Re: [clamav-users] No such file or directory + after milter-reject
Hello I found the issue ... wau this was tricky apt-get purge --remove clamav clamav-base clamav-daemon clamav-freshclam clamav-milter libclamav9:amd64 apt-get install clamav-daemon clamav-freshclam clamav-milter /etc/systemd/system/clamav-daemon.socket.d/extend.conf [Socket] ListenStream=127.0.0.1:3310 And now the port 3310 are ready Fri Mar 6 00:45:35 2020 -> TCP: Received AF_INET SOCK_STREAM socket from systemd. But please what would mean this ??? " unreasonable packet length", and "read error" Mar 6 00:52:32 mail postfix/smtps/smtpd[20006]: warning: milter inet:[127.0.0.1]:3310: unreasonable packet length: 1431194446 > 1073741823 Mar 6 00:52:32 mail postfix/smtps/smtpd[20006]: warning: milter inet:[127.0.0.1]:3310: read error in initial handshake Thanks for our possible update. -Ursprüngliche Nachricht- Von: G.W. Haywood Gesendet: Freitag, 6. März 2020 00:47 An: mauri...@caloro.ch; ClamAV users ML Betreff: Re: [clamav-users] No such file or directory + after milter-reject Hi there, On Thu, 5 Mar 2020, mauri via clamav-users wrote: > I try now this way. but also no chance... for any help, thanks ... > Main.cf - Postfix I can't help you with Postfix configuration I'm afraid, but you'll probably need to check that you have it right. > cat clamav-milter.conf > > MilterSocket "inet:7357@localhost" > ClamdSocket "tcp:127.0.0.1:3310" Remove the quotes. > FixStaleSocket true Useless directive - applies to Unix sockets. > cat clamd.conf > ... > LocalSocket /var/run/clamav/clamd.ctl > FixStaleSocket true > LocalSocketGroup clamav > LocalSocketMode 666 > ... I've never actually checked, but I'd be surprised if you can use _both_ a local (Unix) socket _and_ a TCP socket for clamd, and since you appear to have configured the milter for TCP then I think you should remove all these local socket directives. But you might be better off using Unix (local) sockets. I do not like the use of the word 'local' applied to sockets, I think it's confusing, but we have what we have. > TCPSocket "3310" > TCPAddr "localhost" Remove the quotes. Have you checked that clamav-milter and clamd actually start and continue to run? Do you know how to do that? -- 73, Ged. ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] No such file or directory + after milter-reject
Hi there, On Thu, 5 Mar 2020, mauri via clamav-users wrote: I try now this way. but also no chance... for any help, thanks ... Main.cf - Postfix I can't help you with Postfix configuration I'm afraid, but you'll probably need to check that you have it right. cat clamav-milter.conf MilterSocket "inet:7357@localhost" ClamdSocket "tcp:127.0.0.1:3310" Remove the quotes. FixStaleSocket true Useless directive - applies to Unix sockets. cat clamd.conf ... LocalSocket /var/run/clamav/clamd.ctl FixStaleSocket true LocalSocketGroup clamav LocalSocketMode 666 ... I've never actually checked, but I'd be surprised if you can use _both_ a local (Unix) socket _and_ a TCP socket for clamd, and since you appear to have configured the milter for TCP then I think you should remove all these local socket directives. But you might be better off using Unix (local) sockets. I do not like the use of the word 'local' applied to sockets, I think it's confusing, but we have what we have. TCPSocket "3310" TCPAddr "localhost" Remove the quotes. Have you checked that clamav-milter and clamd actually start and continue to run? Do you know how to do that? -- 73, Ged. ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] No such file or directory + after milter-reject
Hello
I try now this way. but also no chance... for any help, thanks
But the error styl persist:
23:05:00 mail postfix/cleanup[6087]: 24741405D0: milter-reject:
END-OF-MESSAGE from pub158181113102.dh-hfc.g.c[xxx.xxx.xxx.xxx]: 4.7.1
Service unavailable - try again later; from=
to=
Main.cf - Postfix
# Milter Sttings
#
#
milter_clamav = inet:[127.0.0.1]:7357
milter_default_action = accept
milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}
milter_protocol = 6
non_smtpd_milters = $milter_opendkim
smtpd_milters = $milter_clamav,$milter_opendkim,$milter_opendmarc
cat clamav-milter.conf
MilterSocket "inet:7357@localhost"
ClamdSocket "tcp:127.0.0.1:3310"
FixStaleSocket true
User clamav
ReadTimeout 120
Foreground false
PidFile /var/run/clamav/clamav-milter.pid
OnClean Accept
OnInfected Quarantine
OnFail Defer
AddHeader Replace
LogSyslog false
LogFacility LOG_LOCAL6
LogVerbose false
LogInfected Off
LogClean Off
LogRotate true
