Running? Inviato da iPad
>> Il giorno 7 ago 2020, alle ore 5:36 PM, Eric Broch <[email protected]> >> ha scritto: > > So, is clamd running? > > # systemctl status clamd@scan > > On 8/7/2020 6:14 PM, Diego Piñon Conde wrote: >> Finally after an eternity it completes! >> >> % Total % Received % Xferd Average Speed Time Time Time >> Current >> Dload Upload Total Spent Left Speed >> 100 2040 100 2040 0 0 434 0 0:00:04 0:00:04 --:--:-- >> 434 >> Stopping qmail-toaster: svscan qmail logging. >> Failed to stop clamav-daemon.socket: Unit clamav-daemon.socket not loaded. >> Failed to stop clamav-daemon.service: Unit clamav-daemon.service not loaded. >> Preparing packages... >> clamav-0.102.4-1.el7.x86_64 >> Loaded plugins: fastestmirror, priorities >> Loading mirror speeds from cached hostfile >> epel/x86_64/metalink | 55 >> kB 00:00:02 >> * base: centos.zero.com.ar >> * epel: mirror.globo.com >> * extras: centos.zero.com.ar >> * updates: centos.zero.com.ar >> base | 3.6 >> kB 00:00:00 >> epel | 4.7 >> kB 00:00:00 >> extras | 2.9 >> kB 00:00:00 >> updates | 2.9 >> kB 00:00:00 >> (1/4): extras/7/x86_64/primary_db | 206 >> kB 00:00:15 >> (2/4): updates/7/x86_64/primary_db | 3.8 >> MB 00:00:19 >> (3/4): epel/x86_64/updateinfo | 1.0 >> MB 00:00:19 >> (4/4): epel/x86_64/primary_db | 6.9 >> MB 00:00:21 >> Package clamav-update-0.102.4-1.el7.x86_64 already installed and latest >> version >> Package clamd-0.102.4-1.el7.x86_64 already installed and latest version >> Resolving Dependencies >> --> Running transaction check >> ---> Package clamav.x86_64 0:0.102.4-1.el7 will be installed >> --> Finished Dependency Resolution >> >> Dependencies Resolved >> >> ============================================================================================= >> Package Arch Version >> Repository Size >> ============================================================================================= >> Installing: >> clamav x86_64 0.102.4-1.el7 epel >> 446 k >> >> Transaction Summary >> ============================================================================================= >> Install 1 Package >> >> Total download size: 446 k >> Installed size: 1.9 M >> Downloading packages: >> clamav-0.102.4-1.el7.x86_64.rpm | 446 >> kB 00:00:07 >> Running transaction check >> Running transaction test >> Transaction test succeeded >> Running transaction >> Warning: RPMDB altered outside of yum. >> ** Found 1 pre-existing rpmdb problem(s), 'yum check' output follows: >> simscan-1.4.0-3.qt.el7.x86_64 has missing requires of clamav >> Installing : clamav-0.102.4-1.el7.x86_64 >> 1/1 >> Verifying : clamav-0.102.4-1.el7.x86_64 >> 1/1 >> >> Installed: >> clamav.x86_64 0:0.102.4-1.el7 >> >> Complete! >> >> I run systemctl start clamd@scan but >> >> Job for [email protected] failed because a timeout was exceeded. See >> "systemctl status [email protected]" and "journalctl -xe" for details. >> >> El vie., 7 ago. 2020 a las 20:08, Diego Piñon Conde (<[email protected]>) >> escribió: >>> Sorry if I sound rude, English is not my native language. >>> I was just asking to verify if the EPEL installation could be incompatible >>> with the normal