This is what’s running on my machine
> On May 13, 2021, at 13:41, Benjamin Baez <benba...@gmail.com> wrote: > > I had to manually install and enable clamd-0.103.2-1.el7.x86_64 > > [root@mta01 ~]# systemctl status clamd@scan.service > ● clamd@scan.service - clamd scanner (scan) daemon > Loaded: loaded (/usr/lib/systemd/system/clamd@.service; disabled; vendor > preset: disabled) > Active: failed (Result: start-limit) since Mon 2021-05-10 14:36:50 PDT; 2 > days ago > Docs: man:clamd(8) > man:clamd.conf(5) > https://www.clamav.net/documents/ > <https://www.clamav.net/documents/> > Process: 15611 ExecStart=/usr/sbin/clamd -c /etc/clamd.d/%i.conf > (code=exited, status=1/FAILURE) > > May 10 14:36:50 mta01.biospectra.com <http://mta01.biospectra.com/> > systemd[1]: clamd@scan.service: control process exited, code=exited status=1 > May 10 14:36:50 mta01.biospectra.com <http://mta01.biospectra.com/> > systemd[1]: Failed to start clamd scanner (scan) daemon. > May 10 14:36:50 mta01.biospectra.com <http://mta01.biospectra.com/> > systemd[1]: Unit clamd@scan.service entered failed state. > May 10 14:36:50 mta01.biospectra.com <http://mta01.biospectra.com/> > systemd[1]: clamd@scan.service failed. > May 10 14:36:50 mta01.biospectra.com <http://mta01.biospectra.com/> > systemd[1]: clamd@scan.service holdoff time over, scheduling restart. > May 10 14:36:50 mta01.biospectra.com <http://mta01.biospectra.com/> > systemd[1]: Stopped clamd scanner (scan) daemon. > May 10 14:36:50 mta01.biospectra.com <http://mta01.biospectra.com/> > systemd[1]: start request repeated too quickly for clamd@scan.service > May 10 14:36:50 mta01.biospectra.com <http://mta01.biospectra.com/> > systemd[1]: Failed to start clamd scanner (scan) daemon. > May 10 14:36:50 mta01.biospectra.com <http://mta01.biospectra.com/> > systemd[1]: Unit clamd@scan.service entered failed state. > May 10 14:36:50 mta01.biospectra.com <http://mta01.biospectra.com/> > systemd[1]: clamd@scan.service failed. > > /var/log/messages has a dependency error below: > > clamav-daemon.socket > > May 13 13:35:28 mta01 systemd: Cannot add dependency job for unit > clamav-daemon.socket, ignoring: Unit not found. > May 13 13:35:28 mta01 systemd: Starting clamd scanner (scan) daemon... > May 13 13:35:28 mta01 clamd[14248]: Received 0 file descriptor(s) from > systemd. > May 13 13:35:28 mta01 clamd[14248]: Please define server type (local and/or > TCP). > May 13 13:35:28 mta01 clamd: ERROR: Please define server type (local and/or > TCP). > May 13 13:35:28 mta01 systemd: clamd@scan.service: control process exited, > code=exited status=1 > May 13 13:35:28 mta01 systemd: Failed to start clamd scanner (scan) daemon. > May 13 13:35:28 mta01 systemd: Unit clamd@scan.service entered failed state. > May 13 13:35:28 mta01 systemd: clamd@scan.service failed. > May 13 13:35:28 mta01 systemd: clamd@scan.service holdoff time over, > scheduling restart. > May 13 13:35:28 mta01 systemd: Cannot add dependency job for unit > clamav-daemon.socket, ignoring: Unit not found. > May 13 13:35:28 mta01 systemd: Stopped clamd scanner (scan) daemon. > May 13 13:35:28 mta01 systemd: Starting clamd scanner (scan) daemon... > May 13 13:35:28 mta01 clamd[14253]: Received 0 file descriptor(s) from > systemd. > May 13 13:35:28 mta01 clamd: ERROR: Please define server type (local and/or > TCP). > May 13 13:35:28 mta01 clamd[14253]: Please define server type (local and/or > TCP). > May 13 13:35:28 mta01 systemd: clamd@scan.service: control process exited, > code=exited status=1 > May 13 13:35:28 mta01 systemd: Failed to start clamd scanner (scan) daemon. > May 13 13:35:28 mta01 systemd: Unit clamd@scan.service entered failed state. > May 13 13:35:28 mta01 systemd: clamd@scan.service failed. > May 13 13:35:29 mta01 systemd: clamd@scan.service holdoff time over, > scheduling restart. > May 13 13:35:29 mta01 systemd: Cannot add dependency job for unit > clamav-daemon.socket, ignoring: Unit not found. > May 13 13:35:29 mta01 systemd: Stopped clamd scanner (scan) daemon. > May 13 13:35:29 mta01 systemd: Starting clamd scanner (scan) daemon... > May 13 13:35:29 mta01 clamd[14257]: Received 0 file descriptor(s) from > systemd. > May 13 13:35:29 mta01 clamd[14257]: Please define server type (local and/or > TCP). > May 13 13:35:29 mta01 clamd: ERROR: Please define server type (local and/or > TCP). > May 13 13:35:29 mta01 systemd: clamd@scan.service: control process exited, > code=exited status=1 > May 13 13:35:29 mta01 systemd: Failed to start clamd scanner (scan) daemon. > May 13 13:35:29 mta01 systemd: Unit clamd@scan.service entered failed state. > May 13 13:35:29 mta01 systemd: clamd@scan.service failed. > May 13 13:35:29 mta01 systemd: clamd@scan.service holdoff time over, > scheduling restart. > May 13 13:35:29 mta01 systemd: Cannot add dependency job for unit > clamav-daemon.socket, ignoring: Unit not found. > May 13 13:35:29 mta01 systemd: Stopped clamd scanner (scan) daemon. > May 13 13:35:29 mta01 systemd: Starting clamd scanner (scan) daemon... > May 13 13:35:29 mta01 clamd[14261]: Received 0 file descriptor(s) from > systemd. > May 13 13:35:29 mta01 clamd[14261]: Please define server type (local and/or > TCP). > May 13 13:35:29 mta01 clamd: ERROR: Please define server type (local and/or > TCP). > May 13 13:35:29 mta01 systemd: clamd@scan.service: control process exited, > code=exited status=1 > May 13 13:35:29 mta01 systemd: Failed to start clamd scanner (scan) daemon. > May 13 13:35:29 mta01 systemd: Unit clamd@scan.service entered failed state. > May 13 13:35:29 mta01 systemd: clamd@scan.service failed. > May 13 13:35:29 mta01 systemd: clamd@scan.service holdoff time over, > scheduling restart. > May 13 13:35:29 mta01 systemd: Cannot add dependency job for unit > clamav-daemon.socket, ignoring: Unit not found. > May 13 13:35:29 mta01 systemd: Stopped clamd scanner (scan) daemon. > May 13 13:35:29 mta01 systemd: Starting clamd scanner (scan) daemon... > May 13 13:35:29 mta01 clamd[14265]: Received 0 file descriptor(s) from > systemd. > May 13 13:35:29 mta01 clamd[14265]: Please define server type (local and/or > TCP). > May 13 13:35:29 mta01 clamd: ERROR: Please define server type (local and/or > TCP). > May 13 13:35:29 mta01 systemd: clamd@scan.service: control process exited, > code=exited status=1 > May 13 13:35:29 mta01 systemd: Failed to start clamd scanner (scan) daemon. > May 13 13:35:29 mta01 systemd: Unit clamd@scan.service entered failed state. > May 13 13:35:29 mta01 systemd: clamd@scan.service failed. > May 13 13:35:29 mta01 systemd: clamd@scan.service holdoff time over, > scheduling restart. > May 13 13:35:29 mta01 systemd: Cannot add dependency job for unit > clamav-daemon.socket, ignoring: Unit not found. > May 13 13:35:29 mta01 systemd: Stopped clamd scanner (scan) daemon. > May 13 13:35:29 