Re: [AMaViS-user] BitDefender bdc and the --all option in amavisd.conf
On Thu, Jan 26, 2006 at 10:18:09AM -0800, Bill Landry wrote: - Original Message - From: Max Matslofva [EMAIL PROTECTED] Hi I just installed BitDefender bdc from FreeBSD ports. BDC/FreeBSD 5.x-Console (v7.0-2545) (i386) (Dec 22 2004 19:56:57) Copyright (C) 1996-2004 SOFTWIN SRL. All rights reserved. amavisd-new is version 2.3.3 I got an error from bdc, and the --all option in the logfile. Warning: unknown parameter: --all amavis[91989]: (91989-01) run_av: /usr/local/bin/bdc exit 0, BDC/FreeBSD 5.x-Console (v7.0-2545) (i386) (Dec 22 2004 19:56:57)\nCopyright (C) 1996-2004 SOFTWIN SRL. All rights reserved.\nWarning: unknown parameter: --all\n\n\n\nResults:\nFolders ...:1\nFiles ...:1\nPacked ...:0\nArchives ...:0\nInfected files :0\nSuspect files ...:0\nWarnings ...:0\nI/O errors ...:0\n The default options for bdc in amavisd.conf is --all --arc --mail Can I change it to --arc --mail ? Should work fine with the --all switch. Here what we have been using for over a year: ['BitDefender', 'bdc', '--all --arc --mail --nowarn --alev=15 --flev=15 {}', qr/^Infected files *:0+(?!\d)/, qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/, qr/(?:suspected|infected): (.*)(?:\033|$)/ ], and bdc --help outputs the following: BDC/Linux-Console v7.0 (build 2490) (i386) (Dec 10 2003 16:11:35) Copyright (C) 1996-2003 SOFTWIN SRL. All rights reserved. Obviously wouldn't hurt upgrading your bdc with a few years. ;) No --all here.. BDC/Linux-Console v7.1 (build 2559) (i386) (Jul 6 2005 16:28:53) Copyright (C) 1996-2004 SOFTWIN SRL. All rights reserved. Usage: bdc path [parameters] Parameters: --files - scan files * --arc- scan archives --mail - scan mail databases --nopack - don't scan packed programs --ext=ext1;ext2; - scan only this extensions --log[=file] - create log file --list - display all files --prog - scan only program files --append - append to log file --disinfect - disinfect files --delete - delete infected files --copy - copy infected files in quarantine zone --copys - move suspected files in quarantine zone --move - move infected files in quarantine zone --moves - move suspected files in quarantine zone --info - information --nowarn - do not display warnings --vlist - display virus list --debug - display debug information --nor- do not recurse into subdirs --alev[=n] - set maximum archive depth level --flev[=n] - set maximum folder depth level --update - update virus definitions --help,--? - this help * = default option Cheers, Henrik --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] SA_TIMED_OUT
Hi, The Amavis is generated this error in /var/log/maillog: Jan 27 04:03:40 jacaranda amavis[26216]: (26216-01) SA TIMED OUT, backtrace: at /usr/lib/perl5/site_perl/5.8.6/Mail/SpamAssassin/BayesStore/DBM.pm line 1846\n\teval {...} called at /usr/lib/perl5/site_perl/5.8.6/Mail/SpamAssassin/BayesStore/DBM.pm line 1846\n\tMail::SpamAssassin::BayesStore::DBM::tok_unpack('Mail::SpamAssassin::BayesStore::DBM=HASH(0xb3b792c)', 'undef') called at /usr/lib/perl5/site_perl/5.8.6/Mail/SpamAssassin/BayesStore/DBM.pm line 851\n\tMail::SpamAssassin::BayesStore::DBM::tok_get('Mail::SpamAssassin::BayesStore::DBM=HASH(0xb3b792c)', '-\\x{ce}\\x{f3}7\\x{cb}') called at /usr/lib/perl5/site_perl/5.8.6/Mail/SpamAssassin/BayesStore/DBM.pm line 1333\n\tMail::SpamAssassin::BayesStore::DBM::tok_sync_counters('Mail::SpamAssassin::BayesStore::DBM=HASH(0xb3b792c)', 0, 1, 1138341789, '-\\x{ce}\\x{f3}7\\x{cb}') called at /usr/lib/perl5/site_perl/5.8.6/Mail/SpamAssassin/BayesStore/DBM.pm line 1044\n\tMail::SpamAssassin::BayesStore::DBM::mult... Any idea? What's happening? How to fix? Tks a lot, Clóvis -- Clovis Tristao - UNICAMP/Faculdade de Engenharia Agricola Administrador de Redes - Secao de Informatica (SINFO) E-mail: mailto:[EMAIL PROTECTED] http://www.agr.unicamp.br Fone(0xx19) 37881031-37881038 ou FAX(55xx19) 37881005/37881010 --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid3432bid#0486dat1642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] While on the BitDefender subject
Zitat von Vernon A. Fort [EMAIL PROTECTED]: While on the bitdefender topic, I've had to disable this scanner on several server due system load. I use gentoo on most servers, standard setup... postfix+amavisd-new+clamav+spamassassin I tipically use 2-3 scanners on each server but the CPU load with bitdefender appears very high - usually around 40-60 cpu usage per instance. The main reason I'm asking is I just had to disable this scanner on a dual Xeon 3.0 with 2G of memory because I was getting out-of-memory kernel panic. This server does process 50k messages per day with around 15k email accounts. I even dropped the amavis to 3 clients (as well as master.cf) which did not help. Has anyone else experienced this or have any tips on limiting its cpu usage? Vernon The command line version is solw and a memory hoog but it is free to use and have a good heuristic. If you want something fast use antivir or nod32 for mailserver (daemon mode). Regards Andreas --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] BitDefender bdc and the --all option in amavisd.conf
