Hi,
I made yesterday following:
Delete all fils in /var/spool/qpsmtpd over MC
Create the user Maillog again.
Create fetchmail to our server and start the service.
In the beginning everything looked good. Message has been scanned and then deleted.
Fetchmail was ever 15 minutes to check.
This morning the following:
Webmail tell me 23829 Emails.
In /var/spool/qpsmtpd => 22868 files !!!
But!
fetchmail[25935]: 23842 Nachrichten (23837 gesehene) für
Different from 5 mails.
When I look in my thunderbird - 23842 is correct - but ONE Email is unread!
This email is ~70 MB big - only 13 jpg-files.
I look in Webmail from SME -Server and search this email - he don't download it.
But fetchmail download other emails with big attachment. - see picture.
I found something interesting:
@40000000575040f10516835c --- Stopped at Thu Jun 2 16:21:27 2016
@40000000575040f105168744 Closing the main socket.
@40000000575040f105172384 Socket file removed.
@40000000575040f936a94b34 Limits: Global size limit set to 104857600 bytes.
@40000000575040f936a94f1c Limits: File size limit set to 15728640 bytes.
@40000000575040f936a95304 Limits: Recursion level limit set to 8.
@40000000575040f936a95304 Limits: Files limit set to 1500.
@40000000575040f936a95304 Limits: Core-dump limit is 0.
@40000000575040f936a956ec Limits: MaxEmbeddedPE limit set to 10485760 bytes.
@40000000575040f936a956ec Limits: MaxHTMLNormalize limit set to 10485760 bytes.
@40000000575040f936a956ec Limits: MaxHTMLNoTags limit set to 2097152 bytes.
@40000000575040f936a9b894 Limits: MaxScriptNormalize limit set to 5242880 bytes.
@40000000575040f936a9bc7c Limits: MaxZipTypeRcg limit set to 1048576 bytes.
@40000000575040f936a9bc7c Limits: MaxPartitions limit set to 50.
@40000000575040f936a9bc7c Limits: MaxIconsPE limit set to 100.
@40000000575040f936a9c064 Limits: MaxRecHWP3 limit set to 16.
@40000000575040f936a9c064 Limits: PCREMatchLimit limit set to 10000.
@40000000575040f936a9dbbc Limits: PCRERecMatchLimit limit set to 5000.
@40000000575040f936a9dfa4 Limits: PCREMaxFileSize limit set to 26214400.
@40000000575040f936a9dfa4 Archive support enabled.
@40000000575040f936a9dfa4 Algorithmic detection enabled.
@40000000575040f936a9dfa4 Portable Executable support enabled.
@40000000575040f936a9e38c ELF support enabled.
@40000000575040f936a9e38c Mail files support enabled.
@40000000575040f936a9e38c OLE2 support enabled.
@40000000575040f936a9e38c PDF support enabled.
@40000000575040f936a9e774 SWF support enabled.
@40000000575040f936a9f32c HTML support enabled.
@40000000575040f936a9f32c XMLDOCS support enabled.
@40000000575040f936a9f32c HWP3 support enabled.
@40000000575040f936a9f714 Heuristic: precedence enabled
@40000000575040f936aa06b4 Self checking every 1800 seconds.
@40000000575040f936aa0a9c Listening daemon: PID: 12125
@40000000575040f936aa0a9c MaxQueue set to: 100
@400000005750433925128ffc Reading databases from /var/clamav
@40000000575043421b1c0e4c Database correctly reloaded (4431156 signatures)
@4000000057504a4a1849eb1c SelfCheck: Database status OK.
@400000005750515203c2f1ac SelfCheck: Database status OK.
@4000000057505866138a20ec SelfCheck: Database status OK.
@4000000057505b181f682b34 /var/spool/qpsmtpd/1464883982:8587:10560: Win.Trojan.Agent-1349043 FOUND
@4000000057505df32dd7ec7c /var/spool/qpsmtpd/1464884713:8587:11841: Heuristics.Phishing.Email.SpoofedDomain FOUND
@4000000057505f8608c840bc SelfCheck: Database status OK.
@4000000057505fbd1f2e0864 LibClamAV Warning: cli_tnef: file truncated, returning CLEAN
@400000005750662f016619d4 /var/spool/qpsmtpd/1464886820:8587:14587: Win.Trojan.Agent-1335858 FOUND
@40000000575066960a9f5a4c SelfCheck: Database status OK.
@4000000057506dbc125a5764 SelfCheck: Database status OK.
@4000000057506eee0cbd6404 LibClamAV Warning: Bytecode run timed out in interpreter after 322730000 opcodes
@4000000057506eee0cbd67ec LibClamAV Warning: Bytcode 47 failed to run: Time limit reached
@4000000057507508007a5274 SelfCheck: Database status OK.
@4000000057507b812c774ef4 Reading databases from /var/clamav
@4000000057507b8a1b79e9a4 Database correctly reloaded (4432344 signatures)
@4000000057508293190b56bc SelfCheck: Database status OK.
@4000000057508c1927871654 SelfCheck: Database status OK.
@40000000575093212ded5cc4 SelfCheck: Database status OK.
@4000000057509a2933e78b54 SelfCheck: Database status OK.
@400000005750a1313a01f7cc SelfCheck: Database status OK.
@400000005750ac6d11fc5ccc SelfCheck: Database status OK.
@400000005750b6f905a00294 SelfCheck: Database status OK.
@400000005750be0109b150cc SelfCheck: Database status OK.
@400000005750c5090fc7063c SelfCheck: Database status OK.
@400000005750cc11163a1234 SelfCheck: Database status OK.
@400000005750d3191c50582c SelfCheck: Database status OK.
@400000005750da21226c7a24 SelfCheck: Database status OK.
@400000005750e129286a2f0c SelfCheck: Database status OK.
@400000005750e8312e83b8f4 SelfCheck: Database status OK.
@400000005750ef39347e29ec SelfCheck: Database status OK.
@400000005750f6413a955274 SelfCheck: Database status OK.
@4000000057510059336641ac SelfCheck: Database modification detected. Forcing reload.
@400000005751005a117de5cc Reading databases from /var/clamav
@40000000575100630f27d06c Database correctly reloaded (4439155 signatures)
@40000000575100632bc7bda4 Reading databases from /var/clamav
@400000005751006c289c08c4 Database correctly reloaded (4439155 signatures)
@40000000575107d501db4204 SelfCheck: Database status OK.
@4000000057510edd07e435d4 SelfCheck: Database status OK.
@40000000575115e50ebd087c SelfCheck: Database status OK.
@4000000057511c873a5d98d4 Reading databases from /var/clamav
@4000000057511c903722112c Database correctly reloaded (4440649 signatures)
@40000000575123f618212984 SelfCheck: Database status OK.
The first file in /var/spool/qpsmtpd is from 2. Jun 16.34
^^
I think is a bug