I forgot to revisit that. I noticed that clamd never came back up after the update. Is there a different log now?
[root@mta01 ~]# cat /var/log/clamd/clamd.log Sat Mar 27 11:23:30 2021 -> SelfCheck: Database status OK. Sat Mar 27 11:33:30 2021 -> SelfCheck: Database status OK. Sat Mar 27 11:43:30 2021 -> SelfCheck: Database status OK. Sat Mar 27 11:53:31 2021 -> SelfCheck: Database status OK. Sat Mar 27 11:56:20 2021 -> Waiting for all threads to finish Sat Mar 27 11:56:23 2021 -> Shutting down the main socket. Sat Mar 27 11:56:23 2021 -> ERROR: Can't unlink the pid file /var/run/clamav/clamd.pid Sat Mar 27 11:56:23 2021 -> --- Stopped at Sat Mar 27 11:56:23 2021 Sat Mar 27 11:56:23 2021 -> Closing the main socket. Sat Mar 27 11:56:23 2021 -> Socket file removed. [root@mta01 ~]# toaststat Status of toaster services send: up (pid 32338) 15907 seconds smtp: up (pid 32335) 15907 seconds submission: up (pid 32336) 15907 seconds send/log: up (pid 32340) 15907 seconds smtp/log: up (pid 32339) 15907 seconds submission/log: up (pid 32337) 15907 seconds systemd service: clamav-freshclam: [ OK ] systemd service: spamd: [ OK ] systemd service: dovecot: [ OK ] systemd service: mariadb: [ OK ] systemd service: httpd: [ OK ] systemd service: named: [ OK ] systemd service: ntpd: [ OK ] systemd service: sshd: [ OK ] systemd service: network: [ OK ] systemd service: crond: [ OK ] systemd service: acpid: [ OK ] systemd service: atd: [ OK ] systemd service: autofs: [ OK ] systemd service: smartd: [ OK ] systemd service: irqbalance: [ OK ] On Thu, May 13, 2021 at 1:03 PM Jeff Koch <[email protected]> wrote: > Did you check the clamav log? > > Jeff > > On 5/13/2021 12:30 PM, Benjamin Baez wrote: > > > Hi, > > How do I troubleshoot this further? In the past it would be something to > do with clamav or simscan, but don't have a lead this time. > > [root@mta01 ~]# tail -f /var/log/qmail/submission/current > @40000000609d4c9217d2d2d4 tcpserver: status: 0/100 > @40000000609d52200e3031cc tcpserver: status: 1/100 > @40000000609d52200e39615c tcpserver: pid 1598 from 75.53.9.111 > @40000000609d52200e3a920c tcpserver: ok 1598 > mta01.biospectra.com:75.53.9.76:587 > :75.53.9.111::61177 > @40000000609d52201bf23a6c CHKUSER accepted sender: from > <[email protected]:bbaez:> <[email protected]:bbaez:> remote > <[10.16.1.123]:unknown:75.53.9.111> rcpt <> : sender accepted > @40000000609d522027921aa4 CHKUSER relaying rcpt: from > <[email protected]:bbaez:> <[email protected]:bbaez:> remote > <[10.16.1.123]:unknown:75.53.9.111> rcpt <[email protected]> : client > allowed to relay > @40000000609d52202792265c policy_check: local bbaez -> remote > [email protected] (AUTHENTICATED SENDER) > @40000000609d522027922a44 policy_check: policy allows transmission > @40000000609d52202925ce4c qmail-smtpd: qq soft reject (mail server > temporarily rejected message (#4.3.0)): MAILFROM:<[email protected]> > RCPTTO:[email protected] > @40000000609d52230a71f14c tcpserver: end 1598 status 0 > @40000000609d52230a71f91c tcpserver: status: 0/100 > > [root@mta01 ~]# tail -f cat /var/log/maillog > May 13 09:21:15 mta01 spamdyke[1592]: > ERROR(load_resolver_file()@search_fs.c:753): invalid/unparsable nameserver > found: 2600:1700:4a30:5b40::1 > May 13 09:21:42 mta01 vpopmail[1599]: vchkpw-submission: (CRAM-MD5) login > success [email protected]:75.53.9.111 > > I don't think the IPv6 error is related but including it. > > Thanks! > > >