Mark Martinec skrev: Actually looks like a version change. The newer versions of BDC do not use the --all switch, so looks like you can safely remove it. Thanks to all. I'll put in the following then for 2.4.0: ### http://www.bitdefender.com/ ['BitDefender', 'bdc', '--arc --mail {}', qr/^Infected files *:0+(?!\d)/, qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/, qr/(?:suspected|infected): (.*)(?:\033|$)/ ], # consider also: --all --nowarn --alev=15 --flev=15. The --all argument may # not apply to your version of bdc, check documentation and see 'bdc --help' Thanks for all answers /Max --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavisd-new Massive SWAP Usage
Matthias Keller wrote: Hi Maybe you should tell us what rules you are running? If you're for whatever reason still running bigevil then this is pretty much normal... So what SARE or other rulesets are activated? Matt You know... I didn't even think about the rules! Makes obvious sense to check that, but didn't even think about it. The following is from my rulesdujour config: TRUSTED_RULESETS= TRIPWIRE ANTIDRUG SARE_EVILNUMBERS0 BLACKLIST RANDOMVAL SARE_ADULT SARE_FRAUD SARE_BML SARE_SPOOF SARE_BAYES_POISON_NXM SARE_OEM SARE_RANDOM SARE_OBFU0 SARE_REDIRECT_POST300 SARE_SPAMCOP_TOP200 SARE_WHITELIST To be 100% honest, SA Rules are a bit of a weak spot as I couldn't tell you much when it comes to the arena. Any suggestions would be highly recommended. Thank you so much. BJ 5dollarwhitebox.org --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Amavisd-new Massive SWAP Usage
Matthias Keller wrote: Hi Maybe you should tell us what rules you are running? If you're for whatever reason still running bigevil then this is pretty much normal... So what SARE or other rulesets are activated? Matt Sorry, just for further clarity the following are the active SA Rules: # ls /etc/spamassassin/*.cf /etc/spamassassin/70_sare_adult.cf /etc/spamassassin/70_sare_bayes_poison_nxm.cf /etc/spamassassin/70_sare_evilnum0.cf /etc/spamassassin/70_sare_obfu0.cf /etc/spamassassin/70_sare_oem.cf /etc/spamassassin/70_sare_random.cf /etc/spamassassin/70_sare_spoof.cf /etc/spamassassin/70_sare_whitelist.cf /etc/spamassassin/70_sc_top200.cf /etc/spamassassin/72_sare_bml_post25x.cf /etc/spamassassin/72_sare_redirect_post3.0.0.cf /etc/spamassassin/99_sare_fraud_post25x.cf /etc/spamassassin/antidrug.cf /etc/spamassassin/blacklist.cf /etc/spamassassin/local.cf /etc/spamassassin/random.cf /etc/spamassassin/tripwire.cf Thanks again. BJ 5dollarwhitebox.org --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] Connection refused (port 10024)
With a Debian Etch/Sid-system I use the versions below. With a similar configuration on another machine it works. I think I have a wrong configuration of the master.cf or/and the main.cf of postfix. apt-cache policy amavisd-new amavisd-new: Installiert:1:2.3.3-2 Mögliche Pakete:1:2.3.3-2 Versions-Tabelle: 1:2.3.3-4 0 500 ftp://ftp.at.debian.org sid/main Packages 500 ftp://ftp.freenet.de sid/main Packages *** 1:2.3.3-2 0 900 ftp://ftp.at.debian.org etch/main Packages 900 ftp://ftp.freenet.de etch/main Packages apt-cache policy postfix postfix: Installiert:2.2.4-1.0.1 Mögliche Pakete:2.2.4-1.0.1 Versions-Tabelle: 2.2.8-7 0 500 ftp://ftp.at.debian.org sid/main Packages 500 ftp://ftp.freenet.de sid/main Packages *** 2.2.4-1.0.1 0 900 ftp://ftp.at.debian.org etch/main Packages 900 ftp://ftp.freenet.de etch/main Packages apt-cache policy spamassassin spamassassin: Installiert:3.1.0a-2 Mögliche Pakete:3.1.0a-2 Versions-Tabelle: *** 3.1.0a-2 0 900 ftp://ftp.at.debian.org etch/main Packages 500 ftp://ftp.at.debian.org sid/main Packages 900 ftp://ftp.freenet.de etch/main Packages 500 ftp://ftp.freenet.de sid/main Packages Jan 27 15:23:50 client2 postfix/pickup[4571]: D00D84A035E: uid=0 from=root Jan 27 15:23:50 client2 postfix/cleanup[4819]: D00D84A035E: message-id=[EMAIL PROTECTED] Jan 27 15:23:50 client2 postfix/qmgr[4572]: D00D84A035E: from=[EMAIL PROTECTED], size=460, nrcpt=1 (queue active) Jan 27 15:23:50 client2 postfix/smtp[4821]: connect to 127.0.0.1[127.0.0.1]: Connection refused (port 10024) Jan 27 15:23:50 client2 postfix/smtp[4821]: D00D84A035E: to=[EMAIL PROTECTED], orig_to=ab, relay=none, delay=0, status=deferred (connect to 127.0.0.1[127.0.0.1]: Connection refused) /etc/amavis/conf.d/50-user use strict; $mydomain = 'client2.local.FQDN'; @local_domains_maps = ( [.