Re: [Clamav-devel] 0.98.5-rc1 milter feedback
On Thu, Oct 16, 2014 at 10:29 PM, Michael G. Janicki m.g.j.jani...@gmail.com wrote: On 10/16/2014 07:00 PM, Shawn Webb wrote: Anytime. I'll investigate further tomorrow. Do you have any steps for reproduction? Hmm reproduction is that it just happens. But, here's how I'm running things. clamav-0.98.5-rc1 running as daemon. Postfix 2.11.2 running as daemon and clamav using clamav-milter to communicate with Postfix via Unix socket. (clamav-milter.conf below). clamav-milter is not SUID. It manages to work with Postfix by being a member of the group which can accessthe necessary Postfix files. I've had it working this way for about a year now so I don't think there's anything too strange about the setup. No major changes in the configuration of either ClamAV or Postfix have been made recently. At one point messages were correctly marked with X-Virus-Scanned and X-Virus-Status as dictated by the AddHeader Replace directive in clamav-milter.conf. At some point during the beta development cycle, the headers just stopped being placed into messages. Sorry I can't be more specific as to when it began, but I know it was apparent in 20140905. Thanks again, Shawn. -- Mike Hey Mike, Some stuff came up on Friday, so I wasn't able to take a look at your issue. I'm going to look at it today. Can you post your clamd.conf, too, please? Thanks, Shawn ___ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net http://www.clamav.net/contact.html#ml
Re: [Clamav-devel] 0.98.5-rc1 milter feedback
On Mon, Oct 20, 2014 at 11:08 AM, Shawn Webb sw...@sourcefire.com wrote: On Thu, Oct 16, 2014 at 10:29 PM, Michael G. Janicki m.g.j.jani...@gmail.com wrote: On 10/16/2014 07:00 PM, Shawn Webb wrote: Anytime. I'll investigate further tomorrow. Do you have any steps for reproduction? Hmm reproduction is that it just happens. But, here's how I'm running things. clamav-0.98.5-rc1 running as daemon. Postfix 2.11.2 running as daemon and clamav using clamav-milter to communicate with Postfix via Unix socket. (clamav-milter.conf below). clamav-milter is not SUID. It manages to work with Postfix by being a member of the group which can accessthe necessary Postfix files. I've had it working this way for about a year now so I don't think there's anything too strange about the setup. No major changes in the configuration of either ClamAV or Postfix have been made recently. At one point messages were correctly marked with X-Virus-Scanned and X-Virus-Status as dictated by the AddHeader Replace directive in clamav-milter.conf. At some point during the beta development cycle, the headers just stopped being placed into messages. Sorry I can't be more specific as to when it began, but I know it was apparent in 20140905. Thanks again, Shawn. -- Mike Hey Mike, Some stuff came up on Friday, so I wasn't able to take a look at your issue. I'm going to look at it today. Can you post your clamd.conf, too, please? Thanks, Shawn Don't worry about the clamd.conf. I reproduced your issue and I found out commit 3e0b86d05c5a68664b2202c23316a0b75d5bd6ec caused this bug. I reverted that commit. We'll be pushing out an 0.98.5-rc2 in the near future. Thanks, Shawn ___ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net http://www.clamav.net/contact.html#ml
Re: [Clamav-devel] 0.98.5-rc1 milter feedback
On Mon, Oct 20, 2014 at 11:08 AM, Shawn Webb sw...@sourcefire.com wrote: Don't worry about the clamd.conf. I reproduced your issue and I found out commit 3e0b86d05c5a68664b2202c23316a0b75d5bd6ec caused this bug. I reverted that commit. We'll be pushing out an 0.98.5-rc2 in the near future. Nice work, Shawn. Thanks very much for looking into it and finding a solution so quickly. Have a good one. -- Mike ___ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net http://www.clamav.net/contact.html#ml
Re: [Clamav-devel] 0.98.5-rc1 milter feedback
On 10/16/2014 06:40 PM, Shawn Webb wrote: Does this happen with 0.98? Does not happen with 0.98.4. Does not happen with the original 0.98.5-beta1. Does happen with devel-20140905. Does happen with 0.98.5-rc1. clamav-milter hasn't changed for a few years (other than adding a call to cl_initialize_crypto() in 0.98.5-rc1). That's what I would have thought but things changed somewhere during the beta series. Have a look in and around lines 96-114 or so in clamav-milter/clamfi.c of -rc1. It changed, but I can't see anything that would cause a problem. Thanks for looking into it. -- Mike ___ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net http://www.clamav.net/contact.html#ml
Re: [Clamav-devel] 0.98.5-rc1 milter feedback
On 10/16/2014 07:00 PM, Shawn Webb wrote: Anytime. I'll investigate further tomorrow. Do you have any steps for reproduction? Hmm reproduction is that it just happens. But, here's how I'm running things. clamav-0.98.5-rc1 running as daemon. Postfix 2.11.2 running as daemon and clamav using clamav-milter to communicate with Postfix via Unix socket. (clamav-milter.conf below). clamav-milter is not SUID. It manages to work with Postfix by being a member of the group which can accessthe necessary Postfix files. I've had it working this way for about a year now so I don't think there's anything too strange about the setup. No major changes in the configuration of either ClamAV or Postfix have been made recently. At one point messages were correctly marked with X-Virus-Scanned and X-Virus-Status as dictated by the AddHeader Replace directive in clamav-milter.conf. At some point during the beta development cycle, the headers just stopped being placed into messages. Sorry I can't be more specific as to when it began, but I know it was apparent in 20140905. Thanks again, Shawn. -- Mike clamav-milter.conf -- MilterSocket unix:/var/run/clamav/clamav-milter.socket MilterSocketGroup postfix MilterSocketMode 660 FixStaleSocket yes User clamav AllowSupplementaryGroups yes ReadTimeout 120 Foreground no PidFile /var/run/clamav/clamav-milter.pid TemporaryDirectory /tmp ClamdSocket unix:/var/run/clamav/clamd.socket MaxFileSize 10M OnClean Accept OnInfected Quarantine OnFail Defer AddHeader Replace LogFile /var/log/clamav/clamav-milter.log LogFileMaxSize 2M LogTime yes LogSyslog yes LogFacility LOG_LOCAL6 LogVerbose yes LogRotate yes LogInfected Full LogClean Off SupportMultipleRecipients yes ___ http://lurker.clamav.net/list/clamav-devel.html Please submit your patches to our Bugzilla: http://bugs.clamav.net http://www.clamav.net/contact.html#ml