clamassassin - centos 4.3

New (and first time) install on clean centos 4.3. Believe I fully followed the install guide.

Get this in the headers

X-Virus-Status: Failed
X-Virus-Report: /home/admispconfig/ispconfig/tools/clamav/bin/clamscan error 50

and this in /var/log/maillog

Aug 15 19:45:38 cent01 procmail[8205]: Couldn't rename bogus "/var/mail/admispconfig" into "/var/mail/BOGUS.admispconfig.290DC"

I can su to admispconfig and

cat /var/mail/temp.eml | /home/admispconfig/ispconfig/tools/clamav/bin/clamassassin
<< removed >>
X-Virus-Status: No
X-Virus-Checker-Version: clamassassin 1.2.3 with clamscan / ClamAV 0.88.4/1664/Tue Aug 15 10:28:31 2006

just fine and the defs are up-to-date. Any ideas on where else to begin troubleshooting.

 

got rid of bogus in maillog, but

Thanks, that fixed the one error in postfix's maillog, but unfortunately it still doesn't appear to be scanning with clam

Date: Wed, 16 Aug 2006 08:57:38 -0400 (EDT)
X-Virus-Status: Failed
X-Virus-Report: /home/admispconfig/ispconfig/tools/clamav/bin/clamscan error 50
X-Virus-Checker-Version: clamassassin 1.2.3 with clamscan / ClamAV 0.88.4/1668/Wed Aug 16 05:41:45 2006

Any ideas on how to go about troubleshooting the clamassassin script?

 

Error 50 means "Database initialization error." ( http://developer.apple.com/documentation/Darwin/Reference/ManPages/man1/clamscan.1.html ).
What's the output of

Code:

ls -la /home/admispconfig/ispconfig/tools/clamav/share/clamav

?

 

wcsmith and i have the same problem. i already removed and downloaded new database virus pattern but the error is still there.

[root@zanpaku-to ~]# ls -la /home/admispconfig/ispconfig/tools/clamav/share/clamav/
total 5920
drwxr-xr-x 2 admispconfig admispconfig 4096 Aug 20 05:03 .
drwxr-xr-x 4 admispconfig admispconfig 4096 Aug 18 07:58 ..
-rw-r--r-- 1 admispconfig admispconfig 173559 Aug 20 05:03 daily.cvd
-rw-r--r-- 1 admispconfig admispconfig 5858804 Aug 18 12:14 main.cvd
[root@zanpaku-to ~]#

thanks in advance.

 

Which ISPConfig version do you use?

 

X-Virus-Status: Failed, clamscan error 50 (ISPConfig 2.2.6)

Hi,

I am getting this to with a new installation of ISPConfig 2.2.6 on Fedora Core 5 (64bit)

When looking at the email header information I see this:

X-Virus-Status: Failed
X-Virus-Report: /home/admispconfig/ispconfig/tools/clamav/bin/clamscan error 50
X-Virus-Checker-Version: clamassassin 1.2.3 with clamscan / ClamAV 0.88.4/1779/Thu Aug 31 08:56:15 2006

and when I do this:
ls -la /home/admispconfig/ispconfig/tools/clamav/share/clamav
I get this:
-rw-r--r-- 1 admispconfig admispconfig 352023 Aug 31 10:04 daily.cvd
-rw-r--r-- 1 admispconfig admispconfig 5858804 Aug 30 16:55 main.cvd

I have also done this:

cat /etc/passwd | /home/admispconfig/ispconfig/tools/clamav/bin/clamassassin
<removed>
I get this:
X-Virus-Status: No
X-Virus-Checker-Version: clamassassin 1.2.3 with clamscan / ClamAV 0.88.4/1779/Thu Aug 31 08:56:15 2006

please help

thanks

-UPDATE-
I'm still no further with this

I done the following this time:
cat test | /home/admispconfig/ispconfig/tools/clamav/bin/clamassassin
Subject:
X-Virus-Status: Yes
X-Virus-Report: Eicar-Test-Signature FOUND
X-Virus-Checker-Version: clamassassin 1.2.3 with clamscan / ClamAV 0.88.4/1782/Thu Aug 31 17:54:15 2006