ClamAV >>> >>> Running... >>> >>> >>> >>> >>> El vie., 7 ago. 2020 a las 19:39, Eric Broch (<[email protected]>) >>> escribió: >>>> Remo is just making sure all the settings are good...it can't hurt. >>>> >>>>> On 8/7/2020 4:36 PM, Diego Piñon Conde wrote: >>>>> Do you remember i've changed clamav for EPEL clamav ? It's ok? >>>>> >>>>> El vie., 7 ago. 2020 a las 19:21, Remo Mattei (<[email protected]>) >>>>> escribió: >>>>>> I would run the script one more time >>>>>> >>>>>> curl -O >>>>>> https://raw.githubusercontent.com/qmtoaster/scripts/master/clam-cos7.sh >>>>>> && chmod 755 ./clam-cos7.sh && ./clam-cos7.sh >>>>>> >>>>>> >>>>>> and see >>>>>> >>>>>>> On Aug 7, 2020, at 3:19 PM, Diego Piñon Conde <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>> Same error >>>>>>> >>>>>>> systemctl start clamd@scan >>>>>>> Job for [email protected] failed because a timeout was exceeded. See >>>>>>> "systemctl status [email protected]" and "journalctl -xe" for details. >>>>>>> >>>>>>> El vie., 7 ago. 2020 a las 19:08, Eric Broch >>>>>>> (<[email protected]>) escribió: >>>>>>>> run the following and try to restart clamd@scan >>>>>>>> >>>>>>>> curl -o /etc/clamd.d/scan.conf >>>>>>>> https://raw.githubusercontent.com/qmtoaster/scripts/master/scan.conf >>>>>>>> >>>>>>>> On 8/7/2020 4:05 PM, Diego Piñon Conde wrote: >>>>>>>>> systemctl start clamd@scan Job for [email protected] >>>>>>>>> failed because a timeout was exceeded. See "systemctl status >>>>>>>>> [email protected]" and "journalctl -xe" for details. >>>>>>>>> >>>>>>>>> Did Not start >>>>>>>>> >>>>>>>>> El vie., 7 ago. 2020 a las 18:44, Eric Broch >>>>>>>>> (<[email protected]>) escribió: >>>>>>>>>> don't stop it. allow it to go until it starts. sometimes it takes >>>>>>>>>> quite a while. >>>>>>>>>> >>>>>>>>>> On 8/7/2020 3:39 PM, Diego Piñon Conde wrote: >>>>>>>>>>> systemctl start clamd@scan >>>>>>>>>>> >>>>>>>>>>> freeze and do nothing >>>>>>>>>>> >>>>>>>>>>> # ls -ld /var/log/dspam >>>>>>>>>>> >>>>>>>>>>> drwxrwx--- 2 dspam mail 81 Feb 18 03:57 /var/log/dspam >>>>>>>>>>> >>>>>>>>>>> # ls -la /var/log/dspam >>>>>>>>>>> >>>>>>>>>>> total 10256 >>>>>>>>>>> drwxrwx--- 2 dspam mail 81 Feb 18 03:57 . >>>>>>>>>>> drwxr-xr-x. 16 root root 4096 Aug 7 17:53 .. >>>>>>>>>>> -rw-r--r-- 1 dspam mail 0 Feb 18 03:57 sql.errors >>>>>>>>>>> -rw-rw---- 1 vpopmail mail 10493507 Feb 18 01:53 >>>>>>>>>>> sql.errors-20200218 >>>>>>>>>>> -rw------- 1 dspam mail 0 Feb 18 03:57 >>>>>>>>>>> sql.errors-20200218.gz >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> El vie., 7 ago. 2020 a las 18:31, Eric Broch >>>>>>>>>>> (<[email protected]>) escribió: >>>>>>>>>>>> What's the output of the following commands? >>>>>>>>>>>> >>>>>>>>>>>> # ls -ld /var/log/dspam >>>>>>>>>>>> >>>>>>>>>>>> and >>>>>>>>>>>> >>>>>>>>>>>> # ls -la /var/log/dspam >>>>>>>>>>>> >>>>>>>>>>>> On 8/7/2020 2:46 PM, Diego Piñon Conde wrote: >>>>>>>>>>>>> This is the only weird message i can repeated times see from now >>>>>>>>>>>>> [00 ]Aug 7 17:40:54 pegasus dspam[19962]: Unable to open file >>>>>>>>>>>>> for writing: /var/log/dspam/sql.errors: Permission denied >>>>>>>>>>>>> [00]Aug 7 17:40:55 