[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

New - problems with amavis-new and clamav on Centos 6.3



I hope I have come to the right place for help. My travails have been reported on the Centos list...

I am setting up a mailserver on Centos 6.3.  I am guided by two Howtos:

http://www.campworld.net/thewiki/pmwiki.php/LinuxServersCentOS/Cent6VirtMailServer
and
http://wiki.centos.org/HowTos/Amavisd

The former I used for setting up Postfix/mysql/postfixadmin/dovecot/Roundcube for basic mail handling.

The later I used for the anti-stuff, but instead of using the rpms from rpmforge, I used the epel rpms, so here I am with my problems.

It looks like a permissions problem; at least that is what I am seeing in maillog. I am using the test messages shown in sec 4 of the amavisd howto pointed to above:

Jan 30 14:14:10 test1 postfix/pickup[6682]: DA8082A099B: uid=0 from=<root>
Jan 30 14:14:10 test1 postfix/cleanup[6773]: DA8082A099B: message-id=<20130130191410 DA8082A099B test1 test htt-consult com> Jan 30 14:14:10 test1 postfix/qmgr[6683]: DA8082A099B: from=<root test1 test htt-consult com>, size=446, nrcpt=1 (queue active) Jan 30 14:14:11 test1 amavis[6756]: (06756-01) LMTP::10024 /var/spool/amavisd/tmp/amavis-20130130T141411-06756: <root test1 test htt-consult com> -> <faxit test htt-consult com> SIZE=446 Received: from test1.test.htt-consult.com ([127.0.0.1]) by localhost (test1.test.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP for <faxit test htt-consult com>; Wed, 30 Jan 2013 14:14:11 -0500 (EST) Jan 30 14:14:11 test1 amavis[6756]: (06756-01) Checking: 95-+1-aqz4Cb <root test1 test htt-consult com> -> <faxit test htt-consult com> Jan 30 14:14:11 test1 amavis[6756]: (06756-01) (!)run_av (ClamAV-clamd) FAILED - unexpected , output="/var/spool/amavisd/tmp/amavis-20130130T141411-06756/parts: lstat() failed: Permission denied. ERROR\n" Jan 30 14:14:11 test1 amavis[6756]: (06756-01) (!)ClamAV-clamd av-scanner FAILED: CODE(0x9fff7b8) unexpected , output="/var/spool/amavisd/tmp/amavis-20130130T141411-06756/parts: lstat() failed: Permission denied. ERROR\n" at (eval 100) line 594. Jan 30 14:14:11 test1 amavis[6756]: (06756-01) (!!)WARN: all primary virus scanners failed, considering backups Jan 30 14:14:21 test1 amavis[6756]: (06756-01) Blocked INFECTED (Eicar-Test-Signature), <root test1 test htt-consult com> -> <faxit test htt-consult com>, Message-ID: <20130130191410 DA8082A099B test1 test htt-consult com>, mail_id: 95-+1-aqz4Cb, Hits: -, size: 446, 10352 ms Jan 30 14:14:21 test1 postfix/lmtp[6777]: DA8082A099B: to=<faxit test htt-consult com>, relay=127.0.0.1[127.0.0.1]:10024, delay=11, delays=0.19/0.01/0.01/10, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=06756-01 - INFECTED: Eicar-Test-Signature)
Jan 30 14:14:21 test1 postfix/qmgr[6683]: DA8082A099B: removed

Jan 30 14:18:37 test1 postfix/pickup[6682]: 6E6342A099C: uid=0 from=<root>
Jan 30 14:18:37 test1 postfix/cleanup[6807]: 6E6342A099C: message-id=<GTUBE1 1010101 example net> Jan 30 14:18:37 test1 postfix/qmgr[6683]: 6E6342A099C: from=<root test1 test htt-consult com>, size=947, nrcpt=1 (queue active) Jan 30 14:18:37 test1 amavis[6755]: (06755-01) LMTP::10024 /var/spool/amavisd/tmp/amavis-20130130T141837-06755: <root test1 test htt-consult com> -> <faxit test htt-consult com> SIZE=947 Received: from test1.test.htt-consult.com ([127.0.0.1]) by localhost (test1.test.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP for <faxit test htt-consult com>; Wed, 30 Jan 2013 14:18:37 -0500 (EST) Jan 30 14:18:37 test1 amavis[6755]: (06755-01) Checking: iVLEI2wVyvfc <root test1 test htt-consult com> -> <faxit test htt-consult com> Jan 30 14:18:37 test1 amavis[6755]: (06755-01) (!)run_av (ClamAV-clamd) FAILED - unexpected , output="/var/spool/amavisd/tmp/amavis-20130130T141837-06755/parts: lstat() failed: Permission denied. ERROR\n" Jan 30 14:18:37 test1 amavis[6755]: (06755-01) (!)ClamAV-clamd av-scanner FAILED: CODE(0x9fff7b8) unexpected , output="/var/spool/amavisd/tmp/amavis-20130130T141837-06755/parts: lstat() failed: Permission denied. ERROR\n" at (eval 100) line 594. Jan 30 14:18:37 test1 amavis[6755]: (06755-01) (!!)WARN: all primary virus scanners failed, considering backups Jan 30 14:19:01 test1 amavis[6755]: (06755-01) Blocked SPAM, <root test1 test htt-consult com> -> <faxit test htt-consult com>, Message-ID: <GTUBE1 1010101 example net>, mail_id: iVLEI2wVyvfc, Hits: 1005.069, size: 947, 23998 ms Jan 30 14:19:01 test1 postfix/lmtp[6811]: 6E6342A099C: to=<faxit test htt-consult com>, relay=127.0.0.1[127.0.0.1]:10024, delay=24, delays=0.13/0.01/0.01/24, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=06755-01 - SPAM)
Jan 30 14:19:01 test1 postfix/qmgr[6683]: 6E6342A099C: removed

Note the permissions denied above. I am really unsure of how clamav is running. The howto references a userid of clamav, but the rpm from epel sets up a user of clam and that is what I believe I have adjusted for. Then there are the conf files:

/etc/clamd.conf
/etc/clamd.d/amavisd.conf
/etc/amavisd.conf

Getting the .pid and .sock for clam all correct for these three took a bit. One would think that since they came from the same repo, things would line up better. I *believe* that clamd is running under userid clam and I have added clam to the amavis group.

So I hope I have come to the right place that can help me get this working.

thank you




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]