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

notice this time it reports X-Virus-Status: Yes but when I emailed that file to myself, this is what I get back

mail -s "test" emailaddress <test

--------------------------------------------------------------
From root@HIDDEN Thu Aug 31 23:07:21 2006
Return-Path: <root@HIDDEN>
X-Spam-Checker-Version: SpamAssassin 3.1.3 (2006-06-01) on
HIDDEN
X-Spam-Level:
X-Spam-Status: No, score=-1.4 required=5.0 tests=ALL_TRUSTED autolearn=ham
version=3.1.3
Received: from HIDDEN (localhost.localdomain [127.0.0.1])
by HIDDEN (8.13.7/8.13.7) with ESMTP id k7VM7Ifv005174
for <test@HIDDEN2>; Thu, 31 Aug 2006 23:07:18 +0100
Received: (from root@localhost)
by HIDDEN (8.13.7/8.13.7/Submit) id k7VM7Ile005173
for test@HIDDEN2; Thu, 31 Aug 2006 23:07:18 +0100
Date: Thu, 31 Aug 2006 23:07:18 +0100
From: root <root@HIDDEN>
Message-Id: <200608312207.k7VM7Ile005173@HIDDEN>
To: test@HIDDEN2
Subject: test
X-Virus-Status: Failed
X-Virus-Report: /home/admispconfig/ispconfig/tools/clamav/bin/clamscan error 50
X-Virus-Checker-Version: clamassassin 1.2.3 with clamscan / ClamAV 0.88.4/1782/Thu Aug 31 17:54:15 2006

-Another UPDATE-

I seem to be getting further (hopefully) to getting it sorted.

I spotted that the actual mailbox account is the one actually triggering the clamassassin script, a quick ps show's me what I'm after:

10002 5703 0.0 0.0 5552 980 ? S 23:11 0:00 /bin/sh /home/admispconfig/ispconfig/tools/clamav/bin/clamassassin

now UID 10002 is the mailbox account which is calling the script clamassassin so when I run

/home/admispconfig/ispconfig/tools/clamav/bin/clamscan as my the actual mailbox account and not as root I get the following:

/home/admispconfig/ispconfig/tools/clamav/bin/clamscan /home/admispconfig/ispconfig/tools/clamav/bin/test
dm-0: write failed, group block limit reached.
LibClamAV Error: Wrote 0 instead of 512 (/tmp/clamav-1267d2abc0ae0f6f/main.db).
cli_untgz: Disk quota exceeded
LibClamAV Error: cli_cvdload(): Can't unpack CVD file.
LibClamAV Error: Can't load /home/admispconfig/ispconfig/tools/clamav/share/clamav/main.cvd: CVD extraction failure
ERROR: CVD extraction failure

----------- SCAN SUMMARY -----------
Known viruses: 3256
Engine version: 0.88.4
Scanned directories: 0
Scanned files: 0
Infected files: 0
Data scanned: 0.00 MB
Time: 0.243 sec (0 m 0 s)

Now the thing is there is NO disk quota on the mailbox account at all:

Disk quotas for user web1_test (uid 10002): none

and the .quota.rc is commented out:
## INCLUDERC=/var/www/web1/user/web1_test/.quota.rc

Help please ?

 

What's the output of

Code:

df -h

?

 

there's plenty of space, I've actually removed ispconfig as it wasn't taking to Fedora Core 5 64bit and not much would compile manually on the 64bit OS (apps outwidth ispconfig stuff) also user's .forward file which had procmail forwarding stuff and would mess up sendmail when using MailScanner to scan for viruses - ended up going back to Fedora Core 5 - 32bit.

Shame ISPConfig 2.2.6 doesn't work correctly, will go back to it at some point but I'm used to the actual installs themselves without any other kind of app/scripts interfering with it: apache,php,mysql,openssl,clamav running on the server without ispconfig works fine.

I'll still keep working on ISPConfig on a development server until I feel it's ready to roll out for customer and admin use.

The WWW and DNS web admin is great but nothing much else.

 

I didn't say ispconfig wouldn't compile, see my previous posts, ispconfig works but not as it is meant to work ie: procmail issues with .forward files, not good interaction with mailscanner, clamscan is useless cause of the error 50

basically ispconfig is good for web based dns and creating web space stuff but that's about it, not really good for much else to interact with.

 

I never had problems with ISPConfig on my servers. Must be a problem with your configuration.

 

nope no problem with my configuration, as other users are having problems with ISPConfig ie: clamscan error 50 for starters.

 

I also never had that problem.

 

lol - I do believe you've never had that problem - but this thread proves that there is an issue with clamscan - as 3 users in this thread are getting it

 

ClamAV works fine for me on CentOS 4.3 64-bit (latest ISPConfig), although I was getting the "couldn't rename bogus" error in the mail log.

 

did this ever get fixed at all ? cause I was going to download and try out ISP Config 2.2.7 but not going to if it still isn't fixed ?