pegasus dspam[19962]: bailing on error -2 >>>>>>>>>>>>> [00]Aug 7 17:40:55 pegasus dspam[19962]: received invalid result >>>>>>>>>>>>> (!DSR_ISSPAM && !DSR_ISINNOCENT): -2 >>>>>>>>>>>>> [00]Aug 7 17:40:55 pegasus dspam[19962]: process_message >>>>>>>>>>>>> returned error -5. delivering. >>>>>>>>>>>>> >>>>>>>>>>>>> I 'm still looking >>>>>>>>>>>>> >>>>>>>>>>>>> El vie., 7 ago. 2020 a las 17:06, Philip Nix Guru >>>>>>>>>>>>> (<[email protected]>) escribió: >>>>>>>>>>>>>> Hello >>>>>>>>>>>>>> >>>>>>>>>>>>>> a bit hard to debug without checking system >>>>>>>>>>>>>> >>>>>>>>>>>>>> if you got multitail >>>>>>>>>>>>>> >>>>>>>>>>>>>> create a file with : >>>>>>>>>>>>>> >>>>>>>>>>>>>> multitail -Z red,black,inverse -T -S -x "%m %u@%h %f (%t) [%l]" \ >>>>>>>>>>>>>> -m 0 -n 49 -cS qmail-send -l "qmlog -f send" \ >>>>>>>>>>>>>> -m 0 -n 49 -cS qmail-smtp3 -em "policy_check" -em "CHKUSER" >>>>>>>>>>>>>> -em "simscan" -em "spamdyke" -em "qmail-smtpd: " -l "qmlog -f >>>>>>>>>>>>>> smtp" \ >>>>>>>>>>>>>> -m 0 -n 49 -cS qmtspamassassin -ev "prefork" -ev "(connection >>>>>>>>>>>>>> from localhost)" -l "tail -f /var/log/maillog" \ >>>>>>>>>>>>>> # -m 0 -n 49 -cS qmail-smtp -em "policy_check" -em "CHKUSER" >>>>>>>>>>>>>> -em "simscan" -em "spamdyke" -em "qmail-smtpd: " -em >>>>>>>>>>>>>> "spf-reject" -l "qmlog -f submission" \ >>>>>>>>>>>>>> # -m 0 -n 49 -cS qmtspamassassin -ev "prefork" -ev >>>>>>>>>>>>>> "(connection from localhost)" -l "tail -f /var/log/maillog" >>>>>>>>>>>>>> >>>>>>>>>>>>>> and just sh it, and check if you see anything weird/strange, >>>>>>>>>>>>>> delay ... >>>>>>>>>>>>>> >>>>>>>>>>>>>> in the mail transaction >>>>>>>>>>>>>> >>>>>>>>>>>>>>> The amount of messages in the local queue is still descending >>>>>>>>>>>>>>> but I don't know why so slow! >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> El vie., 7 ago. 2020 a las 15:48, Philip Nix Guru >>>>>>>>>>>>>>> (<[email protected]>) escribió: >>>>>>>>>>>>>>>> Hello >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> But the mail does get delivered just with a very long delay ? >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> and you disabled clamd but it still running ? >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Check a delivered mail, look at the headers, make sure clamd >>>>>>>>>>>>>>>> is really not running >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> anything suspicous in /var/log/clamd/clamd.log ? >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> qmHandle -s shows what ? >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> On 8/7/20 8:34 PM, Diego Piñon Conde wrote: >>>>>>>>>>>>>>>>> 2 hs has passed and the local queue has 3530 msg (it was 3700 >>>>>>>>>>>>>>>>> at some point). Beside clamd that it is still running and >>>>>>>>>>>>>>>>> time to time take 100% cpu usage (I don't understand why >>>>>>>>>>>>>>>>> because qmailtoaster it's supoust that not use it anymore), >>>>>>>>>>>>>>>>> cpu usage is normally below 20% and memory is the same. So >>>>>>>>>>>>>>>>> why does it take so long to deliver local msg! >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> I'm in UTC -3, so probably