Do this
# systemctl stop clamav-freshclam
# freshclam (post output)
# systemctl start clamav-freshclam
On 8/8/2020 8:42 AM, Diego Piñon Conde wrote:
El 08/08/2020 a las 11:24 a. m., Eric Broch escribió:
Also look in freshclam log (/var/log/clamav/freshclam.log)
# tail -n 20 /var/log/clamav/freshclam.log
post output here
On 8/8/2020 8:16 AM, Eric Broch wrote:
You can start simscan now, but keep clam=no in simcontrol until we can get clamd@scan started.
On 8/8/2020 6:40 AM, Diego Piñon Conde wrote:
I went to sleep at 2 in the morning with 2700 messages in local queue, now I can say is 0.
All thanks to all of you!
dspam_clean -s -p -u ended at 8:21 I guess because at that time is the last error for dspam. I keep searching the mail log for more errors.
Aug 8 08:21:37 pegasus dspam[17546]: query error: Deadlock found when trying to get lock; try restarting transaction: see sql.errors for more details
Aug 8 08:21:37 pegasus dspam[17546]: bailing on error -2
Aug 8 08:21:37 pegasus dspam[17546]: received invalid result (!DSR_ISSPAM && !DSR_ISINNOCENT): -2
clamd@scan still refuse to start, but I'm really don't sure I wanna use it. Virus db update takes forever and kill my server for at least 20 minutes, at least with clamAV version. I didn't get to test with the EPEL version...
Is this the time for enable simscan Eric? Yesterday replace simscan with qmail-queue in /etc/tcprules.d/tcp.smtp
El 07/08/2020 a las 11:08 p. m., Eric Broch escribió:
good!
you can run instead:
# dspam_clean -s -p -u
for all users
or
dspam_clean -s -p -u u...@domain.tld us...@domain.tld ... us...@domain.tld
for the users you choose.
This will also purge the database.
On 8/7/2020 8:01 PM, Diego Piñon Conde wrote:
/purge-4.1.sql finally ends with no message
El vie., 7 ago. 2020 a las 19:28, Eric Broch (<ebr...@whitehorsetc.com>) escribió:
optimize dspam also...
# mysql -u dspam -p dspam < /usr/share/dspam/sql-scripts/mysql/purge-4.1.sql
On 8/7/2020 4:24 PM, Eric Broch wrote:
what's this yield
# ls -la /var/log/clamd
On 8/7/2020 4:19 PM, Diego Piñon Conde wrote:
Same error
systemctl start clamd@scan
Job for clamd@scan.service failed because a timeout was exceeded. See "systemctl status clamd@scan.service" and "journalctl -xe" for details.
El vie., 7 ago. 2020 a las 19:08, Eric Broch (<ebr...@whitehorsetc.com>) escribió:
run the following and try to restart clamd@scan
curl -o /etc/clamd.d/scan.conf https://raw.githubusercontent.com/qmtoaster/scripts/master/scan.confOn 8/7/2020 4:05 PM, Diego Piñon Conde wrote:
systemctl start clamd@scan Job for clamd@scan.service failed because a timeout was exceeded. See "systemctl status clamd@scan.service" and "journalctl -xe" for details.
Did Not start
El vie., 7 ago. 2020 a las 18:44, Eric Broch (<ebr...@whitehorsetc.com>) escribió:
don't stop it. allow it to go until it starts. sometimes it takes quite a while.
On 8/7/2020 3:39 PM, Diego Piñon Conde wrote:
systemctl start clamd@scan
freeze and do nothing
# ls -ld /var/log/dspam
drwxrwx--- 2 dspam mail 81 Feb 18 03:57 /var/log/dspam
# ls -la /var/log/dspam
total 10256
drwxrwx--- 2 dspam mail 81 Feb 18 03:57 .
drwxr-xr-x. 16 root root 4096 Aug 7 17:53 ..
-rw-r--r-- 1 dspam mail 0 Feb 18 03:57 sql.errors
-rw-rw---- 1 vpopmail mail 10493507 Feb 18 01:53 sql.errors-20200218
-rw------- 1 dspam mail 0 Feb 18 03:57 sql.errors-20200218.gz
El vie., 7 ago. 2020 a las 18:31, Eric Broch (<ebr...@whitehorsetc.com>) escribió:
What's the output of the following commands?