$mydomain] ); $sa_tag_level_deflt = -22.0; # add spam info headers if at, or above that level $max_servers = 2; # number of pre-forked children (default 2) $max_requests = 20; # retire a child after that many accepts (default 10) $child_timeout=5*60; # abort child if it does not complete each task in 1; # insure a defined return postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no config_directory = /etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 inet_interfaces = all mailbox_command = procmail -a $EXTENSION mailbox_size_limit = 0 mydestination = client2.local.FQDN, localhost.local.FQDN, localhost myhostname = client2.local.FQDN mynetworks = 127.0.0.0/8 myorigin = /etc/mailname recipient_delimiter = + relayhost = smtp.local.FQDN smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) /etc/postfix/master.cf smtp inet n - - - - smtpd pickupfifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup qmgr fifo n - - 300 1 qmgr rewrite unix - - - - - trivial-rewrite bounceunix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verifyunix - - - - 1 verify flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap smtp unix - - - - - smtp relay unix - - - - - smtp showq unix n - - - - showq error unix - - - - - error local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmailunix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} tlsmgrunix - - - 1000? 1 tlsmgr scacheunix - - - - 1 scache discard unix - - - - - discard smtp-amavis unix - -
Re: [AMaViS-user] Connection refused (port 10024)
Al wrote: With a Debian Etch/Sid-system I use the versions below. With a similar configuration on another machine it works. I think I have a wrong configuration of the master.cf or/and the main.cf of postfix. Jan 27 15:23:50 client2 postfix/pickup[4571]: D00D84A035E: uid=0 from=root Jan 27 15:23:50 client2 postfix/cleanup[4819]: D00D84A035E: message-id=[EMAIL PROTECTED] Jan 27 15:23:50 client2 postfix/qmgr[4572]: D00D84A035E: from=[EMAIL PROTECTED], size=460, nrcpt=1 (queue active) Jan 27 15:23:50 client2 postfix/smtp[4821]: connect to 127.0.0.1[127.0.0.1]: Connection refused (port 10024) Jan 27 15:23:50 client2 postfix/smtp[4821]: D00D84A035E: to=[EMAIL PROTECTED], orig_to=ab, relay=none, delay=0, status=deferred (connect to 127.0.0.1[127.0.0.1]: Connection refused) /etc/amavis/conf.d/50-user use strict; $mydomain = 'client2.local.FQDN'; @local_domains_maps = ( [.$mydomain] ); $sa_tag_level_deflt = -22.0; # add spam info headers if at, or above that level $max_servers = 2; # number of pre-forked children (default 2) $max_requests = 20; # retire a child after that many accepts (default 10) $child_timeout=5*60; # abort child if it does not complete each task in 1; # insure a defined return postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no config_directory = /etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 inet_interfaces = all mailbox_command = procmail -a $EXTENSION mailbox_size_limit = 0 mydestination = client2.local.FQDN, localhost.local.FQDN, localhost myhostname = client2.local.FQDN mynetworks = 127.0.0.0/8 myorigin = /etc/mailname recipient_delimiter = + relayhost = smtp.local.FQDN smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) /etc/postfix/master.cf smtp inet n - - - - smtpd pickupfifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup qmgr fifo n - - 300 1 qmgr rewrite unix - - - - - trivial-rewrite bounceunix - - - - 0 bounce defer unix - - - - 0 bounce trace unix - - - - 0 bounce verifyunix - - - - 1 verify flush unix n - - 1000? 0 flush proxymap unix - - n - - proxymap smtp unix - - - - - smtp relay unix - - - - - smtp showq unix n - - - - showq error unix - - - - - error local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmailunix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender $recipient scalemail-backend unix - n n - 2 pipe flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension} tlsmgrunix - - - 1000? 1 tlsmgr scacheunix - - - - 1 scache discard unix - - - - - discard smtp-amavis unix - - - - 2 smtp -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o disable_dns_lookups=yes -o max_use=20 127.0.0.1:10025 inet n - - - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_delay_reject=no -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o
Re: [AMaViS-user] Connection refused (port 10024)
Am Freitag, 27. Januar 2006 16:39 schrieb Gary V: Hi Gary With a Debian Etch/Sid-system I use the versions below. With a similar configuration on another machine it works. I think I have a wrong configuration of the master.cf or/and the main.cf of postfix. Jan 27 15:23:50 client2 postfix/pickup[4571]: D00D84A035E: uid=0 from=root Jan 27 15:23:50 client2 postfix/cleanup[4819]: D00D84A035E: message-id=[EMAIL PROTECTED] Jan 27 15:23:50 client2 postfix/qmgr[4572]: D00D84A035E: from=[EMAIL PROTECTED], size=460, nrcpt=1 (queue active) Jan 27 15:23:50 client2 postfix/smtp[4821]: connect to 127.0.0.1[127.0.0.1]: Connection refused (port 10024) Jan 27 15:23:50 client2 postfix/smtp[4821]: D00D84A035E: to=[EMAIL PROTECTED], orig_to=ab, relay=none, delay=0, status=deferred (connect to 127.0.0.1[127.0.0.1]: Connection refused) This could simply be amavisd-new is not running. Is it? You are right and now I know why. /etc/init.d/amavis restart Stopping amavisd: (not running). Starting amavisd: Found old config file /etc/amavis/amavisd.conf, amavisd-new will NOT be started for safety reasons. Please update the amavisd-new configuration, as the old configuration is not automatically converted. Remove the /etc/amavis/amavisd.conf to re-enable amavisd-new. also check: # grep -r inet_socket_port /etc/amavis/conf.d/ client2:~# grep -r inet_socket_port /etc/amavis/conf.d/ /etc/amavis/conf.d/20-debian_defaults:$inet_socket_port = 10024; # default listenting socket it should show: /etc/amavis/conf.d/20-debian_defaults:$inet_socket_port = 10024; # default listenting socket and: # lsof -i | grep amavis shows nothing. I will do some checks and go on later. Al --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Connection refused (port 10024)
