I tried to implement the 0.95 release on my platforms (Solaris 9, sendmail). Everything seems to work but the new clamav-milter, which crashes every time I test it by sending a virus attached to a mail (no message into the log file).
The error sendmail is reporting is: milter_read(clmilter): cmd read returned 0, expecting 5 Milter (clmilter): to error state It appears as a clamav-milter problem, since the clamav-milter 0.94.2 with the -e switch (external scanner) using clamd version 0.95 is currently working as usual. Also, when clamav-milter 0.95 is running, the clmilter_watch is unable to speak through the unix socket (timeout), nor the clamdwatch is able to contact it, giving the error: Clamd is in an unknown state. It returned: My clamav-milter.conf file is: ## ## Example config file for clamav-milter ## # Comment or remove the line below. # Example ## ## Main options ## # Define the interface through which we communicate with sendmail # This option is mandatory! Possible formats are: # [[unix|local]:]/path/to/file - to specify a unix domain socket # inet:p...@[hostname|ip-address] - to specify an ipv4 socket # inet6:p...@[hostname|ip-address] - to specify an ipv6 socket # # Default: no default #MilterSocket /tmp/clamav-milter.socket MilterSocket /var/run/clamav/clmilter.sock #MilterSocket inet:7357 # Remove stale socket after unclean shutdown. # # Default: yes #FixStaleSocket yes # Run as another user (clamav-milter must be started by root for this option to work) # # Default: unset (don't drop privileges) User clamav # Initialize supplementary group access (clamav-milter must be started by root). # # Default: no #AllowSupplementaryGroups no # Waiting for data from clamd will timeout after this time (seconds). # Value of 0 disables the timeout. # # Default: 120 #ReadTimeout 300 # Don't fork into background. # # Default: no #Foreground yes # Chroot to the specified directory. # Chrooting is performed just after reading the config file and before dropping privileges. # # Default: unset (don't chroot) #Chroot /newroot # This option allows you to save a process identifier of the listening # daemon (main thread). # # Default: disabled #PidFile /var/run/clamav-milter.pid # Optional path to the global temporary directory. # Default: system specific (usually /tmp or /var/tmp). # #TemporaryDirectory /var/tmp ## ## Clamd options ## # Define the clamd socket to connect to for scanning. # This option is mandatory! Syntax: # ClamdSocket unix:path # ClamdSocket tcp:host:port # The first syntax specifies a local unix socket (needs an absolute path) e.g.: # ClamdSocket unix:/var/run/clamd/clamd.socket # The second syntax specifies a tcp local or remote tcp socket: the # host can be a hostname or an ip address; the ":port" field is only required # for IPv6 addresses, otherwise it defaults to 3310 # ClamdSocket tcp:192.168.0.1 # # This option can be repeated several times with different sockets or even # with the same socket: clamd servers will be selected in a round-robin fashion. # # Default: no default #ClamdSocket tcp:scanner.mydomain:7357 ClamdSocket unix:/var/run/clamav/clamd.sock ## ## Exclusions ## # Messages originating from these hosts/networks will not be scanned # This option takes a host(name)/mask pair in CIRD notation and can be # repeated several times. If "/mask" is omitted, a host is assumed. # To specify a locally orignated, non-smtp, email use the keyword "local" # # Default: unset (scan everything regardless of the origin) #LocalNet local #LocalNet 192.168.0.0/24 #LocalNet 1111:2222:3333::/48 # This option specifies a file which contains a list of POSIX regular # expressions. Addresses (sent to or from - see below) matching these regexes # will not be scanned. Optionally each line can start with the string "From:" # or "To:" (note: no whitespace after the colon) indicating if it is, # respectively, the sender or recipient that is to be whitelisted. # If the field is missing, "To:" is assumed. # Lines starting with #, : or ! are ignored. # # Default unset (no exclusion applied) #Whitelist /etc/whitelisted_addresses Whitelist /usr/local/etc/clamd_white ## ## Actions ## # The following group of options controls the delievery process under # different circumstances. # The following actions are available: # - Accept # The message is accepted for delievery # - Reject # Immediately refuse delievery (a 5xx error is returned to the peer) # - Defer # Return a temporary failure message (4xx) to the peer # - Blackhole (not available for OnFail) # Like accept but the message is sent to oblivion # - Quarantine (not available for OnFail) # Like accept but message is quarantined instead of being delivered # In sendmail the quarantine queue can be examined via mailq -qQ # For Postfix this causes the message to be accepted but placed on hold # # Action to be performed on clean messages (mostly useful for testing) # Default Accept #OnClean Accept # Action to be performed on infected messages # Default: Quarantine #OnInfected Quarantine # Action to be performed on error conditions (this includes failure to # allocate data structures, no scanners available, network timeouts, # unknown scanner replies and the like) # Default Defer #OnFail Defer # This option allows to set a specific rejection reason for infected messages # and it's therefore only useful together with "OnInfected Reject" # The string "%v", if present, will be replaced with the virus name. # Default: MTA specific #RejectMsg # If this option is set to Yes, an "X-Virus-Scanned" and an "X-Virus-Status" # headers will be attached to each processed message, possibly replacing # existing headers. # Default: No #AddHeader Yes ## ## Logging options ## # Uncomment this option to enable logging. # LogFile must be writable for the user running daemon. # A full path is required. # # Default: disabled #LogFile /tmp/clamav-milter.log LogFile /var/adm/clamav-milter.log # By default the log file is locked for writing - the lock protects against # running clamav-milter multiple times. # This option disables log file locking. # # Default: no #LogFileUnlock yes # Maximum size of the log file. # Value of 0 disables the limit. # You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes) # and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size # in bytes just don't use modifiers. # # Default: 1M #LogFileMaxSize 2M LogFileMaxSize 10M # Log time with each message. # # Default: no #LogTime yes # Use system logger (can work together with LogFile). # # Default: no #LogSyslog yes # Specify the type of syslog messages - please refer to 'man syslog' # for facility names. # # Default: LOG_LOCAL6 #LogFacility LOG_MAIL LogFacility LOG_MAIL # Enable verbose logging. # # Default: no LogVerbose yes # This option allows to tune what is logged when a message is infected. # Possible values are Off (the default - nothing is logged), # Basic (minimal info logged), Full (verbose info logged) # # Default: disabled #LogInfected Basic LogInfected Full ## ## Limits ## # Messages larger than this value won't be scanned. # Make sure this value is lower or equal than StreamMaxLength in clamd.conf # # Default: 25M #MaxFileSize 10M Also, tracing the running process with truss gives: /4: Incurred fault #6, FLTBOUNDS %pc = 0x00019140 /4: siginfo: SIGSEGV SEGV_MAPERR addr=0x00000000 /4: Received signal #11, SIGSEGV [default] /4: siginfo: SIGSEGV SEGV_MAPERR addr=0x00000000 Any clue? Thanks _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
