Amavis trouble with Postfix

Hi,

I changed over from using Exim on my Domain server as I wasn't happy with it.

Now I'm trying to get Amavis working with Spamassassin and ClamAV, so I found a few sites on google however I keep getting errors when Amavis tries to start scanning the email.

Code:

Jul  2 23:16:24 OptiplexGX270T amavis[2891]: (02891-01) (!) /usr/bin/clamscan is taking longer than 315 s and will be killed
Jul  2 23:16:24 OptiplexGX270T amavis[2891]: (02891-01) (!) killing process [3720] running /usr/bin/clamscan
Jul  2 23:16:24 OptiplexGX270T amavis[2890]: (02890-01) (!) /usr/bin/clamscan is taking longer than 315 s and will be killed
Jul  2 23:16:24 OptiplexGX270T amavis[2890]: (02890-01) (!) killing process [3721] running /usr/bin/clamscan
Jul  2 23:16:24 OptiplexGX270T amavis[2890]: (02890-01) (!) run_av: timed out
Jul  2 23:16:24 OptiplexGX270T amavis[2890]: (02890-01) (!!) ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462.
Jul  2 23:16:24 OptiplexGX270T amavis[2890]: (02890-01) (!!) TROUBLE in check_mail: virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.; ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462.
Jul  2 23:16:24 OptiplexGX270T amavis[2890]: (02890-01) (!) PRESERVING EVIDENCE in /var/lib/amavis/tmp/amavis-20080702T231102-02890
Jul  2 23:16:24 OptiplexGX270T amavis[2890]: (02890-01) TIMING [total 322468 ms] - SMTP EHLO: 6 (0%)0, SMTP pre-MAIL: 1 (0%)0, mkdir tempdir: 85 (0%)0, create email.txt: 0 (0%)0, SMTP pre-DATA-flush: 4 (0%)0, SMTP DATA: 7 (0%)0, body_digest: 1 (0%)0, gen_mail_id: 1 (0%)0, mkdir parts: 0 (0%)0, mime_decode: 16 (0%)0, get-file-type2: 314 (0%)0, decompose_part: 1 (0%)0, parts_decode: 0 (0%)0, AV-scan-1: 7018 (2%)2, AV-scan-2: 0 (0%)2, AV-scan-3: 315011 (98%)100, rundown: 2 (0%)100
Jul  2 23:16:24 OptiplexGX270T amavis[2891]: (02891-01) (!) run_av: timed out
Jul  2 23:16:24 OptiplexGX270T amavis[2891]: (02891-01) (!!) ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462.
Jul  2 23:16:24 OptiplexGX270T amavis[2891]: (02891-01) (!!) TROUBLE in check_mail: virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.; ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462.
Jul  2 23:16:24 OptiplexGX270T amavis[2891]: (02891-01) (!) PRESERVING EVIDENCE in /var/lib/amavis/tmp/amavis-20080702T231102-02891
Jul  2 23:16:24 OptiplexGX270T amavis[2891]: (02891-01) TIMING [total 322458 ms] - SMTP EHLO: 6 (0%)0, SMTP pre-MAIL: 1 (0%)0, mkdir tempdir: 70 (0%)0, create email.txt: 1 (0%)0, SMTP pre-DATA-flush: 4 (0%)0, SMTP DATA: 29 (0%)0, body_digest: 1 (0%)0, gen_mail_id: 1 (0%)0, mkdir parts: 0 (0%)0, mime_decode: 17 (0%)0, get-file-type2: 277 (0%)0, decompose_part: 1 (0%)0, parts_decode: 0 (0%)0, AV-scan-1: 7021 (2%)2, AV-scan-2: 0 (0%)2, AV-scan-3: 315023 (98%)100, rundown: 5 (0%)100
Jul  2 23:16:24 OptiplexGX270T postfix/smtp[3210]: C4E185AA34: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=77127, delays=76804/0.19/0.01/322, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=02891-01, virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.; ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462. (in reply to end of DATA command))
Jul  2 23:16:24 OptiplexGX270T postfix/smtp[3209]: 66D1C5AA22: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=79388, delays=79066/0.18/0.01/322, dsn=4.5.0, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=02890-01, virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.; ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462. (in reply to end of DATA command))

Also I can't understand why Amavis can't connect to socket:

Code:

(Can't connect to UNIX socket /var/run/clamav/clamd.ctl

as the dir is there?:

Code:

kayasaman@OptiplexGX270T:/var/run/clamav$ ls
clamd.ctl  clamd.pid  freshclam.pid

As a result I had many error emails sent back to me when I tried using my other accounts to send a test mail to my server - this is why I ran away from Exim in the first place!

