Do this
# systemctl stop clamav-freshclam
# freshclam (post output)
# systemctl start clamav-freshclam
On 8/8/2020 8:42 AM, Diego Piñon Conde wrote:
El 08/08/2020 a las 11:24 a. m., Eric Broch escribió:
Also look in freshclam log (/var/log/clamav/freshclam.log)
# tail -n 20 /var/log/clamav/freshclam.log
post output here
On 8/8/2020 8:16 AM, Eric Broch wrote:
You can start simscan now, but keep clam=no in simcontrol until we
can get clamd@scan started.
On 8/8/2020 6:40 AM, Diego Piñon Conde wrote:
I went to sleep at 2 in the morning with 2700 messages in local
queue, now I can say is 0.
All thanks to all of you!
dspam_clean -s -p -u ended at 8:21 I guess because at that time is
the last error for dspam. I keep searching the mail log for more
errors.
Aug 8 08:21:37 pegasus dspam[17546]: query error: Deadlock found
when trying to get lock; try restarting transaction: see sql.errors
for more details
Aug 8 08:21:37 pegasus dspam[17546]: bailing on error -2
Aug 8 08:21:37 pegasus dspam[17546]: received invalid result
(!DSR_ISSPAM && !DSR_ISINNOCENT): -2
clamd@scan still refuse to start, but I'm really don't sure I wanna
use it. Virus db update takes forever and kill my server for at
least 20 minutes, at least with clamAV version. I didn't get to
test with the EPEL version...
Is this the time for enable simscan Eric? Yesterday replace simscan
with qmail-queue in /etc/tcprules.d/tcp.smtp
El 07/08/2020 a las 11:08 p. m., Eric Broch escribió:
good!
you can run instead:
# dspam_clean -s -p -u
for all users
or
dspam_clean -s -p -u [email protected] [email protected] ...
[email protected]
for the users you choose.
This will also purge the database.
On 8/7/2020 8:01 PM, Diego Piñon Conde wrote:
/purge-4.1.sql finally ends with no message
El vie., 7 ago. 2020 a las 19:28, Eric Broch
(<[email protected] <mailto:[email protected]>>)
escribió:
optimize dspam also...
# mysql -u dspam -p dspam <
/usr/share/dspam/sql-scripts/mysql/purge-4.1.sql
On 8/7/2020 4:24 PM, Eric Broch wrote:
what's this yield
# ls -la /var/log/clamd
On 8/7/2020 4:19 PM, Diego Piñon Conde wrote:
Same error
systemctl start clamd@scan
Job for [email protected] <mailto:[email protected]>
failed because a timeout was exceeded. See "systemctl
status [email protected] <mailto:[email protected]>" and
"journalctl -xe" for details.
El vie., 7 ago. 2020 a las 19:08, Eric Broch
(<[email protected]
<mailto:[email protected]>>) escribió:
run the following and try to restart clamd@scan
curl -o /etc/clamd.d/scan.confhttps://raw.githubusercontent.com/qmtoaster/scripts/master/scan.conf
On 8/7/2020 4:05 PM, Diego Piñon Conde wrote:
systemctl start clamd@scan Job for
[email protected] <mailto:[email protected]> failed
because a timeout was exceeded. See "systemctl status
[email protected] <mailto:[email protected]>" and
"journalctl -xe" for details.
Did Not start
El vie., 7 ago. 2020 a las 18:44, Eric Broch
(<[email protected]
<mailto:[email protected]>>) escribió:
don't stop it. allow it to go until it starts.
sometimes it takes quite a while.
On 8/7/2020 3:39 PM, Diego Piñon Conde wrote:
systemctl start clamd@scan
freeze and do nothing
# ls -ld /var/log/dspam
/drwxrwx--- 2 dspam mail 81 Feb 18 03:57
/var/log/dspam/
# ls -la /var/log/dspam /
/
/total 10256
drwxrwx--- 2 dspam mail 81 Feb 18 03:57 .
drwxr-xr-x. 16 root root 4096 Aug 7 17:53 ..
