================================================================================
Install 1 Package
Total download size: 446 k
Installed size: 1.9 M
Downloading packages:
clamav-0.102.4-1.el7.x86_64.rpm | 446 kB 00:00:07
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Warning: RPMDB altered outside of yum.
** Found 1 pre-existing rpmdb problem(s), 'yum check' output follows:
simscan-1.4.0-3.qt.el7.x86_64 has missing requires of clamav
Installing : clamav-0.102.4-1.el7.x86_64 1/1
Verifying : clamav-0.102.4-1.el7.x86_64 1/1
Installed:
clamav.x86_64 0:0.102.4-1.el7
Complete!
I run systemctl start clamd@scan but
Job for [email protected] failed because a timeout was exceeded. See
"systemctl status [email protected]" and "journalctl -xe" for details.
El vie., 7 ago. 2020 a las 20:08, Diego Piñon Conde
(<[email protected] <mailto:[email protected]>>) escribió:
Sorry if I sound rude, English is not my native language.
I was just asking to verify if the EPEL installation could be
incompatible with the normal ClamAV
Running...
El vie., 7 ago. 2020 a las 19:39, Eric Broch
(<[email protected] <mailto:[email protected]>>) escribió:
Remo is just making sure all the settings are good...it can't
hurt.
On 8/7/2020 4:36 PM, Diego Piñon Conde wrote:
Do you remember i've changed clamav for EPEL clamav ? It's ok?
El vie., 7 ago. 2020 a las 19:21, Remo Mattei
(<[email protected] <mailto:[email protected]>>) escribió:
I would run the script one more time
curl -Ohttps://raw.githubusercontent.com/qmtoaster/scripts/master/clam-cos7.sh
&& chmod 755 ./clam-cos7.sh && ./clam-cos7.sh
and see
On Aug 7, 2020, at 3:19 PM, Diego Piñon Conde
<[email protected] <mailto:[email protected]>> wrote:
Same error
systemctl start clamd@scan
Job for [email protected] <mailto:[email protected]>
failed because a timeout was exceeded. See "systemctl
status [email protected] <mailto:[email protected]>"
and "journalctl -xe" for details.
El vie., 7 ago. 2020 a las 19:08, Eric Broch
(<[email protected]
<mailto:[email protected]>>) escribió:
run the following and try to restart clamd@scan
curl -o /etc/clamd.d/scan.confhttps://raw.githubusercontent.com/qmtoaster/scripts/master/scan.conf
On 8/7/2020 4:05 PM, Diego Piñon Conde wrote:
systemctl start clamd@scan Job for
[email protected] <mailto:[email protected]>
failed because a timeout was exceeded. See
"systemctl status [email protected]
<mailto:[email protected]>" and "journalctl -xe"
for details.
Did Not start
El vie., 7 ago. 2020 a las 18:44, Eric Broch
(<[email protected]
<mailto:[email protected]>>) escribió:
don't stop it. allow it to go until it starts.
sometimes it takes quite a while.
On 8/7/2020 3:39 PM, Diego Piñon Conde wrote:
systemctl start clamd@scan
freeze and do nothing
# ls -ld /var/log/dspam
/drwxrwx--- 2 dspam mail 81 Feb 18 03:57
/var/log/dspam/
# ls -la /var/log/dspam /
/
/total 10256
drwxrwx--- 2 dspam mail 81 Feb 18 03:57 .
drwxr-xr-x. 16 root root 4096 Aug 7 17:53 ..
-rw-r--r-- 1 dspam mail 0 Feb 18 03:57
sql.errors
-rw-rw---- 1 vpopmail mail 10493507 Feb 18
01:53 sql.errors-20200218
-rw------- 1 dspam mail 0 Feb 18 03:57
sql.errors-20200218.gz/
El vie., 7 ago. 2020 a las 18:31, Eric Broch
(<[email protected]
<mailto:[email protected]>>) escribió:
What's the output of the following commands?
# ls -ld /var/log/dspam
and
# ls -la /var/log/dspam
On 8/7/2020 2:46 PM, Diego Piñon Conde wrote:
This is the only weird message i can
repeated times see from now
[00 ]Aug 7 17:40:54 pegasus
dspam[19962]: Unable to open file for
writing: /var/log/dspam/sql.errors:
Permission denied
[00]Aug 7 17:40:55 pegasus dspam[19962]:
bailing on error -2
[00]Aug 7 17:40:55 pegasus dspam[19962]:
received invalid result (!DSR_ISSPAM &&
!DSR_ISINNOCENT): -2
[00]Aug 7 17:40:55 pegasus dspam[19962]:
process_message returned error -5.
delivering.
