Re: [qmailtoaster] iPhone updates / new ssl breaks connection
Thanks!
On Wed, Apr 27, 2022 at 2:41 PM Eric Broch wrote:
> make sure to change the 'days' setting to 2 or 3.
> On 4/27/2022 3:38 PM, Benjamin Baez wrote:
>
> Thank you Eric!
>
> On Wed, Apr 27, 2022 at 2:23 PM Eric Broch
> wrote:
>
>> This is one gets all the certs as well as the qt mail cert as well
>>
>> #!/bin/bash
>>
>> mailcert () {
>>
>> cat /etc/letsencrypt/live/$1/privkey.pem
>> /etc/letsencrypt/live/$1/fullchain.pem > ./servercert.pem
>> cp -p /var/qmail/control/servercert.pem
>> /var/qmail/control/servercert.pem.bak
>> cp ./servercert.pem /var/qmail/control/servercert.pem
>> systemctl reload dovecot
>> qmailctl stop && sleep 2 && qmailctl start
>> }
>>
>> LOG=/var/log/certs.log
>> days=100
>>
>> today=`date`
>> today=`date --date="$today" --utc +%s`
>> certdir=/etc/letsencrypt/live
>> certfile=fullchain.pem
>>
>> qtcertdom=`openssl x509 -noout -subject -in
>> /var/qmail/control/servercert.pem|sed 's/subject= \/CN=//'`
>>
>> for certdom in `ls $certdir`
>> do
>> [[ "$certdom" = "README" ]] && continue
>> exp=`openssl x509 -dates -noout < $certdir/$certdom/$certfile | grep
>> notAfter | sed 's/notAfter=//'`
>> off=`date --date="$exp" --utc +%s`
>> diff=$(( (off - today)/86400 ))
>> echo "Certificate Domain: $certdom, Days to expire: $diff"
>> echo ""
>> if [ $diff -le $days ]
>> then
>>certbot renew --cert-name $certdom
>>systemctl reload httpd
>>[ "$certdom" = "$qtcertdom" ] && mailcert $qtcertdom
>> fi
>> done
>>
>> exit 0
>>
>> On 4/27/2022 2:59 PM, Remo Mattei wrote:
>> > Thank you!
>> >
>> >> On Apr 27, 2022, at 13:43, Eric Broch wrote:
>> >>
>> >> This is the correct procedure for creating file updcerts.sh :
>> >>
>> >> cat <<'EOL'>> updcerts.sh
>> >> #!/bin/bash
>> >>
>> >> mailcert () {
>> >> cat /etc/letsencrypt/live/mail.whitehorsetc.com/privkey.pem
>> /etc/letsencrypt/live/mail.whitehorsetc.com/fullchain.pem >
>> ./servercert.pem
>> >> cp -p /var/qmail/control/servercert.pem
>> /var/qmail/control/servercert.pem.bak
>> >> cp ./servercert.pem /var/qmail/control/servercert.pem
>> >> systemctl reload dovecot
>> >> qmailctl stop && sleep 2 && qmailctl start
>> >> }
>> >>
>> >> LOG=/var/log/certs.log
>> >> days=3
>> >> today=`date`
>> >> today=`date --date="$today" --utc +%s`
>> >> certdir=/etc/letsencrypt/live
>> >> certfile=fullchain.pem
>> >>
>> >> for certdom in `ls $certdir`
>> >> do
>> >> exp=`openssl x509 -dates -noout < $certdir/$certdom/$certfile |
>> grep notAfter | sed 's/notAfter=//'`
>> >> off=`date --date="$exp" --utc +%s`
>> >> diff=$(( (off - today)/86400 ))
>> >> echo "Certificate Domain: $certdom, Days to expire: $diff"
>> >> echo ""
>> >> if [ $diff -le $days ]
>> >> then
>> >>certbot renew --cert-name $certdom
>> >>systemctl reload httpd
>> >>[ "$certdom" = "mail.whitehorsetc.com" ] && mailcert
>> >> fi
>> >> done
>> >> exit 0
>> >> EOL
>> >>
>> >> On 4/27/2022 2:18 PM, Eric Broch wrote:
>> >>> I run updcert.sh every night (set 'days=X', which is the number of
>> days before expiration at which time the certificate will be updated):
>> >>>
>> >>> cat updcert.sh <> >>>
>> >>> #!/bin/bash
>> >>>
>> >>> mailcert () {
>> >>> cat /etc/letsencrypt/live/mail.whitehorsetc.com/privkey.pem
>> /etc/letsencrypt/live/mail.whitehorsetc.com/fullchain.pem >
>> ./servercert.pem
>> >>> cp -p /var/qmail/control/servercert.pem
>> /var/qmail/control/servercert.pem.bak
>> >>> cp ./servercert.pem /var/qmail/control/servercert.pem
>> >>> systemctl reload dovecot
>> >>> qmailctl stop && sleep 2 && qmailctl start
>> >>> }
>> >>>
>> >
Re: [qmailtoaster] iPhone updates / new ssl breaks connection
Thank you Eric!