Al wrote: Am Freitag, 27. Januar 2006 16:39 schrieb Gary V: Hi Gary With a Debian Etch/Sid-system I use the versions below. With a similar configuration on another machine it works. I think I have a wrong configuration of the master.cf or/and the main.cf of postfix. Jan 27 15:23:50 client2 postfix/pickup[4571]: D00D84A035E: uid=0 from=root Jan 27 15:23:50 client2 postfix/cleanup[4819]: D00D84A035E: message-id=[EMAIL PROTECTED] Jan 27 15:23:50 client2 postfix/qmgr[4572]: D00D84A035E: from=[EMAIL PROTECTED], size=460, nrcpt=1 (queue active) Jan 27 15:23:50 client2 postfix/smtp[4821]: connect to 127.0.0.1[127.0.0.1]: Connection refused (port 10024) Jan 27 15:23:50 client2 postfix/smtp[4821]: D00D84A035E: to=[EMAIL PROTECTED], orig_to=ab, relay=none, delay=0, status=deferred (connect to 127.0.0.1[127.0.0.1]: Connection refused) This could simply be amavisd-new is not running. Is it? You are right and now I know why. /etc/init.d/amavis restart Stopping amavisd: (not running). Starting amavisd: Found old config file /etc/amavis/amavisd.conf, amavisd-new will NOT be started for safety reasons. Please update the amavisd-new configuration, as the old configuration is not automatically converted. Remove the /etc/amavis/amavisd.conf to re-enable amavisd-new. also check: # grep -r inet_socket_port /etc/amavis/conf.d/ client2:~# grep -r inet_socket_port /etc/amavis/conf.d/ /etc/amavis/conf.d/20-debian_defaults:$inet_socket_port = 10024; # default listenting socket it should show: /etc/amavis/conf.d/20-debian_defaults:$inet_socket_port = 10024; # default listenting socket and: # lsof -i | grep amavis shows nothing. I will do some checks and go on later. Al The script actually checks for the existence of amavisd.conf.disabled so if you rename that, it should let you start it up. mv /etc/amavis/amavisd.conf.disabled /etc/amavis/amavisd.conf-backup /etc/init.d/amavis start Gary V --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Connection refused (port 10024)
Gary wrote: Al wrote: You are right and now I know why. /etc/init.d/amavis restart Stopping amavisd: (not running). Starting amavisd: Found old config file /etc/amavis/amavisd.conf, amavisd-new will NOT be started for safety reasons. Please update the amavisd-new configuration, as the old configuration is not automatically converted. Remove the /etc/amavis/amavisd.conf to re-enable amavisd-new. The script actually checks for the existence of amavisd.conf.disabled so if you rename that, it should let you start it up. mv /etc/amavis/amavisd.conf.disabled /etc/amavis/amavisd.conf-backup /etc/init.d/amavis start Gary V With this new Debian setup, spam and virus checking is disabled by default so you may also need to enable spam and virus checking if you have not already done so, the settings are in: /usr/share/amavis/conf.d/20-package I hate this thing! I can understand the package maintainers philosophy, but I still hate it. IMHO it will cause no end of confusion to users (new and old alike). http://www200.pair.com/mecham/spam/debian-amavisd-new_2.3.3.html They didn't even include @local_domains_maps or $max_servers in any of the config files, leaving it up to users to figure out they need those settings. They leave us no indication of $*_quarantine_to settings either. Gary V --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] amavis-new, spamassassin an bayes db errors
Hello, Ive installed OpenBSD 3.8 with amavisd-new-2.3.2 and p5-Mail-SpamAssassin-3.0.4 (no update from 2.6.x), I tried to start amavisd-new but I get everytime the errormessage: bayes: bayes db version 2 is not able to be used, aborting! at /usr/local/libdata/perl5/site_perl/Mail/SpamAssassin/BayesStore/DBM.pm line 160. After that I read that I should try to install the Berkeley DB (version 4) and the suitable CPAN modul but it helps nothing ? Can anyone help ? Regards Florian --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] While on the BitDefender subject
-- [EMAIL PROTECTED] said the following on 1/27/06 5:56 AM: The command line version is solw and a memory hoog but it is free to use and have a good heuristic. If you want something fast use antivir or nod32 for mailserver (daemon mode). How does antivir compare to McAfee uvscan in terms of detections? (I'm sure the daemon mode is a hell of a lot faster) Overall we have been very pleased with ClamAV which seems to be rapidly improving all the time. However, there is the odd occasion that uvscan catches something missed by ClamAV. Alas, uvscan isn't terribly fast (If it matters our scanning host is currently running Solaris 10.) Amos --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Connection refused (port 10024)