I 'm still looking
El vie., 7 ago. 2020 a las 17:06, Philip
Nix Guru (<[email protected]
<mailto:[email protected]>>) escribió:
Hello
a bit hard to debug without checking
system
if you got multitail
create a file with :
multitail -Z red,black,inverse -T -S
-x "%m %u@%h %f (%t) [%l]" \
-m 0 -n 49 -cS qmail-send -l
"qmlog -f send" \
-m 0 -n 49 -cS qmail-smtp3 -em
"policy_check" -em "CHKUSER" -em
"simscan" -em "spamdyke" -em
"qmail-smtpd: " -l "qmlog -f smtp" \
-m 0 -n 49 -cS qmtspamassassin -ev
"prefork" -ev "(connection from
localhost)" -l "tail -f
/var/log/maillog" \
# -m 0 -n 49 -cS qmail-smtp -em
"policy_check" -em "CHKUSER" -em
"simscan" -em "spamdyke" -em
"qmail-smtpd: " -em "spf-reject" -l
"qmlog -f submission" \
# -m 0 -n 49 -cS qmtspamassassin
-ev "prefork" -ev "(connection from
localhost)" -l "tail -f
/var/log/maillog"
and just sh it, and check if you see
anything weird/strange, delay ...
in the mail transaction
The amount of messages in the local
queue is still descending but I
don't know why so slow!
El vie., 7 ago. 2020 a las 15:48,
Philip Nix Guru (<[email protected]
<mailto:[email protected]>>) escribió:
Hello
But the mail does get delivered
just with a very long delay ?
and you disabled clamd but it
still running ?
Check a delivered mail, look at
the headers, make sure clamd is
really not running
anything suspicous in
/var/log/clamd/clamd.log ?
qmHandle -s shows what ?
On 8/7/20 8:34 PM, Diego Piñon
Conde wrote:
2 hs has passed and the local
queue has 3530 msg (it was 3700
at some point). Beside clamd
that it is still running and
time to time take 100% cpu
usage (I don't understand why
because qmailtoaster it's
supoust that not use it
anymore), cpu usage is normally
below 20% and memory is the
same. So why does it take so
long to deliver local msg!
I'm in UTC -3, so probably all
of you are snoring. I will keep
working til qmailtoaster works
normally, I hope when you wake
up you can give me a hand.
I will really appreciate that.
Thanks in advance!
El vie., 7 ago. 2020 a las
12:29, Philip Nix Guru
(<[email protected]
<mailto:[email protected]>>) escribió:
Hello
what you could start by
doing is disabling
idle-timeout-secs=xx in
/etc/spamdyke/spamdyke.conf
just comment the line
check in a few hours if
your TIMEOUT drastically
decreased
then you can adapt the
idle-timeout delay
If not then, we can check
other things
Cheers
On 8/7/20 4:40 PM, Diego
Piñon Conde wrote:
Hi Philip
this is the tail of
/var/log/maillog
/Aug 7 11:31:01 pegasus
spamdyke[2968]: TIMEOUT
from:
[email protected]
<mailto:[email protected]>
to:
[email protected]
<mailto:[email protected]>
origin_ip: 209.85.215.175
origin_rdns:
mail-pg1-f175.google.com
<http://mail-pg1-f175.google.com/>
auth: (unknown)
encryption: TLS reason:
TIMEOUT
Aug 7 11:31:03 pegasus
spamdyke[2970]: TIMEOUT
from:
[email protected]
<mailto:[email protected]>
to:
[email protected]
<mailto:[email protected]>
origin_ip: 209.167.231.144
origin_rdns:
mail01.messages.sonicwall.com
<http://mail01.messages.sonicwall.com/>
auth: (unknown)
encryption: TLS reason:
TIMEOUT
Aug 7 11:31:03 pegasus
spamdyke[2969]: TIMEOUT
from:
v-cjcdika_pmnlhikcme_gmicmlkp_gmicmlk...@bounce.info.bancopatagonia.com.ar