-rw-r--r-- 1 dspam mail 0 Feb 18 03:57
sql.errors
-rw-rw---- 1 vpopmail mail 10493507 Feb 18
01:53 sql.errors-20200218
-rw------- 1 dspam mail 0 Feb 18 03:57
sql.errors-20200218.gz/
El vie., 7 ago. 2020 a las 18:31, Eric Broch
(<[email protected]
<mailto:[email protected]>>) escribió:
What's the output of the following commands?
# ls -ld /var/log/dspam
and
# ls -la /var/log/dspam
On 8/7/2020 2:46 PM, Diego Piñon Conde wrote:
This is the only weird message i can
repeated times see from now
[00 ]Aug 7 17:40:54 pegasus dspam[19962]:
Unable to open file for writing:
/var/log/dspam/sql.errors: Permission denied
[00]Aug 7 17:40:55 pegasus dspam[19962]:
bailing on error -2
[00]Aug 7 17:40:55 pegasus dspam[19962]:
received invalid result (!DSR_ISSPAM &&
!DSR_ISINNOCENT): -2
[00]Aug 7 17:40:55 pegasus dspam[19962]:
process_message returned error -5. delivering.
I 'm still looking
El vie., 7 ago. 2020 a las 17:06, Philip Nix
Guru (<[email protected]
<mailto:[email protected]>>) escribió:
Hello
a bit hard to debug without checking system
if you got multitail
create a file with :
multitail -Z red,black,inverse -T -S -x
"%m %u@%h %f (%t) [%l]" \
-m 0 -n 49 -cS qmail-send -l "qmlog
-f send" \
-m 0 -n 49 -cS qmail-smtp3 -em
"policy_check" -em "CHKUSER" -em
"simscan" -em "spamdyke" -em
"qmail-smtpd: " -l "qmlog -f smtp" \
-m 0 -n 49 -cS qmtspamassassin -ev
"prefork" -ev "(connection from
localhost)" -l "tail -f /var/log/maillog" \
# -m 0 -n 49 -cS qmail-smtp -em
"policy_check" -em "CHKUSER" -em
"simscan" -em "spamdyke" -em
"qmail-smtpd: " -em "spf-reject" -l
"qmlog -f submission" \
# -m 0 -n 49 -cS qmtspamassassin -ev
"prefork" -ev "(connection from
localhost)" -l "tail -f /var/log/maillog"
and just sh it, and check if you see
anything weird/strange, delay ...
in the mail transaction
The amount of messages in the local
queue is still descending but I don't
know why so slow!
El vie., 7 ago. 2020 a las 15:48,
Philip Nix Guru (<[email protected]
<mailto:[email protected]>>) escribió:
Hello
But the mail does get delivered
just with a very long delay ?
and you disabled clamd but it still
running ?
Check a delivered mail, look at the
headers, make sure clamd is really
not running
anything suspicous in
/var/log/clamd/clamd.log ?
qmHandle -s shows what ?
On 8/7/20 8:34 PM, Diego Piñon
Conde wrote:
2 hs has passed and the local
queue has 3530 msg (it was 3700 at
some point). Beside clamd that it
is still running and time to time
take 100% cpu usage (I don't
understand why because
qmailtoaster it's supoust that not
use it anymore), cpu usage is
normally below 20% and memory is
the same. So why does it take so
long to deliver local msg!
I'm in UTC -3, so probably all of
you are snoring. I will keep
working til qmailtoaster works
normally, I hope when you wake up
you can give me a hand.
I will really appreciate that.
Thanks in advance!
