Date: Mon, 25 Jan 2021 23:28:17 -0500 From: David Banning <david@skytracker.ca> To: Doug Hardie <bc979@lafn.org>, questions@freebsd.org Subject: Re: clamd appears to hanging Message-ID: <49ee8426-64f1-c081-8a98-a3c3e322937a@skytracker.ca> In-Reply-To: <e8efbd0d-e1ce-e7e9-4861-effb20f73a1f@skytracker.ca> References: <20210124160938.GA82891@skytracker.ca> <C9B5E339-B4C7-46FD-8585-724BFC4BBF6D@sermon-archive.info> <485b6c93-6729-becd-5e01-262299327e1c@daveyelectric.ca> <f7fe27a1-acba-8216-5dac-d34620c3f287@skytracker.ca> <E906CE26-AE7D-46EA-92F4-96ED688180C9@sermon-archive.info> <e8efbd0d-e1ce-e7e9-4861-effb20f73a1f@skytracker.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Well that was it. It looks like changing a setting in /usr/local/etc/clamav-milter.conf did the trick. Thanks for your help. Pardon me for top posting - it that still out of style on this board? On 2021-01-25 11:18 p.m., David Banning wrote: > Well - that was something - it looks like the Avast running on my > Windows laptop alters the header of each email for viewing just on my > laptop. When I look at the headers of each email from the shell using > Mutt there are no modified headers. But it -does- appears they are > being scanned for viruses - here is a clip the log from > /var/log/clamav/clamd.log > > <snip> > Mon Jan 25 13:04:21 2021 -> fd[10]: OK > Mon Jan 25 13:14:20 2021 -> SelfCheck: Database status OK. > Mon Jan 25 13:23:15 2021 -> fd[10]: Win.Test.EICAR_HDB-1 FOUND > Mon Jan 25 13:24:37 2021 -> SelfCheck: Database status OK. > Mon Jan 25 13:27:19 2021 -> fd[11]: Win.Test.EICAR_HDB-1 FOUND > Mon Jan 25 13:34:37 2021 -> SelfCheck: Database status OK. > Mon Jan 25 13:44:46 2021 -> SelfCheck: Database status OK. > Mon Jan 25 13:44:46 2021 -> fd[10]: OK > Mon Jan 25 13:48:05 2021 -> fd[10]: OK > Mon Jan 25 13:55:11 2021 -> SelfCheck: Database status OK. > Mon Jan 25 13:55:12 2021 -> fd[10]: OK > Mon Jan 25 13:57:40 2021 -> fd[10]: OK > Mon Jan 25 14:00:22 2021 -> fd[10]: OK > Mon Jan 25 14:01:10 2021 -> fd[10]: OK > Mon Jan 25 14:03:24 2021 -> fd[10]: OK > Mon Jan 25 14:04:15 2021 -> fd[10]: OK > Mon Jan 25 14:05:09 2021 -> fd[10]: OK > Mon Jan 25 14:06:15 2021 -> SelfCheck: Database status OK. > Mon Jan 25 14:06:15 2021 -> fd[10]: OK > <snip> > > It shows the two emails I tried sending with the Eicar fake virus. > And /var/maillog shows simply; > > Jan 25 13:27:19 3s1 sm-mta[82154]: 10PIRI8l082154: milter=clmilter, > quarantine=quarantined by clamav-milter > > So it appears to scanning for the viruses - I will look to see if > there are any setting in the configuration files that might add the > headers. > > > On 2021-01-25 9:19 p.m., Doug Hardie wrote: >> Clamav headers look like: >> >> X-Virus-Scanned: clamav-milter 0.103.0 at mail >> >> I don't think those are from clamav. Are you also using Avast? >> >> -- Doug >> >>> On 25 January 2021, at 17:50, David Banning <david@skytracker.ca >>> <mailto:david@skytracker.ca>> wrote: >>> >>> Turns out all is good - I see there is a header now in each email; >>> >>> X-Antivirus: Avast (VPS 210125-8, 2021-01-25), Inbound message >>> X-Antivirus-Status: Clean >>> >>> which I am assuming is from Clamav. >>> On 2021-01-25 2:00 p.m., David Banning wrote: >>>> thanks for that - it turns out that when I waited, spamd -does- >>>> eventually start - I think it took 45 minutes - knowing that it was >>>> operating was only from sending the eicar virus to myself - it >>>> shows that it caught it in the maillog, but no email cleaned >>>> version of the email arrived, and there is no header in clean >>>> emails to show they have been checked - but it works. That's the >>>> good news. It would be helpful to have -something- that tells me >>>> that it is operating - even an occasional clean scan note in >>>> maillog would be great. >>>> >>>> I'll keep an eye to see if it continues to take a long time to >>>> start at boot time - I may have to have it -not- start at boot, and >>>> start it manually. >>>> >>>> >>>> On 2021-01-25 5:00 a.m., Doug Hardie wrote: >>>>>> On 24 January 2021, at 08:09, David Banning >>>>>> <david+dated+1611936580.6d1518@skytracker.ca> wrote: >>>>>> >>>>>> I just installed clamd on an older version of Freebsd. Freshclam >>>>>> appears to be working fine, but clamd seems to hang, which >>>>>> prevents my server from booting. >>>>>> I don't see anything in the log; >>>>>> >>>>>> >>>>>> Any pointers towards getting this up and running would be helpful. >>>>>> The Freebsd version and Clamd version are noted at the beginning >>>>>> of the log. >>>>> Clamd may be waiting on freshclam. However, it still takes clamd >>>>> "forever" to load the virus database. You have 2 options: >>>>> >>>>> 1. If you connect to the machine via ssh, then edit >>>>> /etc/rc.d/sshd and add FILESYSTEMS to the REQUIRE line. That will >>>>> cause sshd to become active before clamd tries to start up. You >>>>> will be able to poke around and see what is going on. >>>>> >>>>> 2. If you use a directly connected terminal, then disable clamd >>>>> and freshclam in /etc/rc.d. Boot up and then start them up >>>>> manually. You do need to run freshclam first though. >>>>> >>>>> In any case, be prepared to wait a long time for clamd to start. >>>>> >>>>> -- Doug >>>>> >>>>> >>>>> _______________________________________________ >>>>> freebsd-questions@freebsd.org mailing list >>>>> https://lists.freebsd.org/mailman/listinfo/freebsd-questions >>>>> To unsubscribe, send any mail to >>>>> "freebsd-questions-unsubscribe@freebsd.org" >>>>> >>>> >> > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?49ee8426-64f1-c081-8a98-a3c3e322937a>