<mailto:v-cjcdika_pmnlhikcme_gmicmlkp_gmicmlk...@bounce.info.bancopatagonia.com.ar>
to:
[email protected]
<mailto:[email protected]>
origin_ip: 192.156.219.80
origin_rdns:
mail7756.info.bancopatagonia.com.ar
<http://mail7756.info.bancopatagonia.com.ar/>
auth: (unknown)
encryption: TLS reason:
TIMEOUT
Aug 7 11:31:06 pegasus
spamdyke[2974]: TIMEOUT
from:
bounce-10710_html-121882056-2177875-6399888-...@bounce.mail.bbva.com.ar
<mailto:bounce-10710_html-121882056-2177875-6399888-...@bounce.mail.bbva.com.ar>
to:
[email protected]
<mailto:[email protected]>
origin_ip: 13.111.6.12
origin_rdns:
mta.mail.bbva.com.ar
<http://mta.mail.bbva.com.ar/>
auth: (unknown)
encryption: TLS reason:
TIMEOUT
Aug 7 11:31:24 pegasus
vpopmail[3225]:
vchkpw-submission: (PLAIN)
login success
[email protected]:10.10.10.8
<mailto:[email protected]:10.10.10.8>
Aug 7 11:31:27 pegasus
spamdyke[3004]: TIMEOUT
from:
[email protected]
<mailto:[email protected]>
to:
[email protected]
<mailto:[email protected]>
origin_ip: 91.211.241.9
origin_rdns:
pmta41009.emsmtp.com
<http://pmta41009.emsmtp.com/>
auth: (unknown)
encryption: TLS reason:
TIMEOUT
Aug 7 11:31:32 pegasus
spamdyke[3006]: TIMEOUT
from:
[email protected]
<mailto:[email protected]>
to:
[email protected]
<mailto:[email protected]>
origin_ip: 40.107.76.91
origin_rdns:
mail-eopbgr760091.outbound.protection.outlook.com
<http://mail-eopbgr760091.outbound.protection.outlook.com/>
auth: (unknown)
encryption: TLS reason:
TIMEOUT
Aug 7 11:31:34 pegasus
spamdyke[3050]: TIMEOUT
from:
[email protected]
<mailto:[email protected]>
to:
[email protected]
<mailto:[email protected]>
origin_ip: 190.210.19.10
origin_rdns:
webmail.provinciaseguros.com
<http://webmail.provinciaseguros.com/>
auth: (unknown)
encryption: TLS reason:
TIMEOUT
Aug 7 11:31:38 pegasus
spamdyke[3074]: TIMEOUT
from:
[email protected]
<mailto:[email protected]>
to:
[email protected]
<mailto:[email protected]>
origin_ip: 209.85.210.45
origin_rdns:
mail-ot1-f45.google.com
<http://mail-ot1-f45.google.com/>
auth: (unknown)
encryption: TLS reason:
TIMEOUT
Aug 7 11:31:42 pegasus
spamdyke[3158]: TIMEOUT
from:
[email protected]
<mailto:[email protected]>
to:
[email protected]
<mailto:[email protected]>
origin_ip: 200.41.224.100
origin_rdns:
mail.mardelplata.gov.ar
<http://mail.mardelplata.gov.ar/>
auth: (unknown)
encryption: (none) reason:
TIMEOUT/
I've checked scan.conf and
logverbose = yes
El vie., 7 ago. 2020 a las
11:27, Philip Nix Guru
(<[email protected]
<mailto:[email protected]>>)
escribió:
Hello
can you check if you
got any
TIMEOUT in
/var/log/maillog log file
since you did your update
Check also your
scan.conf file
/etc/clamd.d/scan.conf
Enable Log (verbose) ,
LogVerbose yes
On 8/7/20 4:12 PM,
Diego Piñon Conde wrote:
Hi all
I'm running qmail
toaster on CentOS 7.
Because I had
problems with
freshclam (terrible
slow db update),
yesterday I changed
clamAV to Epel version.
I don't know if it's
relevant, but after
that local delivery
was too slow.
Local queue was
increasing in size
and every email
received by clients
was received 5 or 6
times.
I thinked maybe clamd
it's the culprit, so
I've changed clamd=no
in simcontrol and did
qmailctl cdb but
nothing has changed.
My knowledge is
limited and I will
appreciate any help
