Hello all,
a few days ago we migrated our old Amavis Servers to new ones. I was monitoring the logs if everything works fine. The new servers are almost the same, just a new operating system (old: SLES10SP2(physical machine) new:SLES11SP1(virtual machine)) with new packages (old: amavisd-new-2.3.3-17.2 new: amavisd-new-2.6.4-28.1). amavisd.conf was simply copied to the new server. Everything went fine but I found this "error" in the logs which weren't there at the old one. May 27 12:55:21 Servername amavis[15793]: (15793-19) smtp session rundown stale sessions, idle 271.3 s, smtp:[IPADDRESS]:10025, state ehlo. Port 10025 is the port we're sending back scanned mails to postfix. Idle times for a stale session are also quite random ranging from ~20s to >3000s. I looked if mails weren't transmitted correctly but it seems that's no problem: May 27 13:03:06 Servername amavis[17700]: (17700-02) smtp session rundown, sending QUIT May 27 13:03:06 Servername amavis[17700]: (17700-02) smtp session rundown, closing session smtp:[IPADDRESS]:10025 Then I looked if TCP connections were handled correctly, but that's also fine. If a connection is closed by the application it's also closed by the OS...(at least as far as I could see(netstat)) I googled it but I haven't found anything useful for this problem(if it even is one). Now I would like to ask you about your opinion, could this be a problem? Or is it something I won't have to worry about? Kind regards Timo Buettner Our amavisd.conf: use strict; $max_servers = 25; # number of pre-forked children (2..15 is common) $daemon_user = 'vscan'; $daemon_group = 'vscan'; $mydomain = 'ekom21.de'; # a convenient default for other settings $MYHOME = '/var/spool/amavis'; $TEMPBASE = "$MYHOME/tmp"; # working directory, needs to be created manually $ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR $QUARANTINEDIR = undef; @local_domains_maps = (read_hash( "/var/spool/amavis/dom2.txt" )); @mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10 {several IP-Addresses} ); @inet_acl = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10 {several IP-Addresses} ); $log_level = 5; # verbosity 0..5 $log_recip_templ = undef; # disable by-recipient level-0 log entries $DO_SYSLOG = 1; # log via syslogd (preferred) $SYSLOG_LEVEL = 'mail.debug'; $enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny) $enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1 $inet_socket_port = [10024,20024,30024]; # listen on this local TCP port(s) (see $protocol) $inet_socket_bind = '*'; $log_level = 3; # verbosity 0..5 $log_recip_templ = undef; # disable by-recipient level-0 log entries $DO_SYSLOG = 1; # log via syslogd (preferred) $SYSLOG_LEVEL = 'mail.debug'; $enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny) $enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1 $unix_socketname = "$MYHOME/amavisd.sock"; # when using sendmail milter $sa_tag_level_deflt = -20.0; # add spam info headers if at, or above that level $sa_tag2_level_deflt = 6.31; # angepasst von 5.0 $sa_kill_level_deflt = 6.31; # war 6.31 triggers spam evasive actions - nicht anfassen $sa_dsn_cutoff_level = 9.0; # war 9.0 spam level beyond which a DSN is not sent $sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger $sa_local_tests_only = 0; # only tests which do not require internet access? $sa_auto_whitelist = 1; # turn on AWL in SA 2.63 or older (irrelevant # for SA 3.0, cf option is 'use_auto_whitelist') $mailfrom_notify_admin = "virusalert\@$mydomain"; # notifications sender $mailfrom_notify_recip = "virusalert\@$mydomain"; # notifications sender $mailfrom_notify_spamadmin = "spam.police\@$mydomain"; # notifications sender $mailfrom_to_quarantine = ''; # null return path; uses original sender if undef @addr_extension_virus_maps = ('virus'); @addr_extension_spam_maps = ('spam'); @addr_extension_banned_maps = ('banned'); @addr_extension_bad_header_maps = ('badh'); $path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin'; $MAXLEVELS = 14; $MAXFILES = 1500; $MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced) $MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced) $sa_spam_subject_tag = 'xxxSPAMxxx'; $defang_virus = 1; # MIME-wrap passed infected mail $defang_banned = 1; # MIME-wrap passed mail containing banned name $myhostname = 'assmtp01.intern.ekom21.de'; $notify_method = 'smtp:*:10025'; # set to undef with milter! $forward_method = 'smtp:*:10025'; # set to undef with milter! $final_virus_destiny = D_REJECT; $final_banned_destiny = D_REJECT; $final_spam_destiny = D_REJECT; $interface_policy{'20024'} = 'VSCAN'; $interface_policy{'30024'} = 'TAGGING'; $policy_bank{'VSCAN'} = { # mail originating from @mynetworks bypass_spam_checks_maps => [1], # or: don't spam-check internal mail }; $policy_bank{'TAGGING'} = { # mail originating from @mynetworks spam_kill_level_maps => [9999], }; @viruses_that_fake_sender_maps = (new_RE( [qr/^/ => 1], # true for everything else )); @keep_decoded_original_maps = (new_RE( qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i, )); $banned_filename_re = new_RE( # block certain double extensions anywhere in the base name qr'^application/x-msdownload$'i, # block these MIME types qr'^application/x-msdos-program$'i, qr'^application/hta$'i, [ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within such archives qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic qr'^\.(exe-ms)$', # banned file(1) types );