clamav and spam problem in Centos 7.1

Discussion in 'Installation/Configuration' started by Michaeltc, Apr 5, 2016.

  1. Michaeltc

    Michaeltc New Member

    Dear all:

    Today, I try to setup ispconfig 3 base on below link

    I have follow all step, at final, I can open ispconfig to send / receive email under vhost. However, I find there have some problem, as below:
    1. I have find there an error in maillog and it show
    amavis[2654]: (02654-01) (!)connect to /var/run/clamd.amavisd/clamd.sock failed, attempt #1: Can't connect to a
    and I find there are nothing in /var/run/clamd.amavisd/, can you advice about that ?

    Beside, we receive the email from outside, and try look into email header, it seem there no x-spam check, so I think system have do spam check even, I enable spam filter and set it "normal" on the email account. Could you advise how to solve

    Appreciate from your reply

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Try to restart clamav.
  3. Michaeltc

    Michaeltc New Member

    I try to restart whole server , but the problem same
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Please restart just ClamAV, not the whole server. Did clamav restart without errors? Did you check the maillog file for errors after you restarted it?
  5. Michaeltc

    Michaeltc New Member

    Hi after checking, when I send email gmail account to my server, I cannot receive that email
    from maillog it show as below
    postfix/smtp[3095]: connect to[]:10024: Connection refused

    Do you have any idea?
  6. Michaeltc

    Michaeltc New Member

    sorry pls ignore this error log
    postfix/smtp[3095]: connect to[]:10024: Connection refused
    and I have solve

    But , when I solve this problem, the maillog will show the below error message
    amavis[2641]: (02641-01) (!)connect to /var/run/clamd.amavisd/clamd.sock failed, attempt #1: Can't connect to a UNIX socket /var/run/clamd.amavisd/clamd.sock: No such file or directory

    This is the problem even I have receive that the email from my mail client.

    Thanks for your help
  7. chaosad

    chaosad New Member

    Could you explain your steps please?
    I had the same error with the howto and have still the problem.
    I can send an receive mails, but the spamfilter ignores the isp-config settings.
    I couldnt start clamd after the howto setup.
    Then I installed this packages and I was able to start clamd, no errors in the logfiles or installation but he use the /etc/amavis/amavis.conf and not the /etc/amavis.conf config. If I change it, clamd dont start.

    The howto doenst really work with the postfix amavis clam config :-(
  8. Michaeltc

    Michaeltc New Member

    My final solution is not install amavis , as I have try many time to fix, but it can't. And I just want to do anti-spam function and then I modify and and route all income email to spamassassin service directly.

    If ispconfig can solve this problem , will try it on test server again.
  9. Thaddeus

    Thaddeus New Member

    Hi, I had a similar problem. How I solved it was by making the socket the same on
     LocalSocket /var/run/clamd.amavisd/clamd.sock 
    and in
        \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamd.amavisd/clamd.sock"],
        qr/\bOK$/m, qr/\bFOUND$/m,
        qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ] 
    make sure the directory exists /var/run/clamd.amavisd
    then systemctl start clamd@amavisd
    chaosad likes this.
  10. DDArt

    DDArt Member

    This might be still on topic but what about old, easy to find viruses. Spam-assassin tags it as **SPAM** but the attachments of zip files full of jDownload viruses still come through. Any way to tag or remove these, is clamav not doing its job?
  11. chaosad

    chaosad New Member

    Are this the only adjustments you made?
    With this adjustments I can start both services:

    service amavisd start
    service clamd@amavisd start
  12. chaosad

    chaosad New Member

    but I receive the following error:

    May  4 22:49:12 localhost postfix/submission/smtpd[5895]: 39552830DB31:[], sasl_method=PLAIN, [email protected]
    May  4 22:49:12 localhost postfix/cleanup[5936]: 39552830DB31: message-id=<[email protected]>
    May  4 22:49:12 localhost postfix/qmgr[1469]: 39552830DB31: from=<[email protected]>, size=660, nrcpt=1 (queue active)
    May  4 22:49:13 localhost amavis[5687]: (05687-01) Blocked SPAM {DiscardedOpenRelay,Quarantined}, []:55657 [] <[email protected]> -> <[email protected]>, Queue-ID: 39552830DB31, Message-ID: <[email protected]>, mail_id: Jc5TBL4hsNs6, Hits: -1, size: 660, 1331 ms
    May  4 22:49:13 localhost postfix/smtp[5937]: 39552830DB31: to=<[email protected], relay=[]:10024, delay=1.6, delays=0.2/0.01/0.02/1.3, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=05687-01 - spam)
    May  4 22:49:13 localhost postfix/qmgr[1469]: 39552830DB31: removed
    Why he checks outbound mails on spam?

    maybe you can share your


    with us?
    I would be very grateful
  13. Thaddeus

    Thaddeus New Member

    Hi, By default Amavisd scans both incoming and outgoing mail. If you dont want it to scan outgoing mail perhaps you can search the forum how to do change the settings.
  14. chaosad

    chaosad New Member

    thank you Thaddeus, I will try it, but I´m not a postfix or amavis Profi.
    its really tough for me :-(
  15. chaosad

    chaosad New Member

    ok if I change this in the file /etc/amavisd/amavisd.conf

    #$final_spam_destiny  = D_DISCARD;  #!!!  D_DISCARD / D_REJECT
    #$final_bad_header_destiny = D_BOUNCE;
    $final_spam_destiny  = D_PASS;;
    $final_bad_header_destiny = D_PASS;;
    it looks like it works now.

    May  5 12:38:21 localhost amavis[3415]: (03415-01) Passed SPAM {RelayedOpenRelay,Quarantined},
    the only problem I have now is, if I use TLS for mail outbound, I have to wait 45 seconds until he sends the mail.

Share This Page