From pramod at mindspring.co.za Tue Feb 4 06:25:13 2020 From: pramod at mindspring.co.za (Pramod Daya) Date: Tue, 4 Feb 2020 06:25:13 +0000 Subject: Clamd daemon not detected when running as a service. Message-ID: Hi Folks, Clamd (101.4-1) running as a service does not get detected by MailScanner (5.0.3-7) After starting the service (on Centos 7) It takes quite a long time for clamd to become operational (up to a couple of minutes) before you can connect to the socket (I have it configured on port 3310). If I then restart MailScanner, then clamd is not detected, and Mailscanner uses clamav, which of course overloads the server. If I start clamd from the command line, then Mailscanner detects clamd, and all is well. Any/all advice would be very welcome. I know that the config file is being read, because I change other parameters, like enabling debugging, and it gets interpreted. Thank you, ___________________________________________________ Pramod Daya (CEO) M.Sc. Computer Science (U. of Oregon) Unit 5, Melomed Office Park Punters Way, Kenilworth Cape Town, South Africa 7708 www.mindspring.co.za [cid:image001.png at 01D5DB33.A453D470] Work: +27 21 657 1780 Fax: +27 21 671 7599 Cell: +27 83 675 0367 pramod at mindspring.co.za -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 5989 bytes Desc: image001.png URL: From it at festa.bg Tue Feb 4 11:34:56 2020 From: it at festa.bg (Valentin Laskov) Date: Tue, 4 Feb 2020 13:34:56 +0200 Subject: Clamd daemon not detected when running as a service. In-Reply-To: References: Message-ID: <43385652-3f46-298a-bf79-c8df1de83b0f@festa.bg> Hello, in /etc/systemd/system/clamd at .service add "TimeoutStartSec=360" like below if 360 seconds are anough for clamd to load signatures and open sockets at startup [Service] Type = forking ExecStart = /usr/sbin/clamd -c /etc/clamd.d/%i.conf TimeoutStartSec=360 Restart = on-failure ?? 04.02.2020 ? 08:25, Pramod Daya via MailScanner ??????: > > Hi Folks, > > Clamd (101.4-1) ?running as a service does not get detected by > MailScanner (5.0.3-7)? ?After starting the service (on Centos 7) It > takes quite a long time for clamd to become operational (up to a > couple of minutes) ?before you can connect to the socket (I have it > configured on port 3310). > > If I then restart MailScanner, then clamd is not detected, and > Mailscanner uses clamav, which of course overloads the server.?? If I > start clamd from the command line, then Mailscanner detects clamd, and > all is well. > > Any/all advice would be very welcome.? I know that the config file is > being read, because I change other parameters, like enabling > debugging, and it gets interpreted. > > Thank you, > > > -- ????????! ???????? ?????? ???????? ????????????? "????? ???????" ?? ???. "??. ?????????" 48 9000 ??. ????? ???.: +359 52 669137 GSM: +359 888 669137 Fax: +359 52 669110 -------------- next part -------------- An HTML attachment was scrubbed... URL: From pramod at mindspring.co.za Wed Feb 5 16:34:20 2020 From: pramod at mindspring.co.za (Pramod Daya) Date: Wed, 5 Feb 2020 16:34:20 +0000 Subject: Clamd daemon not detected when running as a service. In-Reply-To: <43385652-3f46-298a-bf79-c8df1de83b0f@festa.bg> References: <43385652-3f46-298a-bf79-c8df1de83b0f@festa.bg> Message-ID: Thanks ? I tried that, and confirmed that I can connect to the port 3310 on all local IP address (localhost and public IP, just in case:) However, MailScanner just cannot see that clamd daemon when it?s started as a service : Feb 5 18:22:55 mailgate5 MailScanner[24404]: MailScanner Email Processor version 5.0.3 starting... Feb 5 18:22:55 mailgate5 MailScanner[24404]: Reading configuration file /etc/MailScanner/MailScanner.conf Feb 5 18:22:55 mailgate5 MailScanner[24404]: Reading configuration file /etc/MailScanner/conf.d/README Feb 5 18:22:55 mailgate5 MailScanner[24404]: Read 1714 hostnames from the phishing whitelist Feb 5 18:22:55 mailgate5 MailScanner[24404]: Read 4686 hostnames from the phishing blacklists Feb 5 18:22:55 mailgate5 MailScanner[24404]: Using SpamAssassin results cache Feb 5 18:22:55 mailgate5 MailScanner[24404]: Connected to SpamAssassin cache database Feb 5 18:22:57 mailgate5 MailScanner[24404]: Auto: Found virus scanners: sophos clamav Feb 5 18:22:57 mailgate5 MailScanner[24404]: Connected to Processing Attempts Database Feb 5 18:22:57 mailgate5 MailScanner[24404]: Found 1 messages in the Processing Attempts Database Feb 5 18:22:57 mailgate5 MailScanner[24404]: Using locktype = flock ___________________________________________________ Pramod Daya (CEO) M.Sc. Computer Science (U. of Oregon) Unit 5, Melomed Office Park Punters Way, Kenilworth Cape Town, South Africa 7708 www.mindspring.co.za [cid:image003.png at 01D5DC4D.D42ED850] Work: +27 21 657 1780 Fax: +27 21 671 7599 Cell: +27 83 675 0367 pramod at mindspring.co.za From: MailScanner On Behalf Of Valentin Laskov Sent: Tuesday, 04 February 2020 13:35 To: mailscanner at lists.mailscanner.info Subject: Re: Clamd daemon not detected when running as a service. Hello, in /etc/systemd/system/clamd at .service add "TimeoutStartSec=360" like below if 360 seconds are anough for clamd to load signatures and open sockets at startup [Service] Type = forking ExecStart = /usr/sbin/clamd -c /etc/clamd.d/%i.conf TimeoutStartSec=360 Restart = on-failure ?? 