Koozali.org: home of the SME Server
Obsolete Releases => SME Server 8.x => Topic started by: jameswilson on August 05, 2014, 02:22:51 PM
-
Applied updates to a 32bit sme 8 today and email is not functioning.
When connecting with thunderbird i get the error message
An error occured while sending mail. The mail server responded: Message denied temporarily.
Please check the message and try again.
This is on the internal lan
Server is in server / gateway mode.
Also smtp is down as well as no external email is arriving.
I noticed the weekend that i was getting sme8 admin messages about 11 emails going out in the last 5 mins, but couldnt see anything in the logs to suggest where they were originating from.
What logs should i be looking at to get to the bottom of it please?
-
its on at siaholdings.com
I have tried telnetting into smtp (25) and it just says
'220 sme-big.siaholdings.com ESMTP'
-
what does the command 'dmesg' say about booting the relevant services ?
-
You should check SMTP logs
/var/log/qpsmtpd/current (for inbound email, and clients without auth or using TLS)
/var/log/sqpsmtpd/current (for client using SSL)
-
ty daniel.
ive been looking at all the logs to give me a clue. this was a working server. ive closed all ibays to be sure its not a php issue
-
jameswilson
Send a message(s) locally and/or remotely & then check the log files mentioned around the time the message was sent.
Also check config settings
config show |more
scroll down (enter or space) to view mail settings, & I would also check RBL list settings.
You really need to find something more relevant/informative from the logs.
Did you do
signal-event post-upgrade
and
signal-event reboot
after the upgrade ?
Did the upgrade, reconfigure & reboot processes all run successfully & without apparent errors ?
Ultimately if you did a normal update process & the server is now problematic, then there could be a bug.
Upgrades are supposed to work correctly, so a better approach may be to lodge a bug (ie potential bug) at bugzilla.
-
i do think there is something being expolited, which is why i shut down all the i bays.
id agree i need find something in the logs, ive looked at them all for a clue which i can normally find.
what i dont get is why telnet on smtp doesnt give the expected response.
-
I have tried telnetting into smtp (25) and it just says
'220 sme-big.siaholdings.com ESMTP'
What do you expect to see? I don't see anything wrong with that.
-
jameswilson
Perhaps you should answer the questions/follow advices that RequestedDeletion, daniel & myself have put to you, rather than (apparently) ignoring them.
Where is the evidence or proof you have been exploited, it's a guess.
Seems more likely to me that something went wrong during the upgrade, or maybe you had settings in place that were not previously saved correctly (eg as custom templates).
There are many possibilities, guessing is not a good approach, search for information that will provide clues, & keep searching until you find it.
You could also do an external port scan (grc.com) to see what is open, but nothing is yet pointing at that as the problem source, all suggestions are just "process of elimination" techniques at present.
I get the same telnet response so that's normal enough.
-
i do think there is something being expolited...
Why do you think that? What have you seen which makes you think that?
-
You should check SMTP logs
/var/log/qpsmtpd/current (for inbound email, and clients without auth or using TLS)
/var/log/sqpsmtpd/current (for client using SSL)
qpsmtpd current
014-08-06 10:59:21.090004500 4303 250 <sales@secureitall.co.uk>, recipient ok
2014-08-06 10:59:21.090084500 4303 dispatching DATA
2014-08-06 10:59:21.090403500 4303 354 go ahead
2014-08-06 10:59:21.233053500 4297 250 <sales@secureitall.co.uk>, recipient ok
2014-08-06 10:59:21.233176500 4297 dispatching DATA
2014-08-06 10:59:21.233479500 4297 354 go ahead
2014-08-06 10:59:21.316847500 4303 spooling message to disk
2014-08-06 10:59:21.499826500 4297 spooling message to disk
2014-08-06 10:59:21.515024500 4303 bcc plugin (data_post): message copied to maillog
2014-08-06 10:59:21.626960500 4297 bcc plugin (data_post): message copied to maillog
2014-08-06 10:59:21.915707500 4335 check_earlytalker plugin (connect): remote host said nothing spontaneous, proceeding
2014-08-06 10:59:21.918963500 4335 220 sme-big.siaholdings.com ESMTP
2014-08-06 10:59:21.941185500 4335 dispatching EHLO mail.CompleteSecurityRecruitment.com
2014-08-06 10:59:21.942676500 4335 250-siaholdings.com Hi completesecurityrecruitment.com [81.138.18.245]
2014-08-06 10:59:21.942695500 4335 250-PIPELINING
2014-08-06 10:59:21.942702500 4335 250-8BITMIME
2014-08-06 10:59:21.942759500 4335 250-SIZE 15000000
2014-08-06 10:59:21.942760500 4335 250 STARTTLS
2014-08-06 10:59:21.964621500 4335 dispatching STARTTLS
2014-08-06 10:59:21.964731500 4335 220 Go ahead with TLS
2014-08-06 10:59:21.990331500 4361 Accepted connection 5/40 from 74.63.238.60 / server111.gangsa.in
2014-08-06 10:59:21.990447500 4361 Connection from server111.gangsa.in [74.63.238.60]
2014-08-06 10:59:21.992398500 4361 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 10:59:21.994920500 4361 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 10:59:22.006964500 4361 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 10:59:22.030421500 4335 tls plugin (unrecognized_command): TLS setup returning
2014-08-06 10:59:22.053879500 4335 dispatching EHLO mail.CompleteSecurityRecruitment.com
2014-08-06 10:59:22.054542500 4335 250-siaholdings.com Hi completesecurityrecruitment.com [81.138.18.245]
2014-08-06 10:59:22.054559500 4335 250-PIPELINING
2014-08-06 10:59:22.054571500 4335 250-8BITMIME
2014-08-06 10:59:22.054630500 4335 250-SIZE 15000000
2014-08-06 10:59:22.054632500 4335 250 AUTH PLAIN LOGIN
2014-08-06 10:59:22.078091500 4335 dispatching MAIL FROM:<L.Feltham@CompleteSecurityRecruitment.com> SIZE=217756
2014-08-06 10:59:22.078210500 4335 full from_parameter: FROM:<L.Feltham@CompleteSecurityRecruitment.com> SIZE=217756
2014-08-06 10:59:22.213119500 4335 getting mail from <L.Feltham@CompleteSecurityRecruitment.com>
2014-08-06 10:59:22.213165500 4335 250 <L.Feltham@CompleteSecurityRecruitment.com>, sender OK - how exciting to get mail from you!
