I don't think the installation instructions for clamav are correct for the Perfect Server CentOS 8. There's an @ sign in there, and I don't think it references the service correctly for enabling/starting it. I get no errors when going through the steps, but when I run ispconfig_updates.sh, the following message appears: Restarting services ... Failed to restart clamd.amavisd.service: Unit clamd.amavisd.service not found. Update finished. based on that message, I tried systemctl enable clamd.amavisd.servicebut get an error Failed to enable unit: Unit file clamd.amavisd.service does not exist.and incoming mail is complaining there's no socket available... (!)connect to /var/spool/amavisd/clamd.sock failed, attempt #1: Can't connect to a UNIX socket /var/spool/amavisd/clamd.sock: No such file or directorycould someone smarter than me look into that? I just started testing mail handling, and would like to get that figured out. Thanks.
The @ sign is correct and has to be in the name. The error at the end of the ISPConfig install is a known issue in ISPConfig, not in the guide. ISPConfig tries to restart the service without the @ inside. You can just ignore it.
okay, so if I manually run the systemctl restart [email protected]it does not yield any errors however, i'm still getting the following errors in /var/log/maillog: Sep 5 01:06:09 dns2 amavis[4094950]: (4094950-13) (!)connect to /var/spool/amavisd/clamd.sock failed, attempt #1: Can't connect to a UNIX socket /var/spool/amavisd/clamd.sock: No such file or directory Sep 5 01:06:10 dns2 amavis[4094950]: (4094950-13) (!)connect to /var/spool/amavisd/clamd.sock failed, attempt #1: Can't connect to a UNIX socket /var/spool/amavisd/clamd.sock: No such file or directory Sep 5 01:06:10 dns2 amavis[4094950]: (4094950-13) (!)ClamAV-clamd: All attempts (1) failed connecting to /var/spool/amavisd/clamd.sock, retrying (2) Sep 5 01:06:16 dns2 amavis[4094950]: (4094950-13) (!)connect to /var/spool/amavisd/clamd.sock failed, attempt #1: Can't connect to a UNIX socket /var/spool/amavisd/clamd.sock: No such file or directory Sep 5 01:06:16 dns2 amavis[4094950]: (4094950-13) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/spool/amavisd/clamd.sock (All attempts (1) failed connecting to /var/spool/amavisd/clamd.sock) at (eval 101) line 659.\n Sep 5 01:06:16 dns2 amavis[4094950]: (4094950-13) (!)WARN: all primary virus scanners failed, considering backups I haven't done any tweaks (that I'm aware of) concerning clamd and amavisd after the Perfect Server install, and it's only got 6 email addresses on it that only went live yesterday, so it's not an overload issue that I can see. just noticed these errors as well while trying to receive mail (rejecting it): Sep 5 01:20:07 dns2 postfix/smtpd[302134]: warning: connect to 127.0.0.1:10023: Connection refused Sep 5 01:20:07 dns2 postfix/smtpd[302134]: warning: problem talking to server 127.0.0.1:10023: Connection refused Is there maybe some modification to the postfix main.cf that needs to be done to get this working correctly that maybe the ISPConfig installer didn't get configured correctly? My current CentOS 6 server is running the same version of ISPconfig, and I don't recall it having these errors, but maybe I'll go back and review the PS CentOS 6 instructions for anything that might be different. Thanks.
Hmm, ok. So there is something wrong indeed beside the ISPConfig installer restarting a wrong service. Try to find the service name for clamd, e.g. like this: systemctl list-units --type=service | grep clam to see what the name is so we can try to restart it. Regarding port 10023, that's postgrey, there might be something missing in the perfect server guide for it. Try to install 'postgrey' using dnf or yum command and then check with: netstat -ntap | grep 10023 if it's listening on that port. If not, then we'll probably have to configure it further.
Thanks Till per your request: [email protected] loaded active running clamd scanner (amavisd) daemon and Package postgrey-1.37-9.el8.noarch is already installed. Netstat returns nothing i did find the following in /etc/postfix/main.cf (grepped for '10023' and 'greylist'): /etc/postfix/main.cf:smtpd_restriction_classes = greylisting /etc/postfix/main.cf:greylisting = check_policy_service inet:127.0.0.1:10023 /etc/postfix/main.cf:smtpd_recipient_restrictions = permit_mynetworks, reject_unknown_recipient_domain, reject_unlisted_recipient, check_recipient_access proxy:mysql:/etc/postfix/mysql-verify_recipients.cf, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unauth_destination, check_recipient_access proxy:mysql:/etc/postfix/mysql-virtual_recipient.cf, check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf, check_policy_service unixrivate/quota-status and in /etc/postfix/mysql-virtual_policy_greylist.cf: user = ispconfig password = <redacted> dbname = dbispconfig hosts = 127.0.0.1 query = SELECT 'greylisting' FROM ( SELECT `greylisting`, 1 as `prio` FROM `mail_user` WHERE `server_id` = 1 AND `email` = '%s' AND EXISTS (SELECT domain_id FROM mail_domain WHERE domain = SUBSTRING_INDEX('%s', '@', -1) AND active = 'y' AND server_id = 1) UNION SELECT `greylisting`, 2 as `prio` FROM `mail_forwarding` WHERE `server_id` = 1 AND `source` = '%s' AND active = 'y' UNION SELECT `greylisting`, 3 as `prio` FROM `mail_forwarding` WHERE `server_id` = 1 AND `source` = '@%d' AND active = 'y' ORDER BY `prio` ASC LIMIT 1 ) AS rules WHERE rules.greylisting = 'y' hope that's helpful - I appreciate the help!
wondering if anyone had a chance to look into either of these issues? I did try unchecking "greylisting" for the individual emails, and mail gets through after that. at least that checkbox is working
For postgrey, edit the file /etc/sysconfig/postgrey Code: nano /etc/sysconfig/postgrey and change the line: Code: POSTGREY_TYPE="--unix=/var/spool/postfix/postgrey/socket" to Code: POSTGREY_TYPE="--inet=10023" and restart postgrey: Code: service postgrey restart
For amavisd, edit the file /etc/clamd.d/amavisd.conf : Code: nano /etc/clamd.d/amavisd.conf and change the line: Code: LocalSocket /run/clamd.amavisd/clamd.sock to Code: LocalSocket /var/spool/amavisd/clamd.sock and restart ClamAV: Code: systemctl restart [email protected] Please let me know if the changes in clamav and amavis config fix the issues on your system, so that I can add them to the centos perfect server guide.
Greylisting is working and I just watched a single email come through without complaining about ClamAV, but i didn't see that it tripped any filtering either. I'll keep watching, but so far, looks like that worked. Thank you for the fixes - i'll report back later today!
got my first greylist block - action=greylist, reason=new and my first "pass" - postgrey[364834]: action=pass, reason=triplet found, delay=445 so that's working as expected - thank you!