all of you are snoring. I will >>>>>>>>>>>>>>>>> keep working til qmailtoaster works normally, I hope when you >>>>>>>>>>>>>>>>> wake up you can give me a hand. >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> I will really appreciate that. Thanks in advance! >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> El vie., 7 ago. 2020 a las 12:29, Philip Nix Guru >>>>>>>>>>>>>>>>> (<[email protected]>) escribió: >>>>>>>>>>>>>>>>>> Hello >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> what you could start by doing is disabling >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> idle-timeout-secs=xx in /etc/spamdyke/spamdyke.conf >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> just comment the line >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> check in a few hours if your TIMEOUT drastically decreased >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> then you can adapt the idle-timeout delay >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> If not then, we can check other things >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Cheers >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> On 8/7/20 4:40 PM, Diego Piñon Conde wrote: >>>>>>>>>>>>>>>>>>> Hi Philip >>>>>>>>>>>>>>>>>>> this is the tail of /var/log/maillog >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> Aug 7 11:31:01 pegasus spamdyke[2968]: TIMEOUT from: >>>>>>>>>>>>>>>>>>> [email protected] to: [email protected] >>>>>>>>>>>>>>>>>>> origin_ip: 209.85.215.175 origin_rdns: >>>>>>>>>>>>>>>>>>> mail-pg1-f175.google.com auth: (unknown) encryption: TLS >>>>>>>>>>>>>>>>>>> reason: TIMEOUT >>>>>>>>>>>>>>>>>>> Aug 7 11:31:03 pegasus spamdyke[2970]: TIMEOUT from: >>>>>>>>>>>>>>>>>>> [email protected] to: [email protected] >>>>>>>>>>>>>>>>>>> origin_ip: 209.167.231.144 origin_rdns: >>>>>>>>>>>>>>>>>>> mail01.messages.sonicwall.com auth: (unknown) encryption: >>>>>>>>>>>>>>>>>>> TLS reason: TIMEOUT >>>>>>>>>>>>>>>>>>> Aug 7 11:31:03 pegasus spamdyke[2969]: TIMEOUT from: >>>>>>>>>>>>>>>>>>> v-cjcdika_pmnlhikcme_gmicmlkp_gmicmlk...@bounce.info.bancopatagonia.com.ar >>>>>>>>>>>>>>>>>>> to: [email protected] origin_ip: 192.156.219.80 >>>>>>>>>>>>>>>>>>> origin_rdns: mail7756.info.bancopatagonia.com.ar auth: >>>>>>>>>>>>>>>>>>> (unknown) encryption: TLS reason: TIMEOUT >>>>>>>>>>>>>>>>>>> Aug 7 11:31:06 pegasus spamdyke[2974]: TIMEOUT from: >>>>>>>>>>>>>>>>>>> bounce-10710_html-121882056-2177875-6399888-...@bounce.mail.bbva.com.ar >>>>>>>>>>>>>>>>>>> to: [email protected] origin_ip: 13.111.6.12 >>>>>>>>>>>>>>>>>>> origin_rdns: mta.mail.bbva.com.ar auth: (unknown) >>>>>>>>>>>>>>>>>>> encryption: TLS reason: TIMEOUT >>>>>>>>>>>>>>>>>>> Aug 7 11:31:24 pegasus vpopmail[3225]: vchkpw-submission: >>>>>>>>>>>>>>>>>>> (PLAIN) login success [email protected]:10.10.10.8 >>>>>>>>>>>>>>>>>>> Aug 7 11:31:27 pegasus spamdyke[3004]: TIMEOUT from: >>>>>>>>>>>>>>>>>>> [email protected] to: [email protected] >>>>>>>>>>>>>>>>>>> origin_ip: 91.211.241.9 origin_rdns: pmta41009.emsmtp.com >>>>>>>>>>>>>>>>>>> auth: (unknown) encryption: TLS reason: TIMEOUT >>>>>>>>>>>>>>>>>>> Aug 7 11:31:32 pegasus spamdyke[3006]: TIMEOUT from: >>>>>>>>>>>>>>>>>>> [email protected] to: >>>>>>>>>>>>>>>>>>> [email protected] origin_ip: 40.107.76.91 >>>>>>>>>>>>>>>>>>> origin_rdns: >>>>>>>>>>>>>>>>>>> mail-eopbgr760091.outbound.protection.outlook.com auth: >>>>>>>>>>>>>>>>>>> (unknown) encryption: TLS reason: TIMEOUT >>>>>>>>>>>>>>>>>>> Aug 7 11:31:34 pegasus spamdyke[3050]: TIMEOUT from: >>>>>>>>>>>>>>>>>>> [email protected] to: [email protected] >>>>>>>>>>>>>>>>>>> origin_ip: 190.210.19.10 origin_rdns: >>>>>>>>>>>>>>>>>>> webmail.provinciaseguros.com auth: (unknown) encryption: >>>>>>>>>>>>>>>>>>> TLS reason: TIMEOUT >>>>>>>>>>>>>>>>>>> Aug 7 11:31:38 pegasus spamdyke[3074]: TIMEOUT from: >>>>>>>>>>>>>>>>>>> [email protected] to: >>>>>>>>>>>>>>>>>>> [email protected] origin_ip: 209.85.210.45 >>>>>>>>>>>>>>>>>>> origin_rdns: mail-ot1-f45.google.com auth: (unknown) >>>>>>>>>>>>>>>>>>> encryption: TLS reason: TIMEOUT >>>>>>>>>>>>>>>>>>> Aug 7 11:31:42 pegasus spamdyke[3158]: TIMEOUT from: >>>>>>>>>>>>>>>>>>> [email protected] to: [email protected] >>>>>>>>>>>>>>>>>>> origin_ip: 200.41.224.100 origin_rdns: >>>>>>>>>>>>>>>>>>> mail.mardelplata.gov.ar auth: (unknown) encryption: (none) >>>>>>>>>>>>>>>>>>> reason: TIMEOUT >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> I've checked scan.conf and logverbose = yes >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> El vie., 7 ago. 2020 a las 11:27, Philip Nix Guru >>>>>>>>>>>>>>>>>>> (<[email protected]>) escribió: >>>>>>>>>>>>>>>>>>>> Hello >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> can you check if you got any >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> TIMEOUT in /var/log/maillog log file >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> since you did your update >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> Check also your scan.conf file >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> /etc/clamd.d/scan.conf >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> Enable Log (verbose) , >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> LogVerbose yes >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> On 8/7/20 4:12 PM, Diego Piñon Conde wrote: >>>>>>>>>>>>>>>>>>>>> Hi all >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> I'm running qmail toaster on CentOS 7. >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Because I had problems with freshclam (terrible slow db >>>>>>>>>>>>>>>>>>>>> update), yesterday I changed clamAV to Epel version. >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> I don't know if it's relevant, but after that local >>>>>>>>>>>>>>>>>>>>> delivery was too slow. >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Local queue was increasing in size and every email >>>>>>>>>>>>>>>>>>>>> received by clients was received 5 or 6 times. >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> I thinked maybe clamd it's the culprit, so I've changed >>>>>>>>>>>>>>>>>>>>> clamd=no in simcontrol and did qmailctl cdb but nothing >>>>>>>>>>>>>>>>>>>>> has changed. >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> My knowledge is limited and I will appreciate any help