Can anyone help me with how to solve this issue?

Many Thanks

 

What's the output of

Code:

ls -la /var/run/clamav

?
Are amavisd or Postfix running chrooted?

 

OptiplexGX270T:/home/kayasaman# ls -la /var/run/clamav
total 16
drwxr-xr-x 2 clamav clamav 4096 2008-07-21 14:14 .
drwxr-xr-x 22 root root 4096 2008-07-21 13:40 ..
srwxrwxrwx 1 clamav clamav 0 2008-07-21 14:14 clamd.ctl
-rw-rw---- 1 clamav clamav 4 2008-07-21 14:14 clamd.pid
-rw-rw---- 1 clamav clamav 4 2008-07-21 13:39 freshclam.pid

Is output.

How can I test for amavisd and postfix is using chrooted?

I don't think they are but I'm not certain.

 

What's in /etc/postfix/master.cf?

 

#
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - - - - smtpd
#submission inet n - - - - smtpd
# -o smtpd_enforce_tls=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps inet n - - - - smtpd
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#628 inet n - - - - qmqpd
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - - 300 1 oqmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - - - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - - - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - - - - showq
error unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent. See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)#
# Other external delivery methods.
#
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipientscalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}

amavis unix - - - - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20

127.0.0.1:10025 inet n - - - - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o smtpd_restriction_classes=
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o mynetworks=192.168.1.0/24
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
-o strict_rfc821_envelopes=yes
-o smtpd_bind_address=127.0.0.1

 

What happens when you replace

Code:

smtp inet n - - - - smtpd

with

Code:

smtp inet n - n - - smtpd

and restart Postfix?

 

I had a pretty fast delivery of mail so it seems to have worked I guess but I had another problem with aliases.db file which was older then file aliases.

I did: nano /etc/aliases.db then ctrl o and restart postfix now my whole mail system seems to have gone kablueey?

Code:

Jul 27 11:55:47 OptiplexGX270T postfix/smtpd[4633]: fatal: open database /etc/aliases.db: Invalid argument

Not sure if this is used by postfix and if I can simply rm /etc/aliases.db and let it create a new one.

Anyway I can't be certain if the above worked untilll this works and I can read my mails posted by logcheck as they give me verbosity in amavis output!

Have to run to work now but will investigate more about the aliases.db later when I come back.

 

hmm just found the newaliases command am seeing if it works! - but now I really need to get work

 

Ok aliases.db probelm fixed!!!! Few now I really gota run be back later heheheh

 

Ok finally I just checked the output of logcheck and amavis doesn't seem to be mentioned at all with mail delivery so I'm taking this to be a good sign.

Can't find any logs for it so for now all I can do is wait till the next delivery of logcheck mail and see if things are consistant!

-But all looks promising

 

Forced the issue by invoking logcheck prematurely and all is fine amavis says ok

If there is a command to check full functionality I would realy apprieciate to be told but if not then not to wory as all is ok! - No more errors

Thanks falko!!!!! P.s. check my P.M.

 

I've been having this same problem for a while

I've been experiencing this same problem for a while and last time I fixed it I felt like it was a fluke and would recur, and it did. The solution described in this thread also doesn't seem to work for me.

In /var/log/mail.err I get:

Code:

Jul 29 14:09:47 localhost amavis[32550]: (32550-01) (!!) WARN: all primary virus scanners failed, considering backups
Jul 29 14:09:47 localhost amavis[32551]: (32551-01) (!!) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.

and the postfix queue starts growing and won't deliver mail.

I have not done anything to run postifx in a chroot. I just followed the HOWTO on this site.

