Hi
We have a fairly big sendmail+clamav+clamav-milter setup, with 15000+
accounts.
Since last week we are experimenting several errors with this combination.
Tried to upgrade to latest version, with same results, so now we downgraded
to our last "stable" situation, running clamav and milter version 0.83, and
sendmail 8.12.8.
Basically what happens is that clamav-milter dies, and then sendmail starts
to refuse commands.
I believe it is a 3 face thing.
First it is common to see logs like this one, but mail still works:
May 21 05:16:14 smtp sendmail[32374]: j4L8F5qX032374: Milter (clamav): read
returned -1: Connection reset by remote.host.com
May 21 05:16:14 smtp sendmail[32374]: j4L8F5qX032374: Milter (clamav): to
error state
May 21 05:16:14 smtp sendmail[32374]: j4L8F5qX032374: Milter (clamav): init
failed to open
May 21 05:16:14 smtp sendmail[32374]: j4L8F5qX032374: Milter (clamav): to
error state
May 21 05:16:14 smtp sendmail[32374]: j4L8F5qX032374: Milter: initialization
failed, rejecting commands
Some minutes laters, we start to see:
May 21 05:32:01 smtp sendmail[5757]: j4L8R3qX005757: Milter (clamav): error
connecting to filter: Connection refused by /var/clamav/clmilter.socket
May 21 05:32:01 smtp sendmail[5757]: j4L8R3qX005757: Milter (clamav): to
error state
May 21 05:32:01 smtp sendmail[5757]: j4L8R3qX005757: Milter: initialization
failed, rejecting commands
May 21 05:32:01 smtp sendmail[6018]: j4L8RRqX006018: Milter (clamav): error
connecting to filter: Connection refused by /var/clamav/clmilter.socket
May 21 05:32:01 smtp sendmail[6018]: j4L8RRqX006018: Milter (clamav): to
error state
When it finally dies, we see:
May 21 05:55:34 smtp sendmail[16664]: j4L7kBqY016664: Milter (clamav):
write(D) returned -1, expected 5: Broken pipe
May 21 05:55:34 smtp sendmail[16664]: j4L7kBqY016664: Milter (clamav): to
error state
May 21 05:55:34 smtp sendmail[16664]: j4L7kBqY016664: Milter:
[EMAIL PROTECTED], reject=550 5.7.1 Command rejected
May 21 05:55:34 smtp sendmail[18695]: j4L8tYqX018695: Milter (clamav): local
socket name /var/clamav/clmilter.socket unsafe
May 21 05:55:34 smtp sendmail[18695]: j4L8tYqX018695: Milter (clamav): to
error state
May 21 05:55:34 smtp sendmail[18695]: j4L8tYqX018695: Milter: initialization
failed, rejecting commands
At this point, clamav-milter is gone, and the sockets is non existant.
Sendmail accepts connections, but refuses to receive any command.
If we restart clamav-milter, it works again smoothly for about 3-6 hours.
Any clue?
Please let us know what other information might me useful to debug this. The
relevant configuration parts are:
clamd.conf:
PidFile /var/run/clamav/clamd.pid
LocalSocket /var/run/clamav/clamd.sock
/etc/sysconfig/clamav-milter:
CLAMAV_FLAGS="
--config-file=/etc/clamd.conf
--max-children=240
--force-scan
--quiet
--dont-log-clean
--noreject
--dont-scan-on-error
-ol local:/var/clamav/clmilter.socket
/etc/mail/sendmail.cf:
Xclamav, S=local:/var/clamav/clmilter.socket, F=R, T=S:10m;R:10m;E:10m
Thanks.
_______________________________________________
http://lurker.clamav.net/list/clamav-users.html
