Evening all, I have ISPConfig3 installed on Debian10. I'm having issues with receiving mail and when I'm looking at the Mail Queue I can see there are 2 emails that are in there waiting. After further investigations, it seems the ClamAV has stopped working, and below is the status. root@server1:~# service clamav-daemon status Code: ● clamav-daemon.service - Clam AntiVirus userspace daemon Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; vendor preset: enabled) Drop-In: /etc/systemd/system/clamav-daemon.service.d └─extend.conf Active: failed (Result: signal) since Sat 2021-01-23 21:57:39 UTC; 2min 12s ago Docs: man:clamd(8) man:clamd.conf(5) https://www.clamav.net/documents/ Process: 7110 ExecStartPre=/bin/mkdir /run/clamav (code=exited, status=1/FAILURE) Process: 7111 ExecStartPre=/bin/chown clamav /run/clamav (code=exited, status=0/SUCCESS) Process: 7112 ExecStart=/usr/sbin/clamd --foreground=true (code=killed, signal=KILL) Main PID: 7112 (code=killed, signal=KILL) Jan 23 21:57:26 server1 systemd[1]: Starting Clam AntiVirus userspace daemon... Jan 23 21:57:27 server1 mkdir[7110]: /bin/mkdir: cannot create directory ‘/run/clamav’: File exists Jan 23 21:57:27 server1 systemd[1]: Started Clam AntiVirus userspace daemon. Jan 23 21:57:39 server1 systemd[1]: clamav-daemon.service: Main process exited, code=killed, status=9/KILL Jan 23 21:57:39 server1 systemd[1]: clamav-daemon.service: Failed with result 'signal'. In addition to this, i seem to be having issues with connections to 127.0.0.1 In the Clamd.conf file i can see the below Code: LocalSocket /var/run/clamav/clamd.ctl But this file doesn't seem to have been created.
I have now yes haha Code: root@server1:~# service clamav-daemon status ● clamav-daemon.service - Clam AntiVirus userspace daemon Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; vendor preset: enabled) Drop-In: /etc/systemd/system/clamav-daemon.service.d └─extend.conf Active: failed (Result: exit-code) since Sat 2021-01-23 23:03:18 UTC; 5min ago Docs: man:clamd(8) man:clamd.conf(5) https://www.clamav.net/documents/ Process: 709 ExecStartPre=/bin/mkdir /run/clamav (code=exited, status=0/SUCCESS) Process: 756 ExecStartPre=/bin/chown clamav /run/clamav (code=exited, status=0/SUCCESS) Process: 768 ExecStart=/usr/sbin/clamd --foreground=true (code=exited, status=1/FAILURE) Main PID: 768 (code=exited, status=1/FAILURE) Jan 23 23:03:17 server1 clamd[768]: LibClamAV Error: cli_ac_addpatt: Can't allocate memory for new->trans Jan 23 23:03:17 server1 clamd[768]: LibClamAV Error: cli_parse_add(): Problem adding signature (3). Jan 23 23:03:17 server1 clamd[768]: LibClamAV Error: Problem parsing database at line 9794 Jan 23 23:03:17 server1 clamd[768]: LibClamAV Error: Can't load daily.ldb: Can't allocate memory Jan 23 23:03:17 server1 clamd[768]: LibClamAV Error: cli_tgzload: Can't load daily.ldb Jan 23 23:03:17 server1 clamd[768]: LibClamAV Error: Can't load /var/lib/clamav/daily.cvd: Malformed database Jan 23 23:03:17 server1 clamd[768]: LibClamAV Error: cli_loaddbdir(): error loading database /var/lib/clamav/daily.cvd Jan 23 23:03:17 server1 clamd[768]: Sat Jan 23 23:03:17 2021 -> !Malformed database Jan 23 23:03:18 server1 systemd[1]: clamav-daemon.service: Main process exited, code=exited, status=1/FAILURE Jan 23 23:03:18 server1 systemd[1]: clamav-daemon.service: Failed with result 'exit-code'.