MaxFileSize 25M
SupportMultipleRecipients false
TemporaryDirectory /tmp
LogFile /var/log/clamav/clamav-milter.log
LogTime true
LogFileUnlock false
LogFileMaxSize 1M
MilterSocketGroup disabled
MilterSocketMode disabled
cat clamd.conf
#Automatically Generated by clamav-daemon postinst
#To reconfigure clamd run #dpkg-reconfigure clamav-daemon
#Please read /usr/share/doc/clamav-daemon/README.Debian.gz for details
LocalSocket /var/run/clamav/clamd.ctl
FixStaleSocket true
LocalSocketGroup clamav
LocalSocketMode 666
TCPSocket "3310"
TCPAddr "localhost"
# TemporaryDirectory is not set to its default /tmp here to make overriding
# the default with environment variables TMPDIR/TMP/TEMP possible
User clamav
ScanMail true
ScanArchive true
ArchiveBlockEncrypted false
MaxDirectoryRecursion 15
FollowDirectorySymlinks false
FollowFileSymlinks false
ReadTimeout 180
MaxThreads 12
MaxConnectionQueueLength 15
LogSyslog false
LogRotate true
LogFacility LOG_LOCAL6
LogClean false
LogVerbose false
PreludeEnable no
PreludeAnalyzerName ClamAV
DatabaseDirectory /var/lib/clamav
OfficialDatabaseOnly false
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
Re: [clamav-users] Multiple Clam Daemons on a single system
Hi there, On Thu, 5 Mar 2020, Ashish Poddar via clamav-users wrote: We have a situation where we run a clamav daemon to scan files on a system. However, in the process, we only use about 10% CPU in the system. We would naturally like to increase this number. We were thus trying to come up with a way to scan multiple files in parallel on the same system. My crystal ball is a little bit foggy this afternoon, you might want to be more forthcoming about your system. Sometimes that way you will get more useful ideas in the replies to your questions. I suspect that the simplest way to increase your 10% CPU number is to find _another_ number (probably one which you have not yet measured) and then find ways to reduce that. Suggestions might be file I/O transfer rates, latencies/access times/fragmentation, cache hit rates, memory bandwith, swap (if any) stats, interrupt service stats. I'm quite sure there will be many others. None of them is particularly relevant to clamd processes specifically. I do not understand why you would want to increase CPU utilization, most of the time I'm trying to find ways to reduce it. If you just mean that you want to make your filesystem scans complete more quickly, then perhaps, instead of what you have actually said, you should say that. Is there a way we can spawn multiple clam daemons to do this? It is not clear to me that your suggested solution will have the desired effect, but yes, you can run multiple clamd daemons, and indeed I do routinely do that - but not for reasons like yours. I am aware of the multiscan mode in clamdscan but I want each scan to be a separate process so as to not increase the overall scan time of any one file. Is there a way to do this? Perhaps you can explain this to me more fully so that I can be sure that I understand what you want to do. If I do understand, it is not clear to me that causing each scan to be in a separate _process_ will have the desired effect (it might do the opposite of what you hope). It will likely be in a separate thread in any case. Have you read through the example clamd configuration file in the distribution? Or are there any other alternatives to tackle this situation? I think you will first need to do some instrumentation on your systems to establish what they are doing, and what they are capable of doing. This is my first time posting to this mailing list. I apologize if I made any violations while using the mailing list. I wouldn't claim any violation of etiquette, but if you can give us more information and clearer, reasoned statements of your requirements that would help us to help you. -- 73, Ged. ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Multiple Clam Daemons on a single system