Al wrote: Am Freitag, 27. Januar 2006 17:53 schrieb Gary V: The script actually checks for the existence of amavisd.conf.disabled so if you rename that, it should let you start it up. I wonder why it was renamed on other machines automatically. To be sure, to start from a default-configuration I purged amavis with aptitude. I wonder if it left your old amavisd.conf file intact. With this new Debian setup, spam and virus checking is disabled by default so you may also need to enable spam and virus checking if you have not already done so, the settings are in: /usr/share/amavis/conf.d/20-package I don't have /usr/share/amavis/conf.d/20-package /etc/amavis# ls -lLRh * Do you mean that the entries below have to be enabled? No. If you are missing /usr/share/amavis/conf.d/20-package then that would be the same as allowing virus and spam checks (because the settings to disable them would not be present). /etc/amavis/conf.d/15-content_filter_mode use strict; @bypass_virus_checks_maps = ( \%bypass_virus_checks, [EMAIL PROTECTED], \$bypass_virus_checks_re); @bypass_spam_checks_maps = ( \%bypass_spam_checks, [EMAIL PROTECTED], \$bypass_spam_checks_re); 1; # insure a defined return Al I wonder if your install is incomplete. I have: # ls -l /usr/share/amavis/conf.d/ -rw-r--r--1 root root 855 Dec 27 08:56 10-debian_scripts -rw-r--r--1 root root 648 Dec 27 08:56 20-package AFAIK the init script will not start amavisd-new if this directory does not exist. Maybe it does but you are missing the 20-package file which would be fine if you are. You would not be fine if the 10-debian_scripts file was missing however. Here are the contents of the files I have: ### spamfilter:~# cat /usr/share/amavis/conf.d/10-debian_scripts use strict; # ADMINSTRATORS: DO NOT CHANGE THIS FILE # Change the files in /etc/amavis/conf.d instead # This file contains Debian system settings that are not to be changed # unless you really know better. # Changing or overriding the settings in this file requires changing scripts # such as the initscript and maybe the cron scripts, and even the amavis user # home directory. # # You have been warned. Don't change these settings. $daemon_user = 'amavis'; $daemon_group = 'amavis'; $MYHOME = '/var/lib/amavis'; # a convenient default for other settings $TEMPBASE = $MYHOME/tmp; # working directory, needs to be created manually $ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR $db_home = $MYHOME/db; $pid_file = /var/run/amavis/amavisd.pid; $lock_file = /var/run/amavis/amavisd.lock; 1; # insure a defined return ## spamfilter:~# cat /usr/share/amavis/conf.d/20-package use strict; # These settings are here just to enable a Debian package that does not # depend on clamav. The local admin is expected to override them # in /etc/amavis/conf.d/15-content_filter_mode, if any sort of antivirus # support is wanted @bypass_virus_checks_maps = (1); # DISABLE anti-virus code by default # These settings are here just to enable a Debian package that does not # depend on spamassassin. The local admin is expected to override them # in /etc/amavis/conf.d/15-content_filter_mode, if spamassassin support # is wanted @bypass_spam_checks_maps = (1); # DISABLE anti-spam code by default 1; # insure a defined return # Gary V --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Connection refused (port 10024)
Am Freitag, 27. Januar 2006 15:30 schrieb Al Bogner: With a Debian Etch/Sid-system I use the versions below. With a similar configuration on another machine it works. I think I have a wrong configuration of the master.cf or/and the main.cf of postfix. master.cf and main.cf were ok. I recommend to _purge_ amavis and use something like this for a _1st_ test. Dont't forget to correct the line breaks! /etc/amavis/conf.d/50-user use strict; $mydomain = 'client2.local.FQDN'; @local_domains_maps = ( [.$mydomain] ); $sa_tag_level_deflt = -22.0; # add spam info headers if at, or above that level $max_servers = 2; # number of pre-forked children (default 2) $max_requests = 20; # retire a child after that many accepts (default 10) $child_timeout=5*60; # abort child if it does not complete each task in 1; # insure a defined return After this everything seems to work for me except clamav: Jan 27 20:53:07 client2 amavis[4248]: (04248-02) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 42) line 266. For more details see thread ClamAV-clamd: Can't connect to UNIX socket, but antivir or bdc put the virus in quarantine without further configuration. How can I find out which virus-scanner caught the virus? The message below doens't help very much: Scanners detecting a virus: H+BEDV AntiVir or CentralCommand Vexira Antivirus, BitDefender Al --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