The file that the log file claims doesn't exist, doesn't in fact exist, but why it isn't created, I cannot figure out:

Code:

/var/run/clamav# ls -la
total 12
drwxr-xr-x  2 clamav clamav 4096 2008-07-27 13:35 .
drwxr-xr-x 21 root   root   4096 2008-07-29 11:51 ..
-rw-rw----  1 clamav clamav    5 2008-07-29 13:11 freshclam.pid

My /etc/postfix/master.cf looks like so:

Code:

#
# Postfix master process configuration file.  Each logical line 
# describes how a Postfix daemon program should be run. 
#
# A logical line starts with non-whitespace, non-comment text.
# Empty lines and whitespace-only lines are ignored, as are comment 
# lines whose first non-whitespace character is a `#'.  
# A line that starts with whitespace continues a logical line.
#
# The fields that make up each line are described below. A "-" field
# value requests that a default value be used for that field.
#
# Service: any name that is valid for the specified transport type
# (the next field).  With INET transports, a service is specified as
# host:port.  The host part (and colon) may be omitted. Either host
# or port may be given in symbolic form or in numeric form. Examples
# for the SMTP server:  localhost:smtp receives mail via the loopback
# interface only; 10025 receives mail on port 10025.
#
# Transport type: "inet" for Internet sockets, "unix" for UNIX-domain
# sockets, "fifo" for named pipes.
#
# Private: whether or not access is restricted to the mail system.
# Default is private service.  Internet (inet) sockets can't be private.
#
# Unprivileged: whether the service runs with root privileges or as
# the owner of the Postfix system (the owner name is controlled by the
# mail_owner configuration variable in the main.cf file). Only the
# pipe, virtual and local delivery daemons require privileges.
#
# Chroot: whether or not the service runs chrooted to the mail queue
# directory (pathname is controlled by the queue_directory configuration
# variable in the main.cf file). Presently, all Postfix daemons can run
# chrooted, except for the pipe, virtual and local delivery daemons.
# The proxymap server can run chrooted, but doing so defeats most of
# the purpose of having that service in the first place.
# The files in the examples/chroot-setup subdirectory describe how
# to set up a Postfix chroot environment for your type of machine.
#
# Wakeup time: automatically wake up the named service after the
# specified number of seconds. A ? at the end of the wakeup time
# field requests that wake up events be sent only to services that
# are actually being used.  Specify 0 for no wakeup. Presently, only
# the pickup, queue manager and flush daemons need a wakeup timer.
#
# Max procs: the maximum number of processes that may execute this
# service simultaneously. Default is to use a globally configurable
# limit (the default_process_limit configuration parameter in main.cf).
# Specify 0 for no process count limit.
#
# Command + args: the command to be executed. The command name is
# relative to the Postfix program directory (pathname is controlled by
# the daemon_directory configuration variable). Adding one or more
# -v options turns on verbose logging for that service; adding a -D
# option enables symbolic debugging (see the debugger_command variable
# in the main.cf configuration file). See individual command man pages
# for specific command-line options, if any.
#
# General main.cf options can be overridden for specific services.
# To override one or more main.cf options, specify them as arguments
# below, preceding each option by "-o".  There must be no whitespace
# in the option itself (separate multiple values for an option by
# commas).
#
# In order to use the "uucp" message tranport below, set up entries
# in the transport table.
#
# In order to use the "cyrus" message transport below, configure it
# in main.cf as the mailbox_transport.
#
# SPECIFY ONLY PROGRAMS THAT ARE WRITTEN TO RUN AS POSTFIX DAEMONS.
# ALL DAEMONS SPECIFIED HERE MUST SPEAK A POSTFIX-INTERNAL PROTOCOL.
#
# DO NOT SHARE THE POSTFIX QUEUE BETWEEN MULTIPLE POSTFIX INSTANCES.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       n       -       -       smtpd
#submission inet n      -       -       -       -       smtpd
#	-o smtpd_etrn_restrictions=reject
#628      inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       -       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       -       -       -       smtp
relay     unix  -       -       -       -       -       smtp
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
#
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# maildrop. See the Postfix MAILDROP_README file for details.
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender $recipient
scalemail-backend unix	-	n	n	-	2	pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}

# only used by postfix-tls
#tlsmgr	  fifo	-	-	n	300	1	tlsmgr
#smtps	  inet	n	-	n	-	-	smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#587	  inet	n	-	n	-	-	smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes

# Added from howtoforge.com HOWTO
amavis unix - - - - 2 smtp
        -o smtp_data_done_timeout=1200
	-o smtp_send_xforward_command=yes

127.0.0.1:10025 inet n - - - - smtpd
        -o content_filter=
        -o local_recipient_maps=
        -o relay_recipient_maps=
	-o smtpd_restriction_classes=
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o mynetworks=127.0.0.0/8
        -o strict_rfc821_envelopes=yes
	-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
	-o smtpd_bind_address=127.0.0.1
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
scache    unix  -       -       -       -       1       scache
discard   unix  -       -       -       -       -       discard

Thanks for any other suggestions on how to address this problem.

 

Can you try this?

Code:

chmod 777 /var/run/clamav

 

chmod may have improved things

I did the chmod 777 /var/run/clamav and now, for the first time ever, I see clamd.ctl and clamd.pid files in that directory.

I'll monitor things and see if this cures it. This problem has a habit of resolving itself and then cropping back up...

 

Hmm.........

this is really wierd now just discovered this problem right now?

This is the tailing end of my master.cf file

Code:

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

[...]
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
localhost
relayhost =
mynetworks = 192.168.1.0/24
#mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
home_mailbox = Maildir/
#content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings
[...]

however if I enable: #content_filter = amavis:[127.0.0.1]:10024

then amavis still doesn't connect to socket 10025??

Code:

Aug  1 19:33:56 OptiplexGX270T imapd: Connection, ip=[::ffff:192.168.1.2]
Aug  1 19:33:56 OptiplexGX270T imapd: LOGIN, user=kayasaman, ip=[::ffff:192.168.1.2], protocol=IMAP
Aug  1 19:35:00 OptiplexGX270T imapd: Connection, ip=[::ffff:192.168.1.2]
Aug  1 19:35:00 OptiplexGX270T imapd: LOGIN, user=kayasaman, ip=[::ffff:192.168.1.2], protocol=IMAP
Aug  1 19:35:00 OptiplexGX270T imapd: LOGOUT, user=kayasaman, ip=[::ffff:192.168.1.2], headers=0, body=0, rcvd=52, sent=154, time=0
Aug  1 19:35:41 OptiplexGX270T postfix/smtpd[14660]: warning: 192.168.1.2: hostname vaio verification failed: No address associated with hostname
Aug  1 19:35:41 OptiplexGX270T postfix/smtpd[14660]: connect from unknown[192.168.1.2]
Aug  1 19:35:41 OptiplexGX270T postfix/smtpd[14660]: 50AF35A9B5: client=unknown[192.168.1.2]
Aug  1 19:35:41 OptiplexGX270T postfix/cleanup[14663]: 50AF35A9B5: message-id=<1217608539.30124.0.camel@localhost>
Aug  1 19:35:41 OptiplexGX270T postfix/qmgr[12798]: 50AF35A9B5: from=<[email protected]>, size=639, nrcpt=1 (queue active)
Aug  1 19:35:41 OptiplexGX270T amavis[8786]: (08786-01) ESMTP::10024 /var/lib/amavis/tmp/amavis-20080801T193541-08786: <[email protected]> -> <[email protected]> SIZE=639 Received: from OptiplexGX270T.optiplex-networks.com ([127.0.0.1]) by localhost (OptiplexGX270T.optiplex-networks.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <[email protected]>; Fri,  1 Aug 2008 19:35:41 +0300 (EEST)
Aug  1 19:35:41 OptiplexGX270T amavis[8786]: (08786-01) Checking: ivIW-viiJ2Jq [192.168.1.2] <[email protected]> -> <[email protected]>
Aug  1 19:35:41 OptiplexGX270T amavis[8786]: (08786-01) p001 1 Content-Type: text/plain, size: 98 B, name:
Aug  1 19:35:41 OptiplexGX270T postfix/smtpd[14660]: disconnect from unknown[192.168.1.2]
Aug  1 19:35:43 OptiplexGX270T postfix/smtpd[14667]: connect from localhost[127.0.0.1]
Aug  1 19:35:43 OptiplexGX270T postfix/smtpd[14667]: NOQUEUE: reject: CONNECT from localhost[127.0.0.1]: 554 5.7.1 <localhost[127.0.0.1]>: Client host rejected: Access denied; proto=SMTP
Aug  1 19:35:43 OptiplexGX270T amavis[8786]: (08786-01) (!) FWD via SMTP: <[email protected]> -> <[email protected]>, 450 4.4.1 Can't connect to 127.0.0.1 port 10025,  () at (eval 42) line 145, <GEN22> line 50., MTA([127.0.0.1]:10025), id=08786-01

