Hi, I've a problem with Amavis I suppose. If I send an email towards an email account on my ispconfig server, the mail arrives without any problems but amavis I think does not process spam or antivirus tasks. The following is an excerpt from the mail.log log mail_id: 8CTL0Px5nU17, Hits: -, size: 2032, queued_as: 3E6A I also tried a test with EICAR test file and the email arrives normally and is not blocked. Can you help me? Leonardo
##### SERVER ##### IP-address (as per hostname): ***.***.***.*** [WARN] could not determine server's ip address by ifconfig [INFO] OS version is Debian GNU/Linux 11 (bullseye) [INFO] uptime: 13:37:37 up 22:07, 1 user, load average: 0.00, 0.00, 0.00 [INFO] memory: total used free shared buff/cache available Mem: 1.9Gi 278Mi 1.3Gi 15Mi 400Mi 1.5Gi Swap: 1.0Gi 135Mi 888Mi [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.2.7p1 ##### VERSION CHECK ##### [INFO] php (cli) version is 7.4.28 [INFO] php-cgi (used for cgi php in default vhost!) is version 7.4.28 ##### PORT CHECK ##### ##### MAIL SERVER CHECK ##### ##### RUNNING SERVER PROCESSES ##### [INFO] I found the following web server(s): Apache 2 (PID 59753) [INFO] I found the following mail server(s): Postfix (PID 59668) [INFO] I found the following pop3 server(s): Dovecot (PID 59707) [INFO] I found the following imap server(s): Dovecot (PID 59707) [INFO] I found the following ftp server(s): PureFTP (PID 59805) ##### LISTENING PORTS ##### (only () Local (Address) ***.***.***.***:53 (59817/named) [localhost]:53 (59817/named) [anywhere]:21 (59805/pure-ftpd) [anywhere]:22 (606/sshd [localhost]:953 (59817/named) [anywhere]:25 (59668/master) [anywhere]:993 (59707/dovecot) [anywhere]:995 (59707/dovecot) [localhost]:10023 (473/postgrey) [localhost]:10024 (59679/amavisd-new) [localhost]:10025 (59668/master) [localhost]:10027 (59668/master) [anywhere]:587 (59668/master) [localhost]:11211 (558/memcached) [anywhere]:110 (59707/dovecot) [anywhere]:143 (59707/dovecot) [anywhere]:465 (59668/master) *:*:*:*::*:21 (59805/pure-ftpd) *:*:*:*::*:53 (59817/named) *:*:*:*::**:*:*:*::*53 (59817/named) *:*:*:*::*:22 (606/sshd *:*:*:*::*:25 (59668/master) *:*:*:*::*:953 (59817/named) *:*:*:*::*:443 (59753/apache2) *:*:*:*::*:993 (59707/dovecot) *:*:*:*::*:995 (59707/dovecot) *:*:*:*::*:10023 (473/postgrey) *:*:*:*::*:10024 (59679/amavisd-new) *:*:*:*::*:3306 (59411/mariadbd) *:*:*:*::*:587 (59668/master) [localhost]10 (59707/dovecot) [localhost]43 (59707/dovecot) *:*:*:*::*:8080 (59753/apache2) *:*:*:*::*:80 (59753/apache2) *:*:*:*::*:8081 (59753/apache2) *:*:*:*::*:465 (59668/master) ##### IPTABLES ##### Chain INPUT (policy ACCEPT) target prot opt source destination f2b-ssh tcp -- [anywhere]/0 [anywhere]/0 multiport dports 22 f2b-postfix-sasl tcp -- [anywhere]/0 [anywhere]/0 multiport dports 25 f2b-sshd tcp -- [anywhere]/0 [anywhere]/0 multiport dports 22 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain f2b-postfix-sasl (1 references) target prot opt source destination REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable RETURN all -- [anywhere]/0 [anywhere]/0 Chain f2b-ssh (1 references) target prot opt source destination REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable RETURN all -- [anywhere]/0 [anywhere]/0 Chain f2b-sshd (1 references) target prot opt source destination REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable RETURN all -- [anywhere]/0 [anywhere]/0 ##### LET'S ENCRYPT ##### acme.sh is installed in /root/.acme.sh/acme.sh ___________________________________________ No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 11 (bullseye) Release: 11 Codename: bullseye ___________________________________________ PHP 7.4.28 (cli) (built: Feb 17 2022 16:17:19) ( NTS ) Copyright (c) The PHP Group Zend Engine v3.4.0, Copyright (c) Zend Technologies with Zend OPcache v7.4.28, Copyright (c), by Zend Technologies ___________________________________________
How was this host installed? If you installed it recently it should have RSpamd instead of amavis. Did you use autoinstaller or a Perfect Server Guide?
Which perfect server guide? If you used Debian 10 version that may need some adjustments for Debian 11. Using ISPCOnfig autoinstaller is recommended way on Debian 11. https://www.howtoforge.com/ispconfig-autoinstall-debian-ubuntu/
There is no perfect server guide for Debian 11 that uses amavisd. The Debian 11 installation instructions (auto-installer) are using Rspamd and not Amavisd as amavisd should not b used on new setups anyway, it got replaced by rspamd. And Amavisd will not run on Debian 11 setups without manual changes.
Install a new system using the autoinstaller. Or read this forum for threads for discussions on installing on Debian 11 manually.
Here are the installation instructions for Debian 11: https://www.howtoforge.com/ispconfig-autoinstall-debian-ubuntu/ And here is the post to fix the amavis issue on Debian 11: https://www.howtoforge.com/communit...o-bullseye-problems-amavis.88528/#post-432778 But reinstalling to have a setup with Rspamd is not a bad choice as you will get better spam protection.
Thanks to all...another question... I've reinstalled the os on my vps and used the autoinstall without any error. How clamav is interfaced without amavis for virus scanning for mailboxes? In the postfix/rspamd I can't see any reference to clamav. Can you explain me?
Ok I have found it but If I try to send a mail to another mailboxes on another server with the EICAR virus (for example)...the mail is sent and clamav doesn't recognize it!!! Normally clamav blocks this kind of mail.
Rspamd is configured to recognize Eicar and set a spam score for it but not to block it as it's a test virus and not a real virus.