> On Mar 5, 2020, at 05:09, Ashish Poddar via clamav-users > wrote: > > > Hi all, > > We have a situation where we run a clamav daemon to scan files on a system. > However, in the process, we only use about 10% CPU in the system. We would > naturally like to increase this number. We were thus trying to come up with a > way to scan multiple files in parallel on the same system. Is there a way we > can spawn multiple clam daemons to do this? In short, yes. You can run multiple ClamAV daemons. Simply launch each daemon with a different config file for each daemon and then you can have clamdscan processes talking to each of those daemons. At a minimum, you would want to use different sockets for the daemons to listen on. You could set up each daemon to use smaller virus database sets, but that really only impacts the speed at which the daemon reloads when there are database changes. Are you trying to reduce the time that it takes to scan your entire system? Or is there some other reason that you are looking to run multiple daemons? “Increasing CPU usage” isn’t generally one of the things people look to do just because it’s low. > I am aware of the multiscan mode in clamdscan but I want each scan to be a > separate process so as to not increase the overall scan time of any one file. > Is there a way to do this? Or are there any other alternatives to tackle this > situation? Running multiple clamdscan processes doesn’t require multiple clamd daemons to be running. You can run multiple clamdscan processes against a single clamd daemon and it will just spawn more threads to do the scanning. So, for example, you can have a separate clamdscan process working each user’s home directory in parallel and they should all be able to talk to a single clamd daemon. —Maarten ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Multiple Clam Daemons on a single system
On 05/03/2020 12:26, Matus UHLAR - fantomas wrote: > On 05.03.20 15:38, Ashish Poddar via clamav-users wrote: >> We have a situation where we run a clamav daemon to scan files on a >> system. > > how? > >> However, in the process, we only use about 10% CPU in the system. We >> would >> naturally like to increase this number. We were thus trying to come up >> with >> a way to scan multiple files in parallel on the same system. Is there >> a way >> we can spawn multiple clam daemons to do this? > > afaik single clamav daemon is able to scan multiple files in parallel. > >> I am aware of the multiscan mode in clamdscan but I want each scan to >> be a >> separate process so as to not increase the overall scan time of any one >> file. > > I don't understand. Why do you think that scanning in multiple threads > increases scan time? I don't see hosw muti-thread or multi-process would be different. But I do not recommend scanning in parallel, the disk I/O is IMHO the bottleneck, why you use only 10% of CPU, and running multiple scans in parallel will make things even worse. -- Best Regards Vladislav Kurz ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Multiple Clam Daemons on a single system
On 05.03.20 15:38, Ashish Poddar via clamav-users wrote: We have a situation where we run a clamav daemon to scan files on a system. how? However, in the process, we only use about 10% CPU in the system. We would naturally like to increase this number. We were thus trying to come up with a way to scan multiple files in parallel on the same system. Is there a way we can spawn multiple clam daemons to do this? afaik single clamav daemon is able to scan multiple files in parallel. I am aware of the multiscan mode in clamdscan but I want each scan to be a separate process so as to not increase the overall scan time of any one file. I don't understand. Why do you think that scanning in multiple threads increases scan time? Is there a way to do this? Or are there any other alternatives to tackle this situation? This is my first time posting to this mailing list. I apologize if I made any violations while using the mailing list. Thanks for you cooperation. I don't see any violations here, although I prefer single plaintext (you used multipart text+html) :) -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Honk if you love peace and quiet. ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] Multiple Clam Daemons on a single system
Hi all, We have a situation where we run a clamav daemon to scan files on a system. However, in the process, we only use about 10% CPU in the system. We would naturally like to increase this number. We were thus trying to come up with a way to scan multiple files in parallel on the same system. Is there a way we can spawn multiple clam daemons to do this? I am aware of the multiscan mode in clamdscan but I want each scan to be a separate process so as to not increase the overall scan time of any one file. Is there a way to do this? Or are there any other alternatives to tackle this situation? This is my first time posting to this mailing list. I apologize if I made any violations while using the mailing list. Thanks for you cooperation. - Ashish Poddar ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
