|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Question about postfix amavisd-n clamav with Suse 9.1
From: Martijn (linux
applica.nl)
Date: Mon Jan 03 2005 - 07:33:20 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Voytek wrote:
><quote who="Matt">
>
>
>>Martijn wrote:
>>
>>
>>
>>>>You configured clamav to listen on an inet-socket. Amavisd looks for a
>>>>
>>>>unix-socket.
>>>>
>>>>
>>>>
>>>This is my problem :( what file should I use.. how to recognize a
>>>unix-socket? The stupid thing is that although I've been searching
>>>further I find only the same problems but no info that can help me
>>>further..
>>>
>>>
>
>I've done it like this in clamd.conf:
>enable loclasocket, disable tcpip socket
>the local socket has to match amavisd.conf
>-------------
># Path to a local socket file the daemon will listen on.
># Default: disabled
>#LocalSocket /var/run/clamav/clamd.sock
>LocalSocket /var/run/clamav/clamd
>
># Remove stale socket after unclean shutdown.
># Default: disabled
>FixStaleSocket
>
># TCP port address.
># Default: disabled
># TCPSocket 3310
>
># TCP address.
># By default we bind to INADDR_ANY, probably not wise.
># Enable the following to provide some degree of protection
># from the outside world.
># Default: disabled
>TCPAddr 127.0.0.1
>----------------------
>
># grep clamd amavisd.conf
>['ClamAV-clamd',
> \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
># # NOTE: run clamd under the same user as amavisd; match the socket
>
>
>hth,
>
>
>
Thank you for your reply. Last Friday I changed my files as follows:
* clamd.conf:
PidFile /var/lib/clamav/clamd.pid
TemporaryDirectory /tmp
LocalSocket /var/lib/clamav/clamd-socket
FixStaleSocket
* amavisd.conf:
['Clam Antivirus-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/lib/clamav/clamd-socket"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
* main.cf:
content_filter = smtp:[127.0.0.1]:10024
When I send a email from another domain to this configuration and check
the email log I see this, (it looks correct to me except for this
error: Jan 3 14:11:14 server postfix/smtp[4398]: connect to
localhost[::1]: Connection refused (port 10024):
Jan 3 14:11:14 server1 postfix/smtpd[4394]: connect from
localhost[127.0.0.1]
Jan 3 14:11:14 server1 postfix/smtpd[4394]: A431215FC7:
client=localhost[127.0.0.1]
Jan 3 14:11:14 server1 postfix/cleanup[4397]: A431215FC7:
message-id=<41D9445B.8000403test1.nl>
Jan 3 14:11:14 server1 postfix/qmgr[3725]: A431215FC7:
from=<fromtest1.nl>, size=1636, nrcpt=1 (queue active)
Jan 3 14:11:14 server1 postfix/smtpd[4394]: disconnect from
localhost[127.0.0.1]
Jan 3 14:11:14 server1 postfix/smtp[4398]: connect to localhost[::1]:
Connection refused (port 10024)
Jan 3 14:11:14 server1 amavis[3858]: (03858-01) ESMTP::10024
/var/spool/amavis/tmp/amavis-20050103T141114-03858: <fromtest1.nl> ->
<totest.nl> Received: SIZE=1636 BODY=7BIT from server.test.nl
([127.0.0.1]) by localhost (server [127.0.0.1]) (amavisd-new, port
10024) with ESMTP id 03858-01 for <totest.nl>; Mon, 3 Jan 2005
14:11:14 +0100 (CET)
Jan 3 14:11:14 server1 amavis[3858]: (03858-01) Checking:
<fromtest1.nl> -> <totest.nl>
Jan 3 14:11:15 server1 clamd[3940]: Reading databases from /var/lib/clamav
Jan 3 14:11:15 server1 clamd[3940]: Database correctly reloaded (29049
viruses)
Jan 3 14:11:15 server1 amavis[3858]: (03858-01) spam_scan: hits=0 tests=
Jan 3 14:11:15 server1 amavis[3858]: (03858-01) FWD via SMTP:
[127.0.0.1]:10025 <fromtest1.nl> -> <totest.nl>
Jan 3 14:11:15 server1 postfix/smtpd[4401]: connect from
localhost[127.0.0.1]
Jan 3 14:11:15 server1 postfix/smtpd[4401]: 770BC1C4F1:
client=localhost[127.0.0.1]
Jan 3 14:11:15 server1 postfix/cleanup[4397]: 770BC1C4F1:
message-id=<41D9445B.8000403test1.nl>
Jan 3 14:11:15 server1 postfix/smtpd[4401]: disconnect from
localhost[127.0.0.1]
Jan 3 14:11:15 server1 postfix/qmgr[3725]: 770BC1C4F1:
from=<fromtest1.nl>, size=2111, nrcpt=1 (queue active)
Jan 3 14:11:15 server1 amavis[3858]: (03858-01) Passed, <fromtest1.nl>
-> <totest.nl>, Message-ID: <41D9445B.8000403test1.nl>, Hits: 0
Jan 3 14:11:15 server1 amavis[3858]: (03858-01) TIMING [total 790 ms] -
SMTP EHLO: 2 (0%), SMTP pre-MAIL: 0 (0%), mkdir tempdir: 0 (0%), create
email.txt: 1 (0%), SMTP pre-DATA-flush: 4 (0%), SMTP DATA: 38 (5%), body
hash: 1 (0%), mkdir parts: 1 (0%), mime_decode: 15 (2%), get-file-type:
93 (12%), decompose_part: 2 (0%), parts: 0 (0%), AV-scan-1: 2 (0%), SA
msg read: 2 (0%), SA parse: 2 (0%), SA check: 550 (70%), fwd-connect: 18
(2%), fwd-mail-from: 1 (0%), fwd-rcpt-to: 4 (0%), write-header: 4 (1%),
fwd-data: 0 (0%), fwd-data-end: 43 (5%), fwd-rundown: 2 (0%),
unlink-1-files: 6 (1%), rundown: 0 (0%)
Jan 3 14:11:15 server1 postfix/smtp[4398]: A431215FC7: to=<totest.nl>,
relay=localhost[127.0.0.1], delay=1, status=sent (250 2.6.0 Ok,
id=03858-01, from MTA: 250 Ok: queued as 770BC1C4F1)
Jan 3 14:11:15 server1 postfix/qmgr[3725]: A431215FC7: removed
Jan 3 14:11:15 server1 postfix/lmtp[4403]: 770BC1C4F1: to=<totest.nl>,
relay=public/lmtp[public/lmtp], delay=0, status=sent (250 2.1.5 Ok)
Jan 3 14:11:15 server1 postfix/qmgr[3725]: 770BC1C4F1: removed
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]