On Wed, Apr 27, 2022 at 2:23 PM Eric Broch wrote:
> This is one gets all the certs as well as the qt mail cert as well
>
> #!/bin/bash
>
> mailcert () {
>
> cat /etc/letsencrypt/live/$1/privkey.pem
> /etc/letsencrypt/live/$1/fullchain.pem > ./servercert.pem
> cp -p /var/qmail/control/servercert.pem
> /var/qmail/control/servercert.pem.bak
> cp ./servercert.pem /var/qmail/control/servercert.pem
> systemctl reload dovecot
> qmailctl stop && sleep 2 && qmailctl start
> }
>
> LOG=/var/log/certs.log
> days=100
>
> today=`date`
> today=`date --date="$today" --utc +%s`
> certdir=/etc/letsencrypt/live
> certfile=fullchain.pem
>
> qtcertdom=`openssl x509 -noout -subject -in
> /var/qmail/control/servercert.pem|sed 's/subject= \/CN=//'`
>
> for certdom in `ls $certdir`
> do
> [[ "$certdom" = "README" ]] && continue
> exp=`openssl x509 -dates -noout < $certdir/$certdom/$certfile | grep
> notAfter | sed 's/notAfter=//'`
> off=`date --date="$exp" --utc +%s`
> diff=$(( (off - today)/86400 ))
> echo "Certificate Domain: $certdom, Days to expire: $diff"
> echo ""
> if [ $diff -le $days ]
> then
>certbot renew --cert-name $certdom
>systemctl reload httpd
>[ "$certdom" = "$qtcertdom" ] && mailcert $qtcertdom
> fi
> done
>
> exit 0
>
> On 4/27/2022 2:59 PM, Remo Mattei wrote:
> > Thank you!
> >
> >> On Apr 27, 2022, at 13:43, Eric Broch wrote:
> >>
> >> This is the correct procedure for creating file updcerts.sh :
> >>
> >> cat <<'EOL'>> updcerts.sh
> >> #!/bin/bash
> >>
> >> mailcert () {
> >> cat /etc/letsencrypt/live/mail.whitehorsetc.com/privkey.pem
> /etc/letsencrypt/live/mail.whitehorsetc.com/fullchain.pem >
> ./servercert.pem
> >> cp -p /var/qmail/control/servercert.pem
> /var/qmail/control/servercert.pem.bak
> >> cp ./servercert.pem /var/qmail/control/servercert.pem
> >> systemctl reload dovecot
> >> qmailctl stop && sleep 2 && qmailctl start
> >> }
> >>
> >> LOG=/var/log/certs.log
> >> days=3
> >> today=`date`
> >> today=`date --date="$today" --utc +%s`
> >> certdir=/etc/letsencrypt/live
> >> certfile=fullchain.pem
> >>
> >> for certdom in `ls $certdir`
> >> do
> >> exp=`openssl x509 -dates -noout < $certdir/$certdom/$certfile |
> grep notAfter | sed 's/notAfter=//'`
> >> off=`date --date="$exp" --utc +%s`
> >> diff=$(( (off - today)/86400 ))
> >> echo "Certificate Domain: $certdom, Days to expire: $diff"
> >> echo ""
> >> if [ $diff -le $days ]
> >> then
> >>certbot renew --cert-name $certdom
> >>systemctl reload httpd
> >>[ "$certdom" = "mail.whitehorsetc.com" ] && mailcert
> >> fi
> >> done
> >> exit 0
> >> EOL
> >>
> >> On 4/27/2022 2:18 PM, Eric Broch wrote:
> >>> I run updcert.sh every night (set 'days=X', which is the number of
> days before expiration at which time the certificate will be updated):
> >>>
> >>> cat updcert.sh < >>>
> >>> #!/bin/bash
> >>>
> >>> mailcert () {
> >>> cat /etc/letsencrypt/live/mail.whitehorsetc.com/privkey.pem
> /etc/letsencrypt/live/mail.whitehorsetc.com/fullchain.pem >
> ./servercert.pem
> >>> cp -p /var/qmail/control/servercert.pem
> /var/qmail/control/servercert.pem.bak
> >>> cp ./servercert.pem /var/qmail/control/servercert.pem
> >>> systemctl reload dovecot
> >>> qmailctl stop && sleep 2 && qmailctl start
> >>> }
> >>>
> >>> LOG=/var/log/certs.log
> >>> days=3
> >>>
> >>> today=`date`
> >>> today=`date --date="$today" --utc +%s`
> >>> certdir=/etc/letsencrypt/live
> >>> certfile=fullchain.pem
> >>>
> >>> for certdom in `ls $certdir`
> >>> do
> >>> exp=`openssl x509 -dates -noout < $certdir/$certdom/$certfile |
> grep notAfter | sed 's/notAfter=//'`
> >>> off=`date --date="$exp" --utc +%s`
> >>> diff=$(( (off - today)/86400 ))
> >>> echo "Certificate Domain: $certdom, Days to expire: $diff"
> >>> echo ""
> >>> if [ $diff -le $days ]
> >>> then
> >>>certbot renew --cert-name $certdom
> >>>systemctl reload httpd
> >>>[ "$certdom" = "mail.whitehorsetc.com" ] && mailcert
> >>> fi
> >>> done
> >>>
> >>> exit 0
> >>>
> >>> EOL
> >>>
> >>> On 4/27/2022 1:07 PM, Remo Mattei wrote:
> Hi David, can you share your config maybe I ping you offlinee.