[AMaViS-user] ClamAV-clamd: Can't connect to UNIX socket
Can anyone help me with this error message please? Jan 27 20:36:19 client2 amavis[4181]: Using internal av scanner code for (primary) ClamAV-clamd Jan 27 20:53:00 client2 postfix/pickup[4584]: 23A98634D8A: uid=1000 from=ab Jan 27 20:53:00 client2 postfix/cleanup[5804]: 23A98634D8A: message-id=[EMAIL PROTECTED] Jan 27 20:53:00 client2 postfix/qmgr[4585]: 23A98634D8A: from=[EMAIL PROTECTED], size=83487, nrcpt=1 (queue active) Jan 27 20:53:01 client2 amavis[4248]: (04248-02) ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory, retrying (2) Jan 27 20:53:07 client2 amavis[4248]: (04248-02) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 42) line 266. Jan 27 20:53:09 client2 postfix/smtpd[5813]: connect from localhost.localdomain[127.0.0.1] Jan 27 20:53:09 client2 postfix/smtpd[5813]: A720A634D90: client=localhost.localdomain[127.0.0.1] Jan 27 20:53:09 client2 postfix/cleanup[5804]: A720A634D90: message-id=[EMAIL PROTECTED] Jan 27 20:53:09 client2 postfix/qmgr[4585]: A720A634D90: from=, size=2474, nrcpt=1 (queue active) Jan 27 20:53:09 client2 postfix/cleanup[5804]: B5C7B634D91: message-id=[EMAIL PROTECTED] Jan 27 20:53:09 client2 postfix/qmgr[4585]: B5C7B634D91: from=, size=2624, nrcpt=1 (queue active) Jan 27 20:53:09 client2 amavis[4248]: (04248-02) Blocked INFECTED (Worm/Sober.Y), - [EMAIL PROTECTED], quarantine: /var/lib/amavis/quarantine, Message-ID: [EMAIL PROTECTED], mail_id: YG8zA8G2meOA, Hits: -, 9587 ms Jan 27 20:53:09 client2 postfix/smtp[5806]: 23A98634D8A: to=[EMAIL PROTECTED], orig_to=ab, relay=127.0.0.1[127.0.0.1], delay=9, status=sent (250 2.7.1 Ok, discarded, id=04248-02 - VIRUS: Worm/Sober.Y, Worm/Sober.Y) Jan 27 20:53:09 client2 postfix/qmgr[4585]: 23A98634D8A: removed Jan 27 20:53:09 client2 postfix/smtpd[5813]: disconnect from localhost.localdomain[127.0.0.1] Jan 27 20:53:09 client2 postfix/local[5814]: A720A634D90: to=[EMAIL PROTECTED], relay=local, delay=0, status=sent (forwarded as B5C7B634D91) Jan 27 20:53:09 client2 postfix/qmgr[4585]: A720A634D90: removed Jan 27 20:53:09 client2 postfix/smtp[5815]: B5C7B634D91: to=[EMAIL PROTECTED], orig_to=[EMAIL PROTECTED], relay=gw.local.FQDN[192.168.1.99], delay=0, status=sent (250 Ok: queued as C974557E800) Jan 27 20:53:09 client2 postfix/qmgr[4585]: B5C7B634D91: removed ls /var/run/clamav/ freshclam.pid Al --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] ClamAV-clamd: Can't connect to UNIX socket
Al wrote: Can anyone help me with this error message please? Jan 27 20:53:01 client2 amavis[4248]: (04248-02) ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory, retrying (2) Jan 27 20:53:07 client2 amavis[4248]: (04248-02) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval First off, have you installed clamav-daemon? If not, do so. Either way, you need to add the clamav user to the amavis group and then restart both programs: gpasswd -a clamav amavis /etc/init.d/amavis stop /etc/init.d/clamav-daemon stop /etc/init.d/clamav-daemon start /etc/init.d/amavis start http://www200.pair.com/mecham/spam/clamav-amavisd-new.html Gary V --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Connection refused (port 10024)
Am Freitag, 27. Januar 2006 20:54 schrieb Gary V: I don't have /usr/share/amavis/conf.d/20-package I wonder if your install is incomplete. I have: # ls -l /usr/share/amavis/conf.d/ -rw-r--r--1 root root 855 Dec 27 08:56 10-debian_scripts -rw-r--r--1 root root 648 Dec 27 08:56 20-package AFAIK the init script will not start amavisd-new if this directory does not exist. Maybe it does but you are missing the 20-package file which would be fine if you are. You would not be fine if the 10-debian_scripts file was missing however It looks like Debian goes its own way. I don't see a 20-package, neither in etch nor in sarge apt-cache policy amavisd-new amavisd-new: Installiert:1:2.3.3-2 Mögliche Pakete:1:2.3.3-2 Versions-Tabelle: 1:2.3.3-4 0 500 ftp://ftp.at.debian.org sid/main Packages 500 ftp://ftp.freenet.de sid/main Packages *** 1:2.3.3-2 0 900 ftp://ftp.at.debian.org etch/main Packages 900 ftp://ftp.freenet.de etch/main Packages dpkg -c /var/cache/apt/archives/amavisd-new_1%3a2.3.3-2_all.deb | cut -c21-200 | grep /etc/amavis/ 0 2005-12-27 16:56:48 ./etc/amavis/ 0 2005-12-27 16:56:48 ./etc/amavis/conf.d/ 1455 2005-12-27 16:56:47 ./etc/amavis/conf.d/01-debian 473 2005-12-27 16:56:47 ./etc/amavis/conf.d/05-node_id 13115 2005-12-27 16:56:47 ./etc/amavis/conf.d/15-av_scanners 554 2005-12-27 16:56:47 ./etc/amavis/conf.d/15-content_filter_mode 8867 2005-12-27 16:56:47 ./etc/amavis/conf.d/20-debian_defaults 2130 2005-12-27 16:56:47 ./etc/amavis/conf.d/30-template_localization 318 2005-12-27 16:56:47 ./etc/amavis/conf.d/50-user 0 2005-12-27 16:56:48 ./etc/amavis/en_US/ 170 2005-12-27 16:56:47 ./etc/amavis/en_US/charset 2129 2005-12-27 16:56:47 ./etc/amavis/en_US/template-dsn.txt 1089 2005-12-27 16:56:47 ./etc/amavis/en_US/template-spam-admin.txt 796 2005-12-27 16:56:47 ./etc/amavis/en_US/template-spam-sender.txt 1522 2005-12-27 16:56:47 ./etc/amavis/en_US/template-virus-admin.txt 1090 2005-12-27 16:56:47 ./etc/amavis/en_US/template-virus-recipient.txt 2828 2005-12-27 16:56:47 ./etc/amavis/en_US/template-virus-sender.txt 983 2005-12-27 16:56:47 ./etc/amavis/README.l10n Sarge-Backport: apt-cache policy amavisd-new amavisd-new: Installiert:1:2.3.3-3bpo1 Mögliche Pakete:1:2.3.3-3bpo1 Versions-Tabelle: *** 1:2.3.3-3bpo1 0 500 http://www.backports.org sarge-backports/main Packages 100 /var/lib/dpkg/status 20030616p10-5 0 400 ftp://ftp.at.debian.org sarge/main Packages 400 ftp://debian.inode.at sarge/main Packages dpkg -c /var/cache/apt/archives/amavisd-new_1%3a2.3.3-3bpo1_all.deb | cut -c21-200 | grep /etc/amavis/ 0 2006-01-21 19:32:31 ./etc/amavis/ 983 2006-01-21 19:32:31 ./etc/amavis/README.l10n 0 2006-01-21 19:32:31 ./etc/amavis/conf.d/ 1455 2006-01-21 19:32:31 ./etc/amavis/conf.d/01-debian 692 2006-01-21 19:32:31 ./etc/amavis/conf.d/05-domain_id 235 2006-01-21 19:32:31 ./etc/amavis/conf.d/05-node_id 13115 2006-01-21 19:32:31 ./etc/amavis/conf.d/15-av_scanners 554 2006-01-21 19:32:31 ./etc/amavis/conf.d/15-content_filter_mode 8982 2006-01-21 19:32:31 ./etc/amavis/conf.d/20-debian_defaults 2130 2006-01-21 19:32:31 ./etc/amavis/conf.d/30-template_localization 318 2006-01-21 19:32:31 ./etc/amavis/conf.d/50-user 0 2006-01-21 19:32:31 ./etc/amavis/en_US/ 170 2006-01-21 19:32:31 ./etc/amavis/en_US/charset 2129 2006-01-21 19:32:31 ./etc/amavis/en_US/template-dsn.txt 1089 2006-01-21 19:32:31 ./etc/amavis/en_US/template-spam-admin.txt 796 2006-01-21 19:32:31 ./etc/amavis/en_US/template-spam-sender.txt 1522 2006-01-21 19:32:31 ./etc/amavis/en_US/template-virus-admin.txt 1090 2006-01-21 19:32:31 ./etc/amavis/en_US/template-virus-recipient.txt 2828 2006-01-21 19:32:31 ./etc/amavis/en_US/template-virus-sender.txt Al --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid3432bid#0486dat1642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Connection refused (port 10024)
Al wrote: Am Freitag, 27. Januar 2006 20:54 schrieb Gary V: I don't have /usr/share/amavis/conf.d/20-package I wonder if your install is incomplete. I have: It looks like Debian goes its own way. I don't see a 20-package, neither in etch nor in sarge Display it without grepping stuff out. dpkg -c /var/cache/apt/archives/amavisd-new_1%3a2.3.3-2_all.deb | cut -c21-200 | grep /etc/amavis/ Here is mine: http://www200.pair.com/mecham/spam/package.txt Gary V --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Connection refused (port 10024)
Am Freitag, 27. Januar 2006 22:19 schrieb Gary V: Here is mine: http://www200.pair.com/mecham/spam/package.txt Now I found it, it is in /usr/share/amavis/conf.d/20-package I always thought it has to be in /etc/amavis/conf.d/ My version without comments: /usr/share/amavis/conf.d/20-package use strict; @bypass_virus_checks_maps = (1); # DISABLE anti-virus code by default @bypass_spam_checks_maps = (1); # DISABLE anti-spam code by default 1; # insure a defined return But these variables are here too: with comments: cat /etc/amavis/conf.d/15-content_filter_mode use strict; # You can modify this file to re-enable SPAM checking through spamassassin # and to re-enable antivirus checking. # # Default antivirus checking mode # Uncomment the two lines below to enable it back # @bypass_virus_checks_maps = ( \%bypass_virus_checks, [EMAIL PROTECTED], \$bypass_virus_checks_re); # # Default SPAM checking mode # Uncomment the two lines below to enable it back # @bypass_spam_checks_maps = ( \%bypass_spam_checks, [EMAIL PROTECTED], \$bypass_spam_checks_re); 1; # insure a defined return Al --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] ClamAV-clamd: Can't connect to UNIX socket
Am Freitag, 27. Januar 2006 21:19 schrieb Gary V: First off, have you installed clamav-daemon? If not, do so. Either way, you need to add the clamav user to the amavis group and then restart both programs: gpasswd -a clamav amavis Thanks Gary, you are great. Since I am testing amavisd-new (old and new version) I forgot to modify the group. But there is still a problem. Jan 27 22:33:28 client2 amavis[4235]: (04235-01) ask_av (ClamAV-clamd) FAILED - unexpected result: /var/lib/amavis/tmp/amavis-20060127T223327-04235/parts: Access denied. ERROR\n For more details, please see http://members.inode.at/pinguin/mail.log.txt (mail with attachment was forwarded to mod) I don't understand primary and secondary av scanner. Found primary av scanner H+BEDV AntiVir or CentralCommand Vexira Antivirus at /usr/bin/antivir Found primary av scanner BitDefender at /usr/bin/bdc Using internal av scanner code for (primary) check-jpeg Found secondary av scanner ClamAV-clamscan at /usr/bin/clamscan Found secondary av scanner FRISK F-Prot Antivirus at /usr/bin/f-prot I want that the mail is checked with all 4 scanners. Al --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Applying different banned rules per recipient
