Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: qmail amavis problem
« previous next »
Pages: [1]   Go Down

qmail amavis problem

  • 3 Replies
  • 1455 Views

Offline mark

  • **
  • 34
  • +0/-0
    • http://webcoda.com
qmail amavis problem
« on: March 14, 2004, 11:41:27 PM »
Our sme 6 external firewall (forwards to our internal exchange box after virus scanning) appears to have thrown a fit yesterday and today I have 234 emails recieved in the last 24 hours all placed in the /var/spool/amavis-ng/problems directory in the *.msg format

A reboot started mail deliveries again but how do I resend these messages to the intended recipients?

any help appreciated

Mark
Logged

Guest

RE: qmail amavis problem
« Reply #1 on: March 15, 2004, 03:55:52 AM »
If an email has been quarantined or has failed for whatever reason, you will need to inject it back into the system. You need to bypass the virus scanner of course, so you will need to do the following:

Download and install the following rpm:

http://www.pagefault.org/download/rpms/RPMS/noarch/qmail-bsmtp-0.1-1.noarch.rpm

rpm -Uhv qmail-bsmtp-0.1-1.noarch.rpm

Now if you have a quarantined msg you want to resend, called /var/spool/amavis-ng/problem/3ee1dc05-6bc9.msg your would run the following command:

/usr/bin/amavis-inject /var/spool/amavis-ng/problem/3ee1dc05-6bc9.msg | /usr/bin/rsmtp

You can then delete the quarantined email and logfile:

rm -f /var/spool/amavis-ng/quarantine/3ee1dc05-6bc9.*


For further info refer to http://pagefault.org/howto/amavis_clam.shtml.

Cheers,
Geo.
Logged

Offline smeghead

  • *
  • 563
  • +0/-0
qmail amavis problem
« Reply #2 on: March 15, 2004, 06:47:12 PM »
.. of course it always pays to fix the problem rather than try to bypass its consequences :-)

If you inspect your /var/log/clamav/clamav.log file I will virtually guarantee you will find one or more lines in it complaining that is can't create the clamd.sock file cos it already exists.  This happens each time clam is invoked by amavis, it can't scan because of this, and errs on the conservative side and classifies each mail as problem email.

The fix is included in the newer version of clam and can be backported to recent earlier versions:

a) pico -w /etc/clamav.conf
b) find the section that talks about TCPIP port and after this section enter the following:

FixStaleSocket

This command causes clam to delete any extraneous clamd.sock files it finds when it loads.

This error can also be caused by a corrupt database file, so it may pay to look at your /var/log/antivir file (if you have one) an verify your updates have downloaded correctly and that clam is happy.

HTH
Logged
..................

Offline mark

  • **
  • 34
  • +0/-0
    • http://webcoda.com
thanks guys
« Reply #3 on: March 15, 2004, 09:26:29 PM »
Thank you very much guys for the input

I had to copy the messages from the problem directory to the quarantine directory (after cleaning it out first :) before I could reinject them into the queue but all seems good. - Many thanks for that

My amavis-ng log contained a whole lot of these ...
Mar 14 08:51:28 firewall amavis[18017]: AMAVIS::AV::CLAMD: Cannot connect to /var/lib/clamav/clamd.sock

which relate to the period it shat itself - however my amavis.conf already contained the following..

# Remove stale socket after unclean shutdown.
FixStaleSocket

# TCP port address.
#TCPSocket 3310
 
I had been trying to use amavis and spamassassin together so I have disabled spamassassin to see if it helps.

Thanks again for all the help
It is appreciated

Regards

Mark
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: qmail amavis problem