>
> Remo
>
> > On Apr 26, 2022, at 23:55, David Bray wrote:
> >
> > I'm using Letsencrypt and it renews every - well not sure, is it
> 10/11 weeks - the certs are valid for 3 months
> >
> > It never has an issue with iOS
> >
> > Cheers
> >
> > David Bray
> > e. da...@brayworth.com
> >
> > April 27, 2022 1:47 AM, "Remo Mattei" wrote:
> >
> >> Hello guys,
> >> I got a few of my customers that every year after the upgrade of
> the SSL cert do have issues and
> >> shows cert expired or not valid. I did not have the issue on my
> iOS, but I just wonder if anyone
> >> has seen that and how they planned to
Re: [qmailtoaster] Fwd: qq soft reject after updating packages end of March 2021
The steps in Re: [qmailtoaster] Clamd not restarting after update from 101 to 103 resolved my issue. Thanks everyone for your help. On Thu, May 13, 2021 at 5:53 PM Jeff Koch wrote: > Clamd runs quite differently when the epel version is installed > > daemon is controlled with: > > systemctl status clamd@scan > > and to get better logging > > Add SIMSCAN_DEBUG="5" to /etc/tcprules.d/tcp.smtp as in: > > > :allow,SIMSCAN_DEBUG="5",BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="25" > > The you'll see detailed clamdscan logging in /var/log/qmail/smtp and > submission but make sure clamdscan is running > > systemctl status clamd@scan > > we got qq soft-rejects when the kernel ran out of memory and clamav has > stopped. We found an entry in /var/log/messages: > > Nov 18 15:10:13 machine kernel: Out of memory: Kill process 803 (clamd) > score 165 or sacrifice child > > > Jeff > > On 5/13/2021 4:16 PM, Benjamin Baez wrote: > > I forgot to revisit that. I noticed that clamd never came back up after > the update. Is there a different log now? > > [root@mta01 ~]# cat /var/log/clamd/clamd.log > Sat Mar 27 11:23:30 2021 -> SelfCheck: Database status OK. > Sat Mar 27 11:33:30 2021 -> SelfCheck: Database status OK. > Sat Mar 27 11:43:30 2021 -> SelfCheck: Database status OK. > Sat Mar 27 11:53:31 2021 -> SelfCheck: Database status OK. > Sat Mar 27 11:56:20 2021 -> Waiting for all threads to finish > Sat Mar 27 11:56:23 2021 -> Shutting down the main socket. > Sat Mar 27 11:56:23 2021 -> ERROR: Can't unlink the pid file > /var/run/clamav/clamd.pid > Sat Mar 27 11:56:23 2021 -> --- Stopped at Sat Mar 27 11:56:23 2021 > Sat Mar 27 11:56:23 2021 -> Closing the main socket. > Sat Mar 27 11:56:23 2021 -> Socket file removed. > > [root@mta01 ~]# toaststat > > Status of toaster services > send: up (pid 32338) 15907 seconds > smtp: up (pid 32335) 15907 seconds > submission: up (pid 32336) 15907 seconds > send/log: up (pid 32340) 15907 seconds > smtp/log: up (pid 32339) 15907 seconds > submission/log: up (pid 32337) 15907 seconds > > systemd service: clamav-freshclam: [ OK ] > systemd service:spamd: [ OK ] > systemd service: dovecot: [ OK ] > systemd service: mariadb: [ OK ] > systemd service:httpd: [ OK ] > systemd service:named: [ OK ] > systemd service: ntpd: [ OK ] > systemd service: sshd: [ OK ] > systemd service: network: [ OK ] > systemd service:crond: [ OK ] > systemd service:acpid: [ OK ] > systemd service: atd: [ OK ] > systemd service: autofs: [ OK ] > systemd service: smartd: [ OK ] > systemd service: irqbalance: [ OK ] > > On Thu, May 13, 2021 at 1:03 PM Jeff Koch > wrote: > >> Did you check the clamav log? >> >> Jeff >> >> On 5/13/2021 12:30 PM, Benjamin Baez wrote: >> >> >> Hi, >> >> How do I troubleshoot this further? In the past it would be something to >> do with clamav or simscan, but don't have a lead this time. >> >> [root@mta01 ~]# tail -f /var/log/qmail/submission/current >> @4000609d4c9217d2d2d4 tcpserver: status: 0/100 >> @4000609d52200e3031cc tcpserver: status: 1/100 >> @4000609d52200e39615c tcpserver: pid 1598 from 75.53.9.111 >> @4000609d52200e3a920c tcpserver: ok 1598 >> mta01.biospectra.com:75.53.9.76:587 >> :75.53.9.111::61177 >> @4000609d52201bf23a6c CHKUSER accepted sender: from >> remote >> <[10.16.1.123]:unknown:75.53.9.111> rcpt <> : sender accepted >> @4000609d522027921aa4 CHKUSER relaying rcpt: from >> remote >> <[10.16.1.123]:unknown:75.53.9.111> rcpt : client >> allowed to relay >> @4000609d52202792265c policy_check: local bbaez -> remote >> benba...