# ls -ld /var/log/dspam
and
# ls -la /var/log/dspam
On 8/7/2020 2:46 PM, Diego Piñon Conde wrote:
This is the only weird message i can repeated times see from now
[00 ]Aug 7 17:40:54 pegasus dspam[19962]: Unable to open file for writing: /var/log/dspam/sql.errors: Permission denied
[00]Aug 7 17:40:55 pegasus dspam[19962]: bailing on error -2
[00]Aug 7 17:40:55 pegasus dspam[19962]: received invalid result (!DSR_ISSPAM && !DSR_ISINNOCENT): -2
[00]Aug 7 17:40:55 pegasus dspam[19962]: process_message returned error -5. delivering.
I 'm still looking
El vie., 7 ago. 2020 a las 17:06, Philip Nix Guru (<phi...@ows.ch>) escribió:
Hello
a bit hard to debug without checking system
if you got multitail
create a file with :
multitail -Z red,black,inverse -T -S -x "%m %u@%h %f (%t) [%l]" \
-m 0 -n 49 -cS qmail-send -l "qmlog -f send" \
-m 0 -n 49 -cS qmail-smtp3 -em "policy_check" -em "CHKUSER" -em "simscan" -em "spamdyke" -em "qmail-smtpd: " -l "qmlog -f smtp" \
-m 0 -n 49 -cS qmtspamassassin -ev "prefork" -ev "(connection from localhost)" -l "tail -f /var/log/maillog" \
# -m 0 -n 49 -cS qmail-smtp -em "policy_check" -em "CHKUSER" -em "simscan" -em "spamdyke" -em "qmail-smtpd: " -em "spf-reject" -l "qmlog -f submission" \
# -m 0 -n 49 -cS qmtspamassassin -ev "prefork" -ev "(connection from localhost)" -l "tail -f /var/log/maillog"
and just sh it, and check if you see anything weird/strange, delay ...
in the mail transaction
The amount of messages in the local queue is still descending but I don't know why so slow!
El vie., 7 ago. 2020 a las 15:48, Philip Nix Guru (<phi...@ows.ch>) escribió:
Hello
But the mail does get delivered just with a very long delay ?
and you disabled clamd but it still running ?
Check a delivered mail, look at the headers, make sure clamd is really not running
anything suspicous in /var/log/clamd/clamd.log ?
qmHandle -s shows what ?
On 8/7/20 8:34 PM, Diego Piñon Conde wrote:
2 hs has passed and the local queue has 3530 msg (it was 3700 at some point). Beside clamd that it is still running and time to time take 100% cpu usage (I don't understand why because qmailtoaster it's supoust that not use it anymore), cpu usage is normally below 20% and memory is the same. So why does it take so long to deliver local msg!
I'm in UTC -3, so probably all of you are snoring. I will keep working til qmailtoaster works normally, I hope when you wake up you can give me a hand.
I will really appreciate that. Thanks in advance!