El vie., 7 ago. 2020 a las 12:29,
Philip Nix Guru (<[email protected]
<mailto:[email protected]>>) escribió:
Hello
what you could start by doing
is disabling
idle-timeout-secs=xx in
/etc/spamdyke/spamdyke.conf
just comment the line
check in a few hours if your
TIMEOUT drastically decreased
then you can adapt the
idle-timeout delay
If not then, we can check
other things
Cheers
On 8/7/20 4:40 PM, Diego Piñon
Conde wrote:
Hi Philip
this is the tail of
/var/log/maillog
/Aug 7 11:31:01 pegasus
spamdyke[2968]: TIMEOUT from:
[email protected]
<mailto:[email protected]>
to:
[email protected]
<mailto:[email protected]>
origin_ip: 209.85.215.175
origin_rdns:
mail-pg1-f175.google.com
<http://mail-pg1-f175.google.com>
auth: (unknown) encryption:
TLS reason: TIMEOUT
Aug 7 11:31:03 pegasus
spamdyke[2970]: TIMEOUT from:
[email protected]
<mailto:[email protected]>
to: [email protected]
<mailto:[email protected]>
origin_ip: 209.167.231.144
origin_rdns:
mail01.messages.sonicwall.com
<http://mail01.messages.sonicwall.com>
auth: (unknown) encryption:
TLS reason: TIMEOUT
Aug 7 11:31:03 pegasus
spamdyke[2969]: TIMEOUT from:
v-cjcdika_pmnlhikcme_gmicmlkp_gmicmlk...@bounce.info.bancopatagonia.com.ar
<mailto:v-cjcdika_pmnlhikcme_gmicmlkp_gmicmlk...@bounce.info.bancopatagonia.com.ar>
to: [email protected]
<mailto:[email protected]>
origin_ip: 192.156.219.80
origin_rdns:
mail7756.info.bancopatagonia.com.ar
<http://mail7756.info.bancopatagonia.com.ar>
auth: (unknown) encryption:
TLS reason: TIMEOUT
Aug 7 11:31:06 pegasus
spamdyke[2974]: TIMEOUT from:
bounce-10710_html-121882056-2177875-6399888-...@bounce.mail.bbva.com.ar
<mailto:bounce-10710_html-121882056-2177875-6399888-...@bounce.mail.bbva.com.ar>
to:
[email protected]
<mailto:[email protected]>
origin_ip: 13.111.6.12
origin_rdns:
mta.mail.bbva.com.ar
<http://mta.mail.bbva.com.ar>
auth: (unknown) encryption:
TLS reason: TIMEOUT
Aug 7 11:31:24 pegasus
vpopmail[3225]:
vchkpw-submission: (PLAIN)
login success
[email protected]:10.10.10.8
<mailto:[email protected]:10.10.10.8>
Aug 7 11:31:27 pegasus
spamdyke[3004]: TIMEOUT from:
[email protected]
<mailto:[email protected]>
to:
[email protected]
<mailto:[email protected]>
origin_ip: 91.211.241.9
origin_rdns:
pmta41009.emsmtp.com
<http://pmta41009.emsmtp.com>
auth: (unknown) encryption:
TLS reason: TIMEOUT
Aug 7 11:31:32 pegasus
spamdyke[3006]: TIMEOUT from:
[email protected]
<mailto:[email protected]>
to: [email protected]
<mailto:[email protected]>
origin_ip: 40.107.76.91
origin_rdns:
mail-eopbgr760091.outbound.protection.outlook.com
<http://mail-eopbgr760091.outbound.protection.outlook.com>
auth: (unknown) encryption:
TLS reason: TIMEOUT
Aug 7 11:31:34 pegasus
spamdyke[3050]: TIMEOUT from:
[email protected]
<mailto:[email protected]>
to: [email protected]
<mailto:[email protected]>
origin_ip: 190.210.19.10
origin_rdns:
webmail.provinciaseguros.com
<http://webmail.provinciaseguros.com>
auth: (unknown) encryption:
TLS reason: TIMEOUT
Aug 7 11:31:38 pegasus
spamdyke[3074]: TIMEOUT from:
[email protected]
<mailto:[email protected]>
to:
[email protected]
<mailto:[email protected]>
origin_ip: 209.85.210.45
origin_rdns:
mail-ot1-f45.google.com
<http://mail-ot1-f45.google.com>
auth: (unknown) encryption:
TLS reason: TIMEOUT
Aug 7 11:31:42 pegasus
spamdyke[3158]: TIMEOUT from:
[email protected]
<mailto:[email protected]>
to: [email protected]
<mailto:[email protected]>
origin_ip: 200.41.224.100
origin_rdns:
mail.mardelplata.gov.ar
<http://mail.mardelplata.gov.ar>
auth: (unknown) encryption:
(none) reason: TIMEOUT/
I've checked scan.conf and
logverbose = yes
El vie., 7 ago. 2020 a las
11:27, Philip Nix Guru
(<[email protected]
<mailto:[email protected]>>)
escribió:
Hello
can you check if you got any
TIMEOUT in
/var/log/maillog log file
since you did your update
Check also your scan.conf
file
/etc/clamd.d/scan.conf
Enable Log (verbose) ,
LogVerbose yes
On 8/7/20 4:12 PM, Diego
Piñon Conde wrote:
Hi all
I'm running qmail
toaster on CentOS 7.
Because I had problems
with freshclam (terrible
slow db update),
yesterday I changed
clamAV to Epel version.
I don't know if it's
relevant, but after that
local delivery was too slow.
Local queue was
increasing in size and
every email received by
clients was received 5
or 6 times.
I thinked maybe clamd
it's the culprit, so
I've changed clamd=no in
simcontrol and did
qmailctl cdb but nothing
has changed.
My knowledge is limited
and I will appreciate
any help
---------------------------------------------------------------------
To unsubscribe, e-mail:
[email protected] For additional
commands, e-mail: [email protected]
sorry, i didn't send it to the list
here it is...
Sat Aug 8 10:39:30 2020 -> download_complete_callback: Download
complete for database :
/var/lib/clamav/tmp.a7a50/clamav-3329f7f83f3cf3a1d4e511ecbf21cf06.tmp-daily.cld
Sat Aug 8 10:39:30 2020 -> download_complete_callback:
fc_context->bTestDatabases : 1
Sat Aug 8 10:39:30 2020 -> download_complete_callback:
fc_context->bBytecodeEnabled : 1
Sat Aug 8 10:39:30 2020 -> Testing database:
'/var/lib/clamav/tmp.a7a50/clamav-3329f7f83f3cf3a1d4e511ecbf21cf06.tmp-daily.cld'
...
Sat Aug 8 10:39:31 2020 -> Loading signatures from
/var/lib/clamav/tmp.a7a50/clamav-3329f7f83f3cf3a1d4e511ecbf21cf06.tmp-daily.cld
Sat Aug 8 10:40:01 2020 -> Properly loaded 3835881 signatures from
/var/lib/clamav/tmp.a7a50/clamav-3329f7f83f3cf3a1d4e511ecbf21cf06.tmp-daily.cld
Sat Aug 8 10:40:05 2020 -> Database test passed.
Sat Aug 8 10:40:05 2020 -> daily.cld updated (version: 25898, sigs:
3807234, f-level: 63, builder: raynman)
Sat Aug 8 10:40:06 2020 -> fc_update_database: daily.cld updated.
Sat Aug 8 10:40:06 2020 -> Current working dir is /var/lib/clamav/
Sat Aug 8 10:40:06 2020 -> check_for_new_database_version: Local copy
of main found: main.cld.
Sat Aug 8 10:40:06 2020 -> query_remote_database_version: main.cvd
version from DNS: 59
Sat Aug 8 10:40:06 2020 -> main.cld database is up to date (version:
59, sigs: 4564902, f-level: 60, builder: sigmgr)
Sat Aug 8 10:40:06 2020 -> fc_update_database: main.cld already
up-to-date.
Sat Aug 8 10:40:06 2020 -> Current working dir is /var/lib/clamav/
Sat Aug 8 10:40:06 2020 -> check_for_new_database_version: Local copy
of bytecode found: bytecode.cld.
Sat Aug 8 10:40:06 2020 -> query_remote_database_version:
bytecode.cvd version from DNS: 331
Sat Aug 8 10:40:06 2020 -> bytecode.cld database is up to date
(version: 331, sigs: 94, f-level: 63, builder: anvilleg)
Sat Aug 8 10:40:06 2020 -> fc_update_database: bytecode.cld already
up-to-date.
Sat Aug 8 10:40:06 2020 -> --------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