mta01 systemd: start request repeated too quickly for > clamd@scan.service > May 13 13:35:29 mta01 systemd: Failed to start clamd scanner (scan) daemon. > May 13 13:35:29 mta01 systemd: Unit clamd@scan.service entered failed state. > May 13 13:35:29 mta01 systemd: clamd@scan.service failed. > ^C > > > I found the following in a 2018 thread, Re: [qmailtoaster] Clamav service is > not running on Centos 7 (mail-archive.com) > <https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg41236.html> > > Do I manually add those units? I created them from the above thread, but > wasn't sure if they should have been there from some package so did not copy > them to systemd. > > [root@mta01 ~]# cat clamav-daemon.service > [Unit] > Description=Clam AntiVirus userspace daemon > Documentation=man:clamd(8) man:clamd.conf(5) > https://www.clamav.net/documents/ <https://www.clamav.net/documents/> > Requires=clamav-daemon.socket > # Check for database existence > ConditionPathExistsGlob=/var/lib/clamav/main.{c[vl]d,inc} > ConditionPathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc} > > [Service] > ExecStart=/usr/sbin/clamd --foreground=true > # Reload the database > ExecReload=/bin/kill -USR2 $MAINPID > StandardOutput=syslog > Restart = on-failure > > [Install] > WantedBy=multi-user.target > Also=clamav-daemon.socket > > > [root@mta01 ~]# cat clamav-daemon.socket > [Unit] > Description=Socket for Clam AntiVirus userspace daemon > Documentation=man:clamd(8) man:clamd.conf(5) > https://www.clamav.net/documents/ <https://www.clamav.net/documents/> > # Check for database existence > ConditionPathExistsGlob=/var/lib/clamav/main.{c[vl]d,inc} > ConditionPathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc} > > [Socket] > ListenStream=/run/clamav/clamd.ctl > #ListenStream=127.0.0.1:1024 <http://127.0.0.1:1024/> > SocketUser=clamav > SocketGroup=clamav > RemoveOnStop=True > > [Install] > WantedBy=sockets.target > > Thanks for the help > > On Thu, May 13, 2021 at 1:23 PM Remo Mattei <r...@mattei.org > <mailto:r...@mattei.org>> wrote: > Looks like it is clamd can you check the systemctl status ? > systemctl status clamd@scan.service <mailto:clamd@scan.service> > ● clamd@scan.service <mailto:clamd@scan.service> - clamd scanner (scan) daemon > Loaded: loaded (/usr/lib/systemd/system/clamd@.service; enabled; vendor > preset: disabled) > Active: active (running) since Fri 2021-04-30 22:08:48 PDT; 1 weeks 5 days > ago > Docs: man:clamd(8) > man:clamd.conf(5) > https://www.clamav.net/documents/ > <https://www.clamav.net/documents/> > Main PID: 12158 (clamd) > CGroup: /system.slice/system-clamd.slice/clamd@scan.service > <mailto:system.slice/system-clamd.slice/clamd@scan.service> > └─12158 /usr/sbin/clamd -c /etc/clamd.d/scan.con > > >> On May 13, 2021, at 13:16, Benjamin Baez <benba...@gmail.com >> <mailto:benba...@gmail.com>> wrote: >> >> I forgot to revisit that. I noticed that clamd never came back up after the >> update. Is there a different log now? >> >> [root@mta01 ~]# cat /var/log/clamd/clamd.log >> Sat Mar 27 11:23:30 2021 -> SelfCheck: Database status OK. >> Sat Mar 27 11:33:30 2021 -> SelfCheck: Database status OK. >> Sat Mar 27 11:43:30 2021 -> SelfCheck: Database status OK. >> Sat Mar 27 11:53:31 2021 -> SelfCheck: Database status OK. >> Sat Mar 27 11:56:20 2021 -> Waiting for all threads to finish >> Sat Mar 27 11:56:23 2021 -> Shutting down the main