04.02.2020 ? 08:25, Pramod Daya via MailScanner ??????: Hi Folks, Clamd (101.4-1) running as a service does not get detected by MailScanner (5.0.3-7) After starting the service (on Centos 7) It takes quite a long time for clamd to become operational (up to a couple of minutes) before you can connect to the socket (I have it configured on port 3310). If I then restart MailScanner, then clamd is not detected, and Mailscanner uses clamav, which of course overloads the server. If I start clamd from the command line, then Mailscanner detects clamd, and all is well. Any/all advice would be very welcome. I know that the config file is being read, because I change other parameters, like enabling debugging, and it gets interpreted. Thank you, -- ????????! ???????? ?????? ???????? ????????????? "????? ???????" ?? ???. "??. ?????????" 48 9000 ??. ????? ???.: +359 52 669137 GSM: +359 888 669137 Fax: +359 52 669110 -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.png Type: image/png Size: 5989 bytes Desc: image003.png URL: From hs at schlittermann.de Tue Feb 11 19:30:26 2020 From: hs at schlittermann.de (Heiko Schlittermann) Date: Tue, 11 Feb 2020 20:30:26 +0100 Subject: Integration of MailScanner and Exim / a new approach using Exim's multiple queues Message-ID: <20200211193026.GF2253@jumper.schlittermann.de> The legacy approach requires two distinct configurations and two independently running daemons. https://www.mailscanner.info/exim/ Downsides are: - Exim's utilities do not cooperate well (exiwhat, exipick, exigrep) - System startup configuration is not straight forward I created a new setup and promised to supply a short description. See also: https://github.com/Exim/exim/wiki/Integration-with-MailScanner#mailscanner-and-exim-with-multiple-queues This is *not* exactly what I implemented for a customer, so it needs to be tested. ------------------ MailScanner and Exim with multiple queues ========================================= Author: Heiko Schlittermann Date: 2019-10-XX Abstract -------- Newer (since 4.92 I believe) Exim MTA are able to process messages on multiple queues. This gives us a new approach for MailScanner integration. Message flow in a two-queue Exim setup with MailScanner ------------------------------------------------------- - Excactly one Exim daemon is running (exim -bd -q3m) - Messages are accepted via SMTP on port 25 - Incoming messages are placed in the queue named "mailscanner" (and logged as Q=mailscanner in the common mainlog) - MailScanner picks the messages and moves them to the default queue if done SMTP> :25 ---> [ Exim Listener (-bd) ] | v Queue "mailscanner" ($spool_dir/mailscanner/input) via MAIL ACL | | v [ MailScanner ] | | | v Queue "default" ($spool_dir/input) | v [ Exim Queuerunner (-q3m) ] | | v Exim setup ---------- We use Exim's "named queues" feature and start Exim in "combined" mode (one daemon as listener, forking queue runners from time to time). Tools: - Exim now understands a -qG command line option for queue operations - Exipick now understands --queue command line option (since 4.93+fixes) ,---[ exim4.conf ]-------------------- | CONFDIR = /etc/exim4 | | # Use the MAIL ACL to place incoming messages into a non-default queue | acl_smtp_mail = acl_check_mail | | begin acl | | acl_check_mail: | | ? | | # When accepting the message, we deliver it to the "mailscanner" queue (not "input"!) | accept queue = mailscanner | control = queue_only : : MailScanner setup ----------------- ,---[ Mailscanner.conf ]---------------------------- | # Main configuration file for the MailScanner E-Mail Virus Scanner | ? | Incoming Queue Dir = /var/spool/exim4/mailscanner/input | | # Set location of outgoing mail queue. | # This can also be the filename of a ruleset. | Outgoing Queue Dir = /var/spool/exim4/input -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: From hs at schlittermann.de Tue Feb 11 20:29:31 2020 From: hs at schlittermann.de (Heiko Schlittermann) Date: Tue, 11 Feb 2020 21:29:31 +0100 Subject: Integration of MailScanner and Exim / a new approach using Exim's multiple queues In-Reply-To: <20200211193026.GF2253@jumper.schlittermann.de> References: <20200211193026.GF2253@jumper.schlittermann.de> Message-ID: <20200211202931.GI2253@jumper.schlittermann.de> Heiko Schlittermann (Di 11 Feb 2020 20:30:26 CET): > This is *not* exactly what I implemented for a customer, so it needs to > be tested. I forgot to mention, that if anybody want's to try it, you may contact me for further help. Best regards from Dresden/Germany Viele Gr??e aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ - -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 488 bytes Desc: not available URL: