Изпечатай

[popkaro]

Здравейте, след portupgrade, ми се ъпдейтваха  
Clamav-а до версия 090 и Spamassassin-а до версия 3.1.8, след което мейл сървърът ми спря да получава входяща поща извън домейна. Навремето имах подобни  проблеми след portupgrade, но ги лекувах с промяна на правата на директории:
chown -R qscand:qscand /var/log/clamav
chown -R qscand:qscand /var/run/clamav/
chown qscand:qscand /var/db/clamav/
 но в случая не помага. В мейллога грешката е:

clamdscan: corrupt or unknown clamd scanner error or memory/resource/perms problem - exit status 512/2

Cron Daemon казва:

ERROR: Parse error at line 3: Option AllowSupplementaryGroups requires boolean argument.
ERROR: Parse error at line 43: Option LogSyslog requires boolean argument.
ERROR: Can't parse the config file /usr/local/etc/clamd.conf

Някой имал ли е подобен проблем и може ли да ми даде акъл, как да си оправя пощата?

Благодаря предварително!

[neter]

Проблемът е точно в правата, но точно къде... Провери си правата из папките и виж някъде ще намериш ли проблем! Ако правата на някоя папка те съмняват дали трябва да са така, кажи ги и ще ти кажа какви трябва да са! Твърде много папки са, за да ти ги изредя. На първо време пусни clamav с root права, като в /usr/local/etc/clamd.conf промениш стойността на User и рестартираш clamav! Така проблема трябва да изчезне. Не е хубаво да действа като root, така че търси къде правата са се омазали! Дай все пак да ти видим съдържанието на /usr/local/etc/clamd.conf и /var/qmail/bin/qmail-scanner-queue.pl (предполагам, че там си го сложил; скрий конфиденциалната информация)!

[popkaro]

Пуснах Clamav с root, но отново без успех.
По-интересното от qmail-scanner-queue.pl е:

#From: line  information used when making reports
my $V_FROM='root';
my $V_FROMNAME='System Anti-Virus Administrator';

# Address carbon-copied on any virus reports
my $QUARANTINE_CC='root';

# Address to where spams are redirected
my $SPAMSADMIN='spam@my.domain.com';

# Suffix to alter recipients with (when spam detected)
my $SPAMSSUFFIX='***SPAM***';

#Array of local domains that are checked against for
#deciding whether or not to send recipient alerts to
my @local_domains_array=('mail.mydomain.com''>;

# Array of virus that we don't want to inform the sender of.
my @silent_viruses_array=('klez','bugbear','hybris','yaha','braid','nimda','tanatos','sobig','winevar','palyh','fizzer','gibe'


#Array of virus scanners used must point to subroutines
my @scanner_array=("clamdscan_scanner","spamassassin");

#Addresses that should be alerted of any quarantined Email
my $NOTIFY_ADDRS='precips';

#Try to fix bad MIME messages before passing to MIME unpacker
my $BAD_MIME_CHECKS='2';

#Block password protected zip files
my $BLOCK_PASSWORD_PROTECTED_ARCHIVES='1';

____

clamd.conf представлява:

#LogFileMaxSize 2M

# Log time with each message.
# Default: disabled
#LogTime

# Also log clean files. Useful in debugging but drastically increases the
# log size.
# Default: disabled
#LogClean

# Use system logger (can work together with LogFile).
# Default: disabled
LogSyslog

# Specify the type of syslog messages - please refer to 'man syslog'
# for facility names.
# Default: LOG_LOCAL6
#LogFacility LOG_MAIL

# Enable verbose logging.
# Default: disabled
#LogVerbose

# This option allows you to save a process identifier of the listening
# daemon (main thread).
# Default: disabled
PidFile /var/run/clamav/clamd.pid

# Optional path to the global temporary directory.
# Default: system specific (usually /tmp or /var/tmp).
#TemporaryDirectory /var/tmp
DatabaseDirectory /var/db/clamav
LocalSocket /var/run/clamav/clamd
FixStaleSocket
# Maximum length the queue of pending connections may grow to.
# Default: 15
#MaxConnectionQueueLength 30

# Clamd uses FTP-like protocol to receive data from remote clients.
# If you are using clamav-milter to balance load between remote clamd daemons
# on firewall servers you may need to tune the options below.