El vie., 7 ago. 2020 a las 12:29, Philip Nix Guru (<phi...@ows.ch>) escribió:
Hello
what you could start by doing is disabling
idle-timeout-secs=xx in /etc/spamdyke/spamdyke.conf
just comment the line
check in a few hours if your TIMEOUT drastically decreased
then you can adapt the idle-timeout delay
If not then, we can check other things
Cheers
On 8/7/20 4:40 PM, Diego Piñon Conde wrote:
Hi Philipthis is the tail of /var/log/maillog
Aug 7 11:31:01 pegasus spamdyke[2968]: TIMEOUT from: sciottilili...@gmail.com to: filibe...@tarjetacliper.com origin_ip: 209.85.215.175 origin_rdns: mail-pg1-f175.google.com auth: (unknown) encryption: TLS reason: TIMEOUT
Aug 7 11:31:03 pegasus spamdyke[2970]: TIMEOUT from: nore...@messages.sonicwall.com to: pi...@tarjetacliper.com origin_ip: 209.167.231.144 origin_rdns: mail01.messages.sonicwall.com auth: (unknown) encryption: TLS reason: TIMEOUT
Aug 7 11:31:03 pegasus spamdyke[2969]: TIMEOUT from: v-cjcdika_pmnlhikcme_gmicmlkp_gmicmlk...@bounce.info.bancopatagonia.com.ar to: scio...@tarjetacliper.com origin_ip: 192.156.219.80 origin_rdns: mail7756.info.bancopatagonia.com.ar auth: (unknown) encryption: TLS reason: TIMEOUT
Aug 7 11:31:06 pegasus spamdyke[2974]: TIMEOUT from: bounce-10710_html-121882056-2177875-6399888-...@bounce.mail.bbva.com.ar to: bondo...@tarjetacliper.com origin_ip: 13.111.6.12 origin_rdns: mta.mail.bbva.com.ar auth: (unknown) encryption: TLS reason: TIMEOUT
Aug 7 11:31:24 pegasus vpopmail[3225]: vchkpw-submission: (PLAIN) login success rose...@tarjetacliper.com:10.10.10.8
Aug 7 11:31:27 pegasus spamdyke[3004]: TIMEOUT from: www...@xpressus.emsmtp.com to: crisgar...@tarjetacliper.com origin_ip: 91.211.241.9 origin_rdns: pmta41009.emsmtp.com auth: (unknown) encryption: TLS reason: TIMEOUT
Aug 7 11:31:32 pegasus spamdyke[3006]: TIMEOUT from: sd...@meridionalseguros.com.ar to: segu...@tarjetacliper.com origin_ip: 40.107.76.91 origin_rdns: mail-eopbgr760091.outbound.protection.outlook.com auth: (unknown) encryption: TLS reason: TIMEOUT
Aug 7 11:31:34 pegasus spamdyke[3050]: TIMEOUT from: antonel...@pseguros.com.ar to: segu...@tarjetacliper.com origin_ip: 190.210.19.10 origin_rdns: webmail.provinciaseguros.com auth: (unknown) encryption: TLS reason: TIMEOUT
Aug 7 11:31:38 pegasus spamdyke[3074]: TIMEOUT from: sebastian.sa...@osde.com.ar to: rfernan...@tarjetacliper.com origin_ip: 209.85.210.45 origin_rdns: mail-ot1-f45.google.com auth: (unknown) encryption: TLS reason: TIMEOUT
Aug 7 11:31:42 pegasus spamdyke[3158]: TIMEOUT from: dpinmue...@mardelplata.gob.ar to: diu...@tarjetacliper.com origin_ip: 200.41.224.100 origin_rdns: mail.mardelplata.gov.ar auth: (unknown) encryption: (none) reason: TIMEOUT
I've checked scan.conf and logverbose = yes
El vie., 7 ago. 2020 a las 11:27, Philip Nix Guru (<phi...@ows.ch>) escribió:
Hello
can you check if you got any
TIMEOUT in /var/log/maillog log file
since you did your update
Check also your scan.conf file
/etc/clamd.d/scan.conf
Enable Log (verbose) ,
LogVerbose yes
On 8/7/20 4:12 PM, Diego Piñon Conde wrote:
Hi all
I'm running qmail toaster on CentOS 7.
Because I had problems with freshclam (terrible slow db update), yesterday I changed clamAV to Epel version.
I don't know if it's relevant, but after that local delivery was too slow.
Local queue was increasing in size and every email received by clients was received 5 or 6 times.
I thinked maybe clamd it's the culprit, so I've changed clamd=no in simcontrol and did qmailctl cdb but nothing has changed.
My knowledge is limited and I will appreciate any help--------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
sorry, i didn't send it to the list
here it is...
Sat Aug 8 10:39:30 2020 -> download_complete_callback: Download complete for database : /var/lib/clamav/tmp.a7a50/clamav-3329f7f83f3cf3a1d4e511ecbf21cf06.tmp-daily.cld
Sat Aug 8 10:39:30 2020 -> download_complete_callback: fc_context->bTestDatabases : 1
Sat Aug 8 10:39:30 2020 -> download_complete_callback: fc_context->bBytecodeEnabled : 1
Sat Aug 8 10:39:30 2020 -> Testing database: '/var/lib/clamav/tmp.a7a50/clamav-3329f7f83f3cf3a1d4e511ecbf21cf06.tmp-daily.cld' ...