@gmail.com (AUTHENTICATED SENDER) >> @4000609d522027922a44 policy_check: policy allows transmission >> @4000609d52202925ce4c qmail-smtpd: qq soft reject (mail server >> temporarily rejected message (#4.3.0)): MAILFROM: >> RCPTTO:benba...@gmail.com >> @4000609d52230a71f14c tcpserver: end 1598 status 0 >> @4000609d52230a71f91c tcpserver: status: 0/100 >> >> [root@mta01 ~]# tail -f cat /var/log/maillog >> May 13 09:21:15 mta01 spamdyke[1592]: >> ERROR(load_resolver_file()@search_fs.c:753): invalid/unparsable nameserver >> found: 2600:1700:4a30:5b40::1 >> May 13 09:21:42 mta01 vpopmail[1599]: vchkpw-submission: (CRAM-MD5) login >> success bb...@biospectra.com:75.53.9.111 >> >> I don't think the IPv6 error is related but including it. >> >> Thanks! >> >> >> >
Re: [qmailtoaster] Fwd: qq soft reject after updating packages end of March 2021
This looks like my issue [qmailtoaster] Clamd not restarting after update from 101 to 103 https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg43255.html I'll work through it soon. On Thu, May 13, 2021 at 5:53 PM Jeff Koch wrote: > Clamd runs quite differently when the epel version is installed > > daemon is controlled with: > > systemctl status clamd@scan > > and to get better logging > > Add SIMSCAN_DEBUG="5" to /etc/tcprules.d/tcp.smtp as in: > > > :allow,SIMSCAN_DEBUG="5",BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="25" > > The you'll see detailed clamdscan logging in /var/log/qmail/smtp and > submission but make sure clamdscan is running > > systemctl status clamd@scan > > we got qq soft-rejects when the kernel ran out of memory and clamav has > stopped. We found an entry in /var/log/messages: > > Nov 18 15:10:13 machine kernel: Out of memory: Kill process 803 (clamd) > score 165 or sacrifice child > > > Jeff > > On 5/13/2021 4:16 PM, Benjamin Baez wrote: > > I forgot to revisit that. I noticed that clamd never came back up after > the update. Is there a different log now? > > [root@mta01 ~]# cat /var/log/clamd/clamd.log > Sat Mar 27 11:23:30 2021 -> SelfCheck: Database status OK. > Sat Mar 27 11:33:30 2021 -> SelfCheck: Database status OK. > Sat Mar 27 11:43:30 2021 -> SelfCheck: Database status OK. > Sat Mar 27 11:53:31 2021 -> SelfCheck: Database status OK. > Sat Mar 27 11:56:20 2021 -> Waiting for all threads to finish > Sat Mar 27 11:56:23 2021 -> Shutting down the main socket. > Sat Mar 27 11:56:23 2021 -> ERROR: Can't unlink the pid file > /var/run/clamav/clamd.pid > Sat Mar 27 11:56:23 2021 -> --- Stopped at Sat Mar 27 11:56:23 2021 > Sat Mar 27 11:56:23 2021 -> Closing the main socket. > Sat Mar 27 11:56:23 2021 -> Socket file removed. > > [root@mta01 ~]# toaststat > > Status of toaster services > send: up (pid 32338) 15907 seconds > smtp: up (pid 32335) 15907 seconds > submission: up (pid 32336) 15907 seconds > send/log: up (pid 32340) 15907 seconds > smtp/log: up (pid 32339) 15907 seconds > submission/log: up (pid 32337) 15907 seconds > > systemd service: clamav-freshclam: [ OK ] > systemd service:spamd: [ OK ] > systemd service: dovecot: [ OK ] > systemd service: mariadb: [ OK ] > systemd service:httpd: [ OK ] > systemd service:named: [ OK ] > systemd service: ntpd: [ OK ] > systemd service: sshd: [ OK ] > systemd service: network: [ OK ] > systemd service:crond: [ OK ] > systemd service:acpid: [ OK ] > systemd service: atd: [ OK ] > systemd service: autofs: [ OK ] > systemd service: smartd: [ OK ] > systemd service: irqbalance: [ OK ] > > On Thu, May 13, 2021 at 1:03 PM Jeff Koch > wrote: > >> Did you check the clamav log? >> >> Jeff >> >> On 5/13/2021 12:30 PM, Benjamin Baez wrote: >> >> >> Hi, >> >> How do I troubleshoot this further? In the past it would be something to >> do with clamav or simscan, but don't have a lead this time. >> >> [root@mta01 ~]# tail -f /var/log/qmail/submission/current >> @4000609d4c9217d2d2d4 tcpserver: status: 0/100 >> @4000609d52200e3031cc tcpserver: status: 1/100 >> @4000609d52200e39615c tcpserver: pid 1598 from 75.53.9.111 >> @4000609d52200e3a920c tcpserver: ok 1598 >> mta01.biospectra.com:75.53.9.76:587 >> :75.53.9.111::61177 >> @4000609d52201bf23a6c CHKUSER accepted sender: from >> remote >> <[10.16.1.123]:unknown:75.53.9.111> rcpt <> : sender accepted >> @4000609d522027921aa4 CHKUSER relaying rcpt: from >> remote >> <[10.16.1.123]:unknown:75.53.9.111> rcpt : client >> allowed to relay >> @4000609d52202792265c policy_check: local bbaez -> remote >> benba...@gmail.com (AUTHENTICATED SENDER) >> @4000609d522027922a44 policy_check: policy allows transmission >> @4000609d52202925ce4c qmail-smtpd: qq soft reject (mail server >> temporarily rejected message (#4.3.0)): MAILFROM: >> RCPTTO:benba...@gmail.com >> @4000609d52230a71f14c tcpserver: end 1598 status 0 >> @4000609d52230a71f91c tcpserver: status: 0/100 >> >> [root@mta01 ~]# tail -f cat /var/log/maillog >> May 13 09:21:15 mta01 spamdyke[1592]: >> ERROR(load_resolver_file()@search_fs.c:753): invalid/unparsable nameserver >> found: 2600:1700:4a30:5b40::1 >> May 13 09:21:42 mta01 vpopmail[1599]: vchkpw-submission: (CRAM-MD5) login >> success bb...@biospectra.com:75.53.9.111 >> >> I don't think the IPv6 error is related but including it. >> >> Thanks! >> >> >> >
Re: [qmailtoaster] Fwd: qq soft reject after updating packages end of March 2021
Thank you Jeff and Remo for the tips. Do I have the wrong clam installed? I am trying to stay vanilla to qmailtoaster. I am thinking something is wrong with the packages that are installed. [root@mta01 system]# yum search clam Loaded plugins: fastestmirror, priorities Loading mirror speeds from cached hostfile * base: mirror.sfo12.us.leaseweb.net * epel: mirror.sfo12.us.leaseweb.net * extras: mirrors.ocf.berkeley.edu * updates: sjc.edge.kernel.org 20 packages excluded due to repository priority protections === N/S matched: clam === clamav.x86_64 : End-user tools for the Clam Antivirus scanner clamav-data.noarch : Virus signature data for the Clam Antivirus scanner clamav-devel.x86_64 : Header files and libraries for the Clam Antivirus scanner clamav-filesystem.noarch : Filesystem structure for clamav clamav-lib.x86_64 : Dynamic libraries for the Clam Antivirus scanner clamav-milter.x86_64 : Milter module for the Clam Antivirus scanner clamav-unofficial-sigs.noarch : Scripts to download unofficial clamav signatures clamav-update.x86_64 : Auto-updater for the Clam Antivirus scanner data-files clamd.x86_64 : The Clam AntiVirus Daemon clamsmtp.x86_64 : A SMTP virus scanning system Name and summary matches only, use "search all" for everything. [root@mta01 system]# rpm -qa | grep clam clamav-update-0.103.2-1.el7.x86_64 clamd-0.103.2-1.el7.x86_64 clamav-filesystem-0.103.2-1.el7.noarch clamav-0.103.2-1.el7.x86_64 clamav-lib-0.103.2-1.el7.x86_64 [root@mta01 system]# ls /etc/yum.repos.d/ CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo epel.repo qmt-mirrorlist-current qmt-mirrorlist-testing CentOS-CR.repoCentOS-fasttrack.repo CentOS-Sources.repo CentOS-x86_64-kernel.repo epel-testing.repo qmt-mirrorlist-development qmt.repo On Thu, May 13, 2021 at 5:53 PM Jeff Koch wrote: > Clamd runs quite differently when the epel version is installed > > daemon is controlled with: > > systemctl status clamd@scan > > and to get better logging > > Add SIMSCAN_DEBUG="5" to /etc/tcprules.d/tcp.smtp as in: > > > :allow,SIMSCAN_DEBUG="5",BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="25" > > The