# Close the connection when the data size limit is exceeded.
# The value should match your MTA's limit for a maximal attachment size.
# Default: 10M
#StreamMaxLength 20M

# Limit port range.
# Default: 1024
#StreamMinPort 30000
# Default: 2048
#StreamMaxPort 32000

# Maximal number of threads running at the same time.
# Default: 10
#MaxThreads 20

# Waiting for data from a client socket will timeout after this time (seconds).
# Value of 0 disables the timeout.
# Default: 120
#ReadTimeout 300

# Waiting for a new job will timeout after this time (seconds).
# Default: 30
#IdleTimeout 60

# Maximal depth directories are scanned at.
# Default: 15

#MaxDirectoryRecursion 20

# Follow directory symlinks.
# Default: disabled
#FollowDirectorySymlinks

# Follow regular file symlinks.
# Default: disabled
#FollowFileSymlinks

# Perform internal sanity check (database integrity and freshness).
# Default: 1800 (30 min)
#SelfCheck 600

# Execute a command when virus is found. In the command string %v will
# be replaced by a virus name.
# Default: disabled
#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"

# Run as a selected user (clamd must be started by root).
# Default: disabled
User root

# Initialize supplementary group access (clamd must be started by root).
# Default: disabled
#AllowSupplementaryGroups qscand

# Stop daemon when libclamav reports out of memory condition.
#ExitOnOOM

# Don't fork into background.
# Default: disabled
#Foreground

# Enable debug messages in libclamav.
# Default: disabled
#Debug

# Do not remove temporary files (for debug purposes).
# Default: disabled
#LeaveTemporaryFiles


# By default clamd uses scan options recommended by libclamav. This option
# disables recommended options and allows you to enable selected ones below.
# DO NOT TOUCH IT unless you know what you are doing.
# Default: disabled
#DisableDefaultScanOptions

##
## Executable files
##

# PE stands for Portable Executable - it's an executable file format used
# in all 32-bit versions of Windows operating systems. This option allows
# ClamAV to perform a deeper analysis of executable files and it's also
# required for decompression of popular executable packers such as UPX, FSG,
# and Petite.
# Default: enabled
#ScanPE

# With this option clamav will try to detect broken executables and mark
# them as Broken.Executable
# Default: disabled
#DetectBrokenExecutables
# Enable internal e-mail scanner.
# Default: enabled
ScanMail

# If an email contains URLs ClamAV can download and scan them.
# WARNING: This option may open your system to a DoS attack.
#          Never use it on loaded servers.
# Default: disabled
#MailFollowURLs


##
## HTML
##

# Perform HTML normalisation and decryption of MS Script Encoder code.
# Default: enabled
#ScanHTML


##
## Archives
##

# ClamAV can scan within archives and compressed files.
# Default: enabled
#ScanArchive


# Due to license issues libclamav does not support RAR 3.0 archives (only the
# old 2.0 format is supported). Because some users report stability problems
# with unrarlib it's disabled by default and you must uncomment the directive
# below to enable RAR 2.0 support.
# Default: disabled
#ScanRAR

[Dimzu]

в clamav 0.90 са сменили синтаксиса на conf-файловете

Например:

ScanMail
от старият clamd.conf трябва да стане

ScanMail Yes

[Nik123]

Ще си позволя да се намеся- май нещо за позацапали новата версия clamav, че и фонтенда klamav- на мен при опит за упдейт през klamav ми дава следното:
ERROR: Parse error at line 3: Option Foreground requires boolean argument.
ERROR: Can't parse the config file /home/nik/tmp/kde-nik/klamavHIfK0a.tmp

Такъв файл - klamavHIfK0a.tmp - изобщо нямам никъде на компютъра. Системата ми е мандрива линукс, но като гледам човека, пуснал темата, проблема му с антивирусната е същия и в БСД-то. конф файловете на clamav са си с yes/no , а не по стария начин- играх си да ги редактирам, не стана, затрих антивирусната нацяло и сложих новата версия на чисто, пак редактирах конф файловете и пак нищо. И в гугъла намерих подобен проблем, но никой не беше писал, освен човека, който е с проблема