Sat Aug 8 10:39:31 2020 -> Loading signatures from /var/lib/clamav/tmp.a7a50/clamav-3329f7f83f3cf3a1d4e511ecbf21cf06.tmp-daily.cld
Sat Aug 8 10:40:01 2020 -> Properly loaded 3835881 signatures from /var/lib/clamav/tmp.a7a50/clamav-3329f7f83f3cf3a1d4e511ecbf21cf06.tmp-daily.cld
Sat Aug 8 10:40:05 2020 -> Database test passed.
Sat Aug 8 10:40:05 2020 -> daily.cld updated (version: 25898, sigs: 3807234, f-level: 63, builder: raynman)
Sat Aug 8 10:40:06 2020 -> fc_update_database: daily.cld updated.
Sat Aug 8 10:40:06 2020 -> Current working dir is /var/lib/clamav/
Sat Aug 8 10:40:06 2020 -> check_for_new_database_version: Local copy of main found: main.cld.
Sat Aug 8 10:40:06 2020 -> query_remote_database_version: main.cvd version from DNS: 59
Sat Aug 8 10:40:06 2020 -> main.cld database is up to date (version: 59, sigs: 4564902, f-level: 60, builder: sigmgr)
Sat Aug 8 10:40:06 2020 -> fc_update_database: main.cld already up-to-date.
Sat Aug 8 10:40:06 2020 -> Current working dir is /var/lib/clamav/
Sat Aug 8 10:40:06 2020 -> check_for_new_database_version: Local copy of bytecode found: bytecode.cld.
Sat Aug 8 10:40:06 2020 -> query_remote_database_version: bytecode.cvd version from DNS: 331
Sat Aug 8 10:40:06 2020 -> bytecode.cld database is up to date (version: 331, sigs: 94, f-level: 63, builder: anvilleg)
Sat Aug 8 10:40:06 2020 -> fc_update_database: bytecode.cld already up-to-date.
Sat Aug 8 10:40:06 2020 -> --------------------------------------
--------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Done
Sat Aug 8 11:59:26 2020 -> ClamAV update process started at
Sat Aug 8 11:59:26 2020
Sat Aug 8 11:59:26 2020 -> *Current working dir is
/var/lib/clamav/
Sat Aug 8 11:59:26 2020 -> *Querying current.cvd.clamav.net
Sat Aug 8 11:59:26 2020 -> *TTL: 1715
Sat Aug 8 11:59:26 2020 -> *fc_dns_query_update_info: Software
version from DNS: 0.102.4
Sat Aug 8 11:59:26 2020 -> *Current working dir is
/var/lib/clamav/
Sat Aug 8 11:59:26 2020 -> *check_for_new_database_version:
Local copy of daily found: daily.cld.
Sat Aug 8 11:59:26 2020 -> *query_remote_database_version:
daily.cvd version from DNS: 25898
Sat Aug 8 11:59:26 2020 -> daily.cld database is up to date
(version: 25898, sigs: 3807234, f-level: 63, builder: raynman)
Sat Aug 8 11:59:26 2020 -> *fc_update_database: daily.cld
already up-to-date.
Sat Aug 8 11:59:26 2020 -> *Current working dir is
/var/lib/clamav/
Sat Aug 8 11:59:26 2020 -> *check_for_new_database_version:
Local copy of main found: main.cld.
Sat Aug 8 11:59:26 2020 -> *query_remote_database_version:
main.cvd version from DNS: 59
Sat Aug 8 11:59:26 2020 -> main.cld database is up to date
(version: 59, sigs: 4564902, f-level: 60, builder: sigmgr)
Sat Aug 8 11:59:26 2020 -> *fc_update_database: main.cld
already up-to-date.
Sat Aug 8 11:59:26 2020 -> *Current working dir is
/var/lib/clamav/
Sat Aug 8 11:59:26 2020 -> *check_for_new_database_version:
Local copy of bytecode found: bytecode.cld.
Sat Aug 8 11:59:26 2020 -> *query_remote_database_version:
bytecode.cvd version from DNS: 331
Sat Aug 8 11:59:26 2020 -> bytecode.cld database is up to date
(version: 331, sigs: 94, f-level: 63, builder: anvilleg)
Sat Aug 8 11:59:26 2020 -> *fc_update_database: bytecode.cld
already up-to-date.