you'll see detailed clamdscan logging in /var/log/qmail/smtp and > submission but make sure clamdscan is running > > systemctl status clamd@scan > > we got qq soft-rejects when the kernel ran out of memory and clamav has > stopped. We found an entry in /var/log/messages: > > Nov 18 15:10:13 machine kernel: Out of memory: Kill process 803 (clamd) > score 165 or sacrifice child > > > Jeff > > On 5/13/2021 4:16 PM, Benjamin Baez wrote: > > I forgot to revisit that. I noticed that clamd never came back up after > the update. Is there a different log now? > > [root@mta01 ~]# cat /var/log/clamd/clamd.log > Sat Mar 27 11:23:30 2021 -> SelfCheck: Database status OK. > Sat Mar 27 11:33:30 2021 -> SelfCheck: Database status OK. > Sat Mar 27 11:43:30 2021 -> SelfCheck: Database status OK. > Sat Mar 27 11:53:31 2021 -> SelfCheck: Database status OK. > Sat Mar 27 11:56:20 2021 -> Waiting for all threads to finish > Sat Mar 27 11:56:23 2021 -> Shutting down the main socket. > Sat Mar 27 11:56:23 2021 -> ERROR: Can't unlink the pid file > /var/run/clamav/clamd.pid > Sat Mar 27 11:56:23 2021 -> --- Stopped at Sat Mar 27 11:56:23 2021 > Sat Mar 27 11:56:23 2021 -> Closing the main socket. > Sat Mar 27 11:56:23 2021 -> Socket file removed. > > [root@mta01 ~]# toaststat > > Status of toaster services > send: up (pid 32338) 15907 seconds > smtp: up (pid 32335) 15907 seconds > submission: up (pid 32336) 15907 seconds > send/log: up (pid 32340) 15907 seconds > smtp/log: up (pid 32339) 15907 seconds > submission/log: up (pid 32337) 15907 seconds > > systemd service: clamav-freshclam: [ OK ] > systemd service:spamd: [ OK ] > systemd service: dovecot: [ OK ] > systemd service: mariadb: [ OK ] > systemd service:httpd: [ OK ] > systemd service:named: [ OK ] > systemd service: ntpd: [ OK ] > systemd service: sshd: [ OK ] > systemd service: network: [ OK ] > systemd service:crond: [ OK ] > systemd service:acpid: [ OK ] > systemd service: atd: [ OK ] > systemd service:
Re: [qmailtoaster] qq soft reject after updating packages end of March 2021
mta01 systemd: clamd@scan.service holdoff time over,
scheduling restart.
May 13 13:35:29 mta01 systemd: Cannot add dependency job for unit
clamav-daemon.socket, ignoring: Unit not found.
May 13 13:35:29 mta01 systemd: Stopped clamd scanner (scan) daemon.
May 13 13:35:29 mta01 systemd: Starting clamd scanner (scan) daemon...
May 13 13:35:29 mta01 clamd[14265]: Received 0 file descriptor(s) from
systemd.
May 13 13:35:29 mta01 clamd[14265]: Please define server type (local and/or
TCP).
May 13 13:35:29 mta01 clamd: ERROR: Please define server type (local and/or
TCP).
May 13 13:35:29 mta01 systemd: clamd@scan.service: control process exited,
code=exited status=1
May 13 13:35:29 mta01 systemd: Failed to start clamd scanner (scan) daemon.
May 13 13:35:29 mta01 systemd: Unit clamd@scan.service entered failed state.
May 13 13:35:29 mta01 systemd: clamd@scan.service failed.
May 13 13:35:29 mta01 systemd: clamd@scan.service holdoff time over,
scheduling restart.
May 13 13:35:29 mta01 systemd: Cannot add dependency job for unit
clamav-daemon.socket, ignoring: Unit not found.
May 13 13:35:29 mta01 systemd: Stopped clamd scanner (scan) daemon.
May 13 13:35:29 mta01 systemd: start request repeated too quickly for
clamd@scan.service
May 13 13:35:29 mta01 systemd: Failed to start clamd scanner (scan) daemon.
May 13 13:35:29 mta01 systemd: Unit clamd@scan.service entered failed state.
May 13 13:35:29 mta01 systemd: clamd@scan.service failed.
^C
I found the following in a 2018 thread, Re: [qmailtoaster] Clamav service
is not running on Centos 7 (mail-archive.com)
<https://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg41236.html>
Do I manually add those units? I created them from the above thread, but
wasn't sure if they should have been there from some package so did not
copy them to systemd.