Also I don't know if this is linked or not but I used to be able to send mail from squirrelmail web interface and now this doesn't work either I however can send from mail client like Evolution;- from remote machine

Any advice would be great

 

Squirrelmail problem solved! - Unrelated

mynetworks = 192.168.1.0/24 line needed 127.0.0.1 added (localhost)

Original problem still remains however

 

What's the output of

Code:

netstat -tap

, and what's in /etc/postfix/master.cf?

 

netstat -tap shows:

Code:

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State PID/Program name
tcp        0      0 *:55008                 *:*                     LISTEN     3378/rpc.statd
tcp        0      0 localhost:60000         *:*                     LISTEN     2773/postgrey.pid -
tcp        0      0 localhost:2208          *:*                     LISTEN     2569/hpiod
tcp        0      0 *:nfs                   *:*                     LISTEN     -
tcp        0      0 *:afpovertcp            *:*                     LISTEN     3151/afpd
tcp        0      0 *:swat                  *:*                     LISTEN     3206/inetd
tcp        0      0 localhost:10024         *:*                     LISTEN     15704/amavisd (mast
tcp        0      0 localhost:10025         *:*                     LISTEN     22419/master
tcp        0      0 *:56681                 *:*                     LISTEN     -
tcp        0      0 localhost:mysql         *:*                     LISTEN     2657/mysqld
tcp        0      0 *:netbios-ssn           *:*                     LISTEN     3279/smbd
tcp        0      0 localhost:spamd         *:*                     LISTEN     2777/spamd.pid
tcp        0      0 *:sunrpc                *:*                     LISTEN     2220/portmap
tcp        0      0 localhost:32912         *:*                     LISTEN     2572/python
tcp        0      0 *:auth                  *:*                     LISTEN     3206/inetd
tcp        0      0 *:munin                 *:*                     LISTEN     3534/munin-node
tcp        0      0 OptiplexGX270T.o:domain *:*                     LISTEN     2511/named
tcp        0      0 localhost:domain        *:*                     LISTEN     2511/named
tcp        0      0 localhost:ipp           *:*                     LISTEN     3028/cupsd
tcp        0      0 *:smtp                  *:*                     LISTEN     22419/master
tcp        0      0 localhost:953           *:*                     LISTEN     2511/named
tcp        0      0 localhost:4700          *:*                     LISTEN     3153/cnid_metad
tcp        0      0 *:microsoft-ds          *:*                     LISTEN     3279/smbd
tcp        0      0 *:831                   *:*                     LISTEN     3196/rpc.mountd
tcp        0      0 OptiplexGX270T.opti:nfs mail.gx110.optiplex:886 ESTABLISHED-
tcp6       0      0 *:imaps                 *:*                     LISTEN     2988/couriertcpd
tcp6       0      0 *:pop3s                 *:*                     LISTEN     3007/couriertcpd
tcp6       0      0 *:pop3                  *:*                     LISTEN     2993/couriertcpd
tcp6       0      0 *:imap2                 *:*                     LISTEN     2976/couriertcpd
tcp6       0      0 *:www                   *:*                     LISTEN     13135/apache2
tcp6       0      0 *:domain                *:*                     LISTEN     2511/named
tcp6       0      0 *:ssh                   *:*                     LISTEN     12987/sshd
tcp6       0      0 ip6-localhost:953       *:*                     LISTEN     2511/named
tcp6       0    720 OptiplexGX270T.opti:ssh vaio:58233              ESTABLISHED16659/sshd: kayasam
tcp6       0      0 OptiplexGX270T.op:imap2 vaio:58176              ESTABLISHED31018/imapd

master.cf:

Code:

#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       n       -       -       smtpd
#submission inet n       -       -       -       -       smtpd
#  -o smtpd_enforce_tls=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps     inet  n       -       -       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#628      inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
        -o fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipientscalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}

amavis unix - - - - 2 smtp
 -o smtp_data_done_timeout=1200
 -o smtp_send_xforward_command=yes
 -o disable_dns_lookups=yes
 -o max_use=20

127.0.0.1:10025 inet n - - - - smtpd
 -o content_filter=
 -o local_recipient_maps=
 -o relay_recipient_maps=
 -o smtpd_restriction_classes=
 -o smtpd_delay_reject=no
 -o smtpd_client_restrictions=permit_mynetworks,reject
 -o smtpd_helo_restrictions=
 -o smtpd_sender_restrictions=
 -o smtpd_recipient_restrictions=permit_mynetworks,reject
 -o smtpd_data_restrictions=reject_unauth_pipelining
 -o smtpd_end_of_data_restrictions=
 -o mynetworks=192.168.1.0/24
 -o smtpd_error_sleep_time=0
 -o smtpd_soft_error_limit=1001
 -o smtpd_hard_error_limit=1000
 -o smtpd_client_connection_count_limit=0
 -o smtpd_client_connection_rate_limit=0
 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
 -o strict_rfc821_envelopes=yes
 -o smtpd_bind_address=127.0.0.1

 

Looks ok. Can you try

Code:

chmod 777 /var/run/clamav

?

 

chmod 777 doesn't seem to be a permanent fix

So, this problem persists for me, and appears to even be worse, as this server which previously had uptime averages of months, now locks up where I cannot even ssh in and even physically at the terminal cannot get it to respond, so that only pressing the reset button returns it to functionality.

Here's some of the errors I get mailed to me by logcheck:

Code:

Aug  5 03:28:35 localhost amavis[5024]: (05024-05) (!!) WARN: all primary virus scanners failed, considering backups
Aug  5 03:33:57 localhost amavis[5025]: (05025-07) (!!) WARN: all primary virus scanners failed, considering backups

and

Code:

Aug  5 03:28:28 localhost amavis[5025]: (05025-06) (!) ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory, retrying (2)
Aug  5 03:28:29 localhost amavis[5024]: (05024-05) (!) ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory, retrying (2)
Aug  5 03:28:34 localhost amavis[5025]: (05025-06) (!!) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.
Aug  5 03:28:35 localhost amavis[5024]: (05024-05) (!!) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.
Aug  5 03:33:49 localhost amavis[5025]: (05025-06) (!) /usr/bin/clamscan is taking longer than 315 s and will be killed
Aug  5 03:33:49 localhost amavis[5025]: (05025-06) (!) killing process [12044] running /usr/bin/clamscan
Aug  5 03:33:50 localhost amavis[5025]: (05025-06) (!) run_av: timed out
Aug  5 03:33:50 localhost amavis[5025]: (05025-06) (!!) ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462.
Aug  5 03:33:50 localhost amavis[5025]: (05025-06) (!!) TROUBLE in check_mail: virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.; ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462.
Aug  5 03:33:50 localhost amavis[5025]: (05025-06) (!) PRESERVING EVIDENCE in /var/lib/amavis/tmp/amavis-20080805T032827-05025
Aug  5 03:33:50 localhost amavis[5024]: (05024-05) (!) /usr/bin/clamscan is taking longer than 315 s and will be killed
Aug  5 03:33:50 localhost amavis[5024]: (05024-05) (!) killing process [12045] running /usr/bin/clamscan
Aug  5 03:33:50 localhost amavis[5024]: (05024-05) (!) run_av: timed out
Aug  5 03:33:50 localhost amavis[5024]: (05024-05) (!!) ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462.
Aug  5 03:33:50 localhost amavis[5024]: (05024-05) (!!) TROUBLE in check_mail: virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.; ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462.
Aug  5 03:33:50 localhost amavis[5024]: (05024-05) (!) PRESERVING EVIDENCE in /var/lib/amavis/tmp/amavis-20080805T032827-05024
Aug  5 03:33:51 localhost amavis[5025]: (05025-07) (!) ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory, retrying (2)
Aug  5 03:33:57 localhost amavis[5025]: (05025-07) (!!) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.

Any other thoughts on what I could try?