On Sat, Jan 14, 2006 at 01:26:18AM +0100, Mark Martinec wrote: Brian, I would like to exclude a recipient from my site-wide banned rules, yet be subject to another set of banned rules which is slightly different from the site-wide one. Is this possible? In my specific case, these users need to receive a certain file type, yet everyone else shouldnt be receiving this type.I would like a maintainable method of creating such exceptions. It should be possible to have per-recipient banning rules. See release notes of 2.3.0 where it was first introduced. I use LDAP, and the attribute 'amavisBannedRuleNames' has me believing I can create a named set of banned rules and reference them in the users lookup table. Much like having different behavior in a policy bank. Am I misinterpreting this attribute? If not, how can I go about setting this up? It has indeed been reported before I believe that this does not work with LDAP, but I never got around to locate and fix the problem, mostly because I'm not running LDAP myself. The bug should not be that deep, I would appreciate help here from interested parties. I've submitted and Mark has incorporated a patch to fix this issue. My initial post of it got stuck in moderation, for the benefit of those who want to try it below is the patch to 'amavisd'. Its undoubtly mangled but you should get the idea of what changed, basically the attribute was change from multi-valued to single-valued and is a comma-seperated list of rule names (same as with SQL lookups. The full patch also includes, schema, documentation updates as well. diff -urN amavisd-new-2.3.3.orig/amavisd amavisd-new-2.3.3/amavisd --- amavisd-new-2.3.3.orig/amavisd Wed Jan 25 21:38:12 2006 +++ amavisd-new-2.3.3/amavisd Wed Jan 25 21:45:22 2006 @@ -6675,7 +6675,7 @@ unshift(@Amavis::Conf::spam_admin_maps, $lf-('amavisSpamAdmin', 'S-')); unshift(@Amavis::Conf::banned_admin_maps,$lf-('amavisBannedAdmin ','S-')); unshift(@Amavis::Conf::bad_header_admin_maps,$lf-('amavisBadHeaderAd min', 'S-')); - unshift(@Amavis::Conf::banned_filename_maps, $lf-('amavisBannedRuleN ames','L-')); + unshift(@Amavis::Conf::banned_filename_maps, $lf-('amavisBannedRuleN ames','S-')); section_time('ldap-prepare'); } if (defined $sql_policy !$implicit_maps_inserted) { @@ -10743,9 +10743,7 @@ amavisBadHeaderAdmin amavisBannedRuleNames ); - @mv_ldap_attrs = qw(amavisBlacklistSender amavisWhitelistSender -amavisBannedRuleNames - ); + @mv_ldap_attrs = qw(amavisBlacklistSender amavisWhitelistSender); } sub new { -- Nobody cares if you can't dance well. Just get up and dance. Mike Hall, System Admin - Rock Island Communications [EMAIL PROTECTED] System Admin - riverside.org, ssdd.org [EMAIL PROTECTED] --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
Re: [AMaViS-user] Connection refused (port 10024)
Al wrote: Am Freitag, 27. Januar 2006 22:19 schrieb Gary V: Here is mine: http://www200.pair.com/mecham/spam/package.txt Now I found it, it is in /usr/share/amavis/conf.d/20-package I always thought it has to be in /etc/amavis/conf.d/ My version without comments: /usr/share/amavis/conf.d/20-package use strict; @bypass_virus_checks_maps = (1); # DISABLE anti-virus code by default @bypass_spam_checks_maps = (1); # DISABLE anti-spam code by default 1; # insure a defined return But these variables are here too: with comments: cat /etc/amavis/conf.d/15-content_filter_mode use strict; # You can modify this file to re-enable SPAM checking through spamassassin # and to re-enable antivirus checking. # Default antivirus checking mode # Uncomment the two lines below to enable it back @bypass_virus_checks_maps = ( \%bypass_virus_checks, [EMAIL PROTECTED], \$bypass_virus_checks_re); # Default SPAM checking mode # Uncomment the two lines below to enable it back @bypass_spam_checks_maps = ( \%bypass_spam_checks, [EMAIL PROTECTED], \$bypass_spam_checks_re); 1; # insure a defined return Al You need to edit: /usr/share/amavis/conf.d/20-package and comment both of those out: # @bypass_virus_checks_maps = (1); # DISABLE anti-virus code by default # @bypass_spam_checks_maps = (1); # DISABLE anti-spam code by default I don't think you need to change anything in /etc/amavis/conf.d/15-content_filter_mode The thing is, how are you starting amavisd-new? If you start amavisd-new with: ~# amavisd-new start it will use the configuration in /etc/amavis/amavisd.conf and if you start it using the init script supplied with version 2.3.3 '/etc/init.d/amavis start' it will use the all the files in: /usr/share/amavis/conf.d/ and /etc/amavis/conf.d/ Other than that, I can't figure out how your system would be doing virus checks with virus checks globally bypassed. On my test system commenting out the @bypass settings in /usr/share/amavis/conf.d/20-package does flip the checks on. I have filed 3 bug reports with the maintainers today. Gary V --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnkkid=103432bid=230486dat=121642 ___ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/