[root@mta01 ~]# cat clamav-daemon.service
[Unit]
Description=Clam AntiVirus userspace daemon
Documentation=man:clamd(8) man:clamd.conf(5)
https://www.clamav.net/documents/
Requires=clamav-daemon.socket
# Check for database existence
ConditionPathExistsGlob=/var/lib/clamav/main.{c[vl]d,inc}
ConditionPathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc}
[Service]
ExecStart=/usr/sbin/clamd --foreground=true
# Reload the database
ExecReload=/bin/kill -USR2 $MAINPID
StandardOutput=syslog
Restart = on-failure
[Install]
WantedBy=multi-user.target
Also=clamav-daemon.socket
[root@mta01 ~]# cat clamav-daemon.socket
[Unit]
Description=Socket for Clam AntiVirus userspace daemon
Documentation=man:clamd(8) man:clamd.conf(5)
https://www.clamav.net/documents/
# Check for database existence
ConditionPathExistsGlob=/var/lib/clamav/main.{c[vl]d,inc}
ConditionPathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc}
[Socket]
ListenStream=/run/clamav/clamd.ctl
#ListenStream=127.0.0.1:1024
SocketUser=clamav
SocketGroup=clamav
RemoveOnStop=True
[Install]
WantedBy=sockets.target
Thanks for the help
On Thu, May 13, 2021 at 1:23 PM Remo Mattei wrote:
> Looks like it is clamd can you check the systemctl status ?
> systemctl status clamd@scan.service
> ● clamd@scan.service - clamd scanner (scan) daemon
>Loaded: loaded (/usr/lib/systemd/system/clamd@.service; enabled;
> vendor preset: disabled)
>Active: active (running) since Fri 2021-04-30 22:08:48 PDT; 1 weeks 5
> days ago
> Docs: man:clamd(8)
>man:clamd.conf(5)
>https://www.clamav.net/documents/
> Main PID: 12158 (clamd)
>CGroup: /system.slice/system-clamd.slice/clamd@scan.service
>└─12158 /usr/sbin/clamd -c /etc/clamd.d/scan.con
>
>
> On May 13, 2021, at 13:16, Benjamin Baez wrote:
>
> I forgot to revisit that. I noticed that clamd never came back up after
> the update. Is there a different log now?
>
> [root@mta01 ~]# cat /var/log/clamd/clamd.log
> Sat Mar 27 11:23:30 2021 -> SelfCheck: Database status OK.
> Sat Mar 27 11:33:30 2021 -> SelfCheck: Database status OK.
> Sat Mar 27 11:43:30 2021 -> SelfCheck: Database status OK.
> Sat Mar 27 11:53:31 2021 -> SelfCheck: Database status OK.
> Sat Mar 27 11:56:20 2021 -> Waiting for all threads to finish
> Sat Mar 27 11:56:23 2021 -> Shutting down the main socket.
> Sat Mar 27 11:56:23 2021 -> ERROR: Can't unlink the pid file
> /var/run/clamav/clamd.pid
> Sat Mar 27 11:56:23 2021 -> --- Stopped at Sat Mar 27 11:56:23 2021
> Sat Mar 27 11:56:23 2021 -> Closing the main socket.
> Sat Mar 27 11:56:23 2021 -> Socket file removed.
>
> [root@mta01 ~]# toaststat
>
> Status of toaster services
> send: up (pid 32338) 15907 seconds
> smtp: up (pid 32335) 15907 seconds
> submission: up (pid 32336) 15907 seconds
> send/log: up (pid 32340) 15907 seconds
> smtp/log: up (pid 32339) 15907 seconds
> submission/log: up (pid 32337) 15907 seconds
>
> systemd service: clamav-freshclam: [ OK ]
> systemd service:
Re: [qmailtoaster] Fwd: qq soft reject after updating packages end of March 2021
I forgot to revisit that. I noticed that clamd never came back up after the update. Is there a different log now? [root@mta01 ~]# cat /var/log/clamd/clamd.log Sat Mar 27 11:23:30 2021 -> SelfCheck: Database status OK. Sat Mar 27 11:33:30 2021 -> SelfCheck: Database status OK. Sat Mar 27 11:43:30 2021 -> SelfCheck: Database status OK. Sat Mar 27 11:53:31 2021 -> SelfCheck: Database status OK. Sat Mar 27 11:56:20 2021 -> Waiting for all threads to finish Sat Mar 27 11:56:23 2021 -> Shutting down the main socket. Sat Mar 27 11:56:23 2021 -> ERROR: Can't unlink the pid file /var/run/clamav/clamd.pid Sat Mar 27 11:56:23 2021 -> --- Stopped at Sat Mar 27 11:56:23 2021 Sat Mar 27 11:56:23 2021 -> Closing the main socket. Sat Mar 27 11:56:23 2021 -> Socket file removed. [root@mta01 ~]# toaststat Status of toaster services send: up (pid 32338) 15907 seconds smtp: up (pid 