Cool, I have increased the memory and now that's running, Sending emails is working fine but still not receiving. ClamAV is now running Code: root@server1:~# service clamav-daemon status ● clamav-daemon.service - Clam AntiVirus userspace daemon Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; vendor preset: enabled) Drop-In: /etc/systemd/system/clamav-daemon.service.d └─extend.conf Active: active (running) since Sun 2021-01-24 12:16:43 UTC; 11min ago Docs: man:clamd(8) man:clamd.conf(5) https://www.clamav.net/documents/ Process: 757 ExecStartPre=/bin/mkdir /run/clamav (code=exited, status=0/SUCCESS) Process: 784 ExecStartPre=/bin/chown clamav /run/clamav (code=exited, status=0/SUCCESS) Main PID: 786 (clamd) Tasks: 2 (limit: 2347) Memory: 1.1G CGroup: /system.slice/clamav-daemon.service └─786 /usr/sbin/clamd --foreground=true Jan 24 12:17:33 server1 clamd[786]: Sun Jan 24 12:17:33 2021 -> Portable Executable support enabled. Jan 24 12:17:33 server1 clamd[786]: Sun Jan 24 12:17:33 2021 -> ELF support enabled. Jan 24 12:17:33 server1 clamd[786]: Sun Jan 24 12:17:33 2021 -> Mail files support enabled. Jan 24 12:17:33 server1 clamd[786]: Sun Jan 24 12:17:33 2021 -> OLE2 support enabled. Jan 24 12:17:33 server1 clamd[786]: Sun Jan 24 12:17:33 2021 -> PDF support enabled. Jan 24 12:17:33 server1 clamd[786]: Sun Jan 24 12:17:33 2021 -> SWF support enabled. Jan 24 12:17:33 server1 clamd[786]: Sun Jan 24 12:17:33 2021 -> HTML support enabled. Jan 24 12:17:33 server1 clamd[786]: Sun Jan 24 12:17:33 2021 -> XMLDOCS support enabled. Jan 24 12:17:33 server1 clamd[786]: Sun Jan 24 12:17:33 2021 -> HWP3 support enabled. Jan 24 12:17:33 server1 clamd[786]: Sun Jan 24 12:17:33 2021 -> Self checking every 3600 seconds. The Mail Warning log is showing the below Code: an 24 12:16:49 server1 postfix/postfix-script[1260]: warning: symlink leaves directory: /etc/postfix/./makedefs.out Jan 24 12:16:49 server1 postfix/postfix-script[1263]: warning: symlink leaves directory: /etc/postfix/./smtpd.key Jan 24 12:16:49 server1 postfix/postfix-script[1266]: warning: symlink leaves directory: /etc/postfix/./smtpd.cert Jan 24 12:17:04 server1 postfix/smtpd[1358]: warning: hostname ip242.tervelnet.com does not resolve to address 87.246.7.242: Name or service not known Jan 24 12:17:08 server1 postfix/smtpd[1358]: warning: unknown[87.246.7.242]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 24 12:17:50 server1 postfix/smtpd[1358]: warning: hostname ip242.tervelnet.com does not resolve to address 87.246.7.242: Name or service not known Jan 24 12:17:57 server1 postfix/smtpd[1358]: warning: unknown[87.246.7.242]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 24 12:18:36 server1 postfix/smtpd[1358]: warning: hostname ip242.tervelnet.com does not resolve to address 87.246.7.242: Name or service not known Jan 24 12:18:40 server1 postfix/smtpd[1358]: warning: unknown[87.246.7.242]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 24 12:18:48 server1 postfix/trivial-rewrite[1536]: warning: do not list domain simplesupport.tk in BOTH virtual_mailbox_domains and relay_domains Jan 24 12:18:48 server1 postfix/trivial-rewrite[1536]: warning: do not list domain simplesupport.tk in BOTH virtual_mailbox_domains and relay_domains Jan 24 12:18:49 server1 postfix/trivial-rewrite[1536]: warning: do not list domain simplesupport.tk in BOTH virtual_mailbox_domains and relay_domains Jan 24 12:19:01 server1 postfix/smtpd[1358]: warning: hostname net6-ip226.linkbg.com does not resolve to address 87.246.7.226: Name or service not known Jan 24 12:19:08 server1 postfix/smtpd[1358]: warning: unknown[87.246.7.226]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 24 12:19:19 server1 postfix/trivial-rewrite[1536]: warning: do not list domain simplesupport.tk in BOTH virtual_mailbox_domains and relay_domains Jan 24 12:19:20 server1 postfix/trivial-rewrite[1536]: warning: do not list domain simplesupport.tk in BOTH virtual_mailbox_domains and relay_domains Jan 24 12:19:47 server1 postfix/smtpd[1358]: warning: hostname net6-ip226.linkbg.com does not resolve to address 87.246.7.226: Name or service not known Jan 24 12:19:53 server1 postfix/smtpd[1358]: warning: unknown[87.246.7.226]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 24 12:20:33 server1 postfix/smtpd[1578]: warning: hostname net6-ip226.linkbg.com does not resolve to address 87.246.7.226: Name or service not known Jan 24 12:20:40 server1 postfix/smtpd[1578]: warning: unknown[87.246.7.226]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 And the Mail log is showing Code: Jan 24 12:28:02 server1 postfix/smtpd[1578]: connect from localhost[::1] Jan 24 12:28:02 server1 postfix/smtpd[1578]: lost connection after CONNECT from localhost[::1] Jan 24 12:28:02 server1 postfix/smtpd[1578]: disconnect from localhost[::1] commands=0/0 Jan 24 12:28:02 server1 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, secured, session=<xEFzjaS5ooUAAAAAAAAAAAAAAAAAAAAB> Jan 24 12:28:02 server1 dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, secured, session=<A1NzjaS5MNUAAAAAAAAAAAAAAAAAAAAB> Jan 24 12:28:50 server1 dovecot: imap-login: Login: user=<[email protected]>, method=PLAIN, rip=::1, lip=::1, mpid=2136, secured, session=<bYRWkKS5NNUAAAAAAAAAAAAAAAAAAAAB> Jan 24 12:28:50 server1 dovecot: imap([email protected])<2136><bYRWkKS5NNUAAAAAAAAAAAAAAAAAAAAB>: Logged out in=50 out=564 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0 Jan 24 12:29:02 server1 postfix/smtpd[1578]: connect from localhost[::1] Jan 24 12:29:02 server1 postfix/smtpd[1578]: lost connection after CONNECT from localhost[::1] Jan 24 12:29:02 server1 postfix/smtpd[1578]: disconnect from localhost[::1] commands=0/0 Jan 24 12:29:02 server1 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, secured, session=<YaEHkaS5sIUAAAAAAAAAAAAAAAAAAAAB> Jan 24 12:29:02 server1 dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, secured, session=<yTQIkaS5PtUAAAAAAAAAAAAAAAAAAAAB> Jan 24 12:29:14 server1 postfix/smtpd[1578]: warning: hostname ip242.tervelnet.com does not resolve to address 87.246.7.242: Name or service not known Jan 24 12:29:14 server1 postfix/smtpd[1578]: connect from unknown[87.246.7.242] Jan 24 12:29:19 server1 postfix/smtpd[1578]: warning: unknown[87.246.7.242]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jan 24 12:29:19 server1 postfix/smtpd[1578]: disconnect from unknown[87.246.7.242] ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4 Jan 24 12:29:50 server1 dovecot: imap-login: Login: user=<[email protected]>, method=PLAIN, rip=::1, lip=::1, mpid=2158, secured, session=<Kjbqk6S5QtUAAAAAAAAAAAAAAAAAAAAB> Jan 24 12:29:50 server1 dovecot: imap([email protected])<2158><Kjbqk6S5QtUAAAAAAAAAAAAAAAAAAAAB>: Logged out in=50 out=564 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0 Jan 24 12:30:00 server1 postfix/smtpd[1578]: warning: hostname ip242.tervelnet.com does not resolve to address 87.246.7.242: Name or service not known Jan 24 12:30:00 server1 postfix/smtpd[1578]: connect from unknown[87.246.7.242] Jan 24 12:30:02 server1 dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, secured, session=<EoCalKS5voUAAAAAAAAAAAAAAAAAAAAB> Jan 24 12:30:02 server1 dovecot: imap-login: Disconnected (disconnected before auth was ready, waited 0 secs): user=<>, rip=::1, lip=::1, secured, session=<pnqalKS5TNUAAAAAAAAAAAAAAAAAAAAB> Jan 24 12:30:02 server1 postfix/smtpd[2179]: connect from localhost[::1] Jan 24 12:30:02 server1 postfix/smtpd[2179]: lost connection after CONNECT from localhost[::1] Jan 24 12:30:02 server1 postfix/smtpd[2179]: disconnect from localhost[::1] commands=0/0
Seems as if you added simplesupport.tk in ispconfig under email routing and under email domains, a domain can not be listed in both places as the same domain can not be local and remote at the same time. If you want to have mailboxes for this domain on the server, then remove it under email routing.