socket. >> Sat Mar 27 11:56:23 2021 -> ERROR: Can't unlink the pid file >> /var/run/clamav/clamd.pid >> Sat Mar 27 11:56:23 2021 -> --- Stopped at Sat Mar 27 11:56:23 2021 >> Sat Mar 27 11:56:23 2021 -> Closing the main socket. >> Sat Mar 27 11:56:23 2021 -> Socket file removed. >> >> [root@mta01 ~]# toaststat >> >> Status of toaster services >> send: up (pid 32338) 15907 seconds >> smtp: up (pid 32335) 15907 seconds >> submission: up (pid 32336) 15907 seconds >> send/log: up (pid 32340) 15907 seconds >> smtp/log: up (pid 32339) 15907 seconds >> submission/log: up (pid 32337) 15907 seconds >> >> systemd service: clamav-freshclam: [ OK ] >> systemd service: spamd: [ OK ] >> systemd service: dovecot: [ OK ] >> systemd service: mariadb: [ OK ] >> systemd service: httpd: [ OK ] >> systemd service: named: [ OK ] >> systemd service: ntpd: [ OK ] >> systemd service: sshd: [ OK ] >> systemd service: network: [ OK ] >> systemd service: crond: [ OK ] >> systemd service: acpid: [ OK ] >> systemd service: atd: [ OK ] >> systemd service: autofs: [ OK ] >> systemd service: smartd: [ OK ] >> systemd service: irqbalance: [ OK ] >> >> On Thu, May 13, 2021 at 1:03 PM Jeff Koch <jeffk...@intersessions.com >> <mailto:jeffk...@intersessions.com>> wrote: >> Did you check the clamav log? >> >> Jeff >> >> On 5/13/2021 12:30 PM, Benjamin Baez wrote: >>> >>> Hi, >>> >>> How do I troubleshoot this further? In the past it would be something to >>> do with clamav or simscan, but don't have a lead this time. >>> >>> [root@mta01 ~]# tail -f /var/log/qmail/submission/current >>> @40000000609d4c9217d2d2d4 tcpserver: status: 0/100 >>> @40000000609d52200e3031cc tcpserver: status: 1/100 >>> @40000000609d52200e39615c tcpserver: pid 1598 from 75.53.9.111 >>> @40000000609d52200e3a920c tcpserver: ok 1598 mta01.biospectra.com >>> <http://mta01.biospectra.com/>:75.53.9.76:587 <http://75.53.9.76:587/> >>> :75.53.9.111::61177 >>> @40000000609d52201bf23a6c CHKUSER accepted sender: from >>> <bb...@biospectra.com:bbaez:> <mailto:bb...@biospectra.com:bbaez:> remote >>> <[10.16.1.123]:unknown:75.53.9.111> rcpt <> : sender accepted >>> @40000000609d522027921aa4 CHKUSER relaying rcpt: from >>> <bb...@biospectra.com:bbaez:> <mailto:bb...@biospectra.com:bbaez:> remote >>> <[10.16.1.123]:unknown:75.53.9.111> rcpt <benba...@gmail.com >>> <mailto:benba...@gmail.com>> : client allowed to relay >>> @40000000609d52202792265c policy_check: local bbaez -> remote >>> benba...@gmail.com <mailto:benba...@gmail.com> (AUTHENTICATED SENDER) >>> @40000000609d522027922a44 policy_check: policy allows transmission >>> @40000000609d52202925ce4c qmail-smtpd: qq soft reject (mail server >>> temporarily rejected message (#4.3.0)): MAILFROM:<bb...@biospectra.com >>> <mailto:bb...@biospectra.com>> RCPTTO:benba...@gmail.com >>> <mailto:rcptto%3abenba...@gmail.com> >>> @40000000609d52230a71f14c tcpserver: end 1598 status 0 >>> @40000000609d52230a71f91c tcpserver: status: 0/100 >>> >>> [root@mta01 ~]# tail -f cat /var/log/maillog >>> May 13 09:21:15 mta01 spamdyke[1592]: >>> ERROR(load_resolver_file()@search_fs.c:753): invalid/unparsable nameserver >>> found: 2600:1700:4a30:5b40::1 >>> May 13 09:21:42 mta01 vpopmail[1599]: vchkpw-submission: (CRAM-MD5) login >>> success bb...@biospectra.com:75.53.9.111 >>> <mailto:bb...@biospectra.com:75.53.9.111> >>> >>> I don't think the IPv6 error is related but including it. >>> >>> Thanks! >> >