32335) 15907 seconds submission: up (pid 32336) 15907 seconds send/log: up (pid 32340) 15907 seconds smtp/log: up (pid 32339) 15907 seconds submission/log: up (pid 32337) 15907 seconds systemd service: clamav-freshclam: [ OK ] systemd service:spamd: [ OK ] systemd service: dovecot: [ OK ] systemd service: mariadb: [ OK ] systemd service:httpd: [ OK ] systemd service:named: [ OK ] systemd service: ntpd: [ OK ] systemd service: sshd: [ OK ] systemd service: network: [ OK ] systemd service:crond: [ OK ] systemd service:acpid: [ OK ] systemd service: atd: [ OK ] systemd service: autofs: [ OK ] systemd service: smartd: [ OK ] systemd service: irqbalance: [ OK ] On Thu, May 13, 2021 at 1:03 PM Jeff Koch wrote: > Did you check the clamav log? > > Jeff > > On 5/13/2021 12:30 PM, Benjamin Baez wrote: > > > Hi, > > How do I troubleshoot this further? In the past it would be something to > do with clamav or simscan, but don't have a lead this time. > > [root@mta01 ~]# tail -f /var/log/qmail/submission/current > @4000609d4c9217d2d2d4 tcpserver: status: 0/100 > @4000609d52200e3031cc tcpserver: status: 1/100 > @4000609d52200e39615c tcpserver: pid 1598 from 75.53.9.111 > @4000609d52200e3a920c tcpserver: ok 1598 > mta01.biospectra.com:75.53.9.76:587 > :75.53.9.111::61177 > @4000609d52201bf23a6c CHKUSER accepted sender: from > remote > <[10.16.1.123]:unknown:75.53.9.111> rcpt <> : sender accepted > @4000609d522027921aa4 CHKUSER relaying rcpt: from > remote > <[10.16.1.123]:unknown:75.53.9.111> rcpt : client > allowed to relay > @4000609d52202792265c policy_check: local bbaez -> remote > benba...@gmail.com (AUTHENTICATED SENDER) > @4000609d522027922a44 policy_check: policy allows transmission > @4000609d52202925ce4c qmail-smtpd: qq soft reject (mail server > temporarily rejected message (#4.3.0)): MAILFROM: > RCPTTO:benba...@gmail.com > @4000609d52230a71f14c tcpserver: end 1598 status 0 > @4000609d52230a71f91c tcpserver: status: 0/100 > > [root@mta01 ~]# tail -f cat /var/log/maillog > May 13 09:21:15 mta01 spamdyke[1592]: > ERROR(load_resolver_file()@search_fs.c:753): invalid/unparsable nameserver > found: 2600:1700:4a30:5b40::1 > May 13 09:21:42 mta01 vpopmail[1599]: vchkpw-submission: (CRAM-MD5) login > success bb...@biospectra.com:75.53.9.111 > > I don't think the IPv6 error is related but including it. > > Thanks! > > >
[qmailtoaster] Fwd: qq soft reject after updating packages end of March 2021
Hi, How do I troubleshoot this further? In the past it would be something to do with clamav or simscan, but don't have a lead this time. [root@mta01 ~]# tail -f /var/log/qmail/submission/current @4000609d4c9217d2d2d4 tcpserver: status: 0/100 @4000609d52200e3031cc tcpserver: status: 1/100 @4000609d52200e39615c tcpserver: pid 1598 from 75.53.9.111 @4000609d52200e3a920c tcpserver: ok 1598 mta01.biospectra.com:75.53.9.76:587 :75.53.9.111::61177 @4000609d52201bf23a6c CHKUSER accepted sender: from remote <[10.16.1.123]:unknown:75.53.9.111> rcpt <> : sender accepted @4000609d522027921aa4 CHKUSER relaying rcpt: from remote <[10.16.1.123]:unknown:75.53.9.111> rcpt : client allowed to relay @4000609d52202792265c policy_check: local bbaez -> remote benba...@gmail.com (AUTHENTICATED SENDER) @4000609d522027922a44 policy_check: policy allows transmission @4000609d52202925ce4c qmail-smtpd: qq soft reject (mail server temporarily rejected message (#4.3.0)): MAILFROM: RCPTTO:benba...@gmail.com @4000609d52230a71f14c tcpserver: end 1598 status 0 @4000609d52230a71f91c tcpserver: status: 0/100 [root@mta01 ~]# tail -f cat /var/log/maillog May 13 09:21:15 mta01 spamdyke[1592]: ERROR(load_resolver_file()@search_fs.c:753): invalid/unparsable nameserver found: 2600:1700:4a30:5b40::1 May 13 09:21:42 mta01 vpopmail[1599]: vchkpw-submission: (CRAM-MD5) login success bb...@biospectra.com:75.53.9.111 I don't think the IPv6 error is related but including it. Thanks!