2014-08-06 10:59:22.213345500 4335 dispatching RCPT TO:<anne@secureitall.co.uk>
2014-08-06 10:59:22.241489500 4292 spamassassin plugin (data_post): check_spam: No, hits=1.1, required=5.0, tests=DKIM_SIGNED,DKIM_VALID,HTML_MESSAGE,RCVD_IN_DNSWL_NONE,SPF_HELO_PASS,SPF_PASS,URIBL_GREY
2014-08-06 10:59:22.241677500 4292 virus::clamav plugin (data_post): Changing permissions on file to permit scanner access
2014-08-06 10:59:22.243006500 4292 virus::clamav plugin (data_post): clamscan results: ERROR: Can't connect to clamd: No such file or directory
2014-08-06 10:59:22.243007500 4292 virus::clamav plugin (data_post): ClamAV error: /usr/bin/clamdscan --stdout --config-file=/etc/clamd.conf --no-summary /var/spool/qpsmtpd/1407319160:4292:0 2>&1: 2
2014-08-06 10:59:22.243008500
2014-08-06 10:59:22.243298500 4292 logging::logterse plugin (deny): ` 46.236.37.52 relay-13-52.msgfocus.com relay-13-52.msgfocus.com <mail.nrcmlorzhjdegr@email.suttons.co.uk> <anne@secureitall.co.uk>,Mail::Address=ARRAY(0xa48aad8) virus::clamav 902 msg denied before queued
2014-08-06 10:59:22.243398500 4292 452 Message denied temporarily
2014-08-06 10:59:22.261956500 4292 dispatching RSET
2014-08-06 10:59:22.262069500 4292 250 OK
2014-08-06 10:59:22.281108500 4292 dispatching MAIL FROM:<mail.nrcmloqgjvfeuo@email.suttons.co.uk> BODY=8BITMIME
2014-08-06 10:59:22.281221500 4292 full from_parameter: FROM:<mail.nrcmloqgjvfeuo@email.suttons.co.uk> BODY=8BITMIME
2014-08-06 10:59:22.295700500 4292 getting mail from <mail.nrcmloqgjvfeuo@email.suttons.co.uk>
2014-08-06 10:59:22.295701500 4292 250 <mail.nrcmloqgjvfeuo@email.suttons.co.uk>, sender OK - how exciting to get mail from you!
2014-08-06 10:59:22.295767500 4292 dispatching RCPT TO:<anne@secureitall.co.uk>
2014-08-06 10:59:22.387254500 4335 250 <anne@secureitall.co.uk>, recipient ok
2014-08-06 10:59:22.468992500 4335 dispatching DATA
2014-08-06 10:59:22.469370500 4335 354 go ahead
2014-08-06 10:59:22.486706500 4292 250 <anne@secureitall.co.uk>, recipient ok
2014-08-06 10:59:22.486805500 4292 dispatching DATA
2014-08-06 10:59:22.487012500 4292 354 go ahead
2014-08-06 10:59:22.527218500 4292 spooling message to disk
2014-08-06 10:59:22.543475500 4335 spooling message to disk
2014-08-06 10:59:22.587578500 4292 bcc plugin (data_post): message copied to maillog
sqpsmtpd log
2014-08-06 09:49:39.515980500 31331 Accepted connection 0/10 from 212.32.55.213 / Unknown
2014-08-06 09:49:39.516097500 31331 Connection from Unknown [212.32.55.213]
2014-08-06 09:49:39.518062500 31331 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 09:49:39.520650500 31331 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 09:49:39.526866500 31331 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 09:49:39.636873500 31331 tls plugin (connect): Connected via SMTPS
2014-08-06 09:49:39.700203500 31331 check_earlytalker plugin (connect): remote host started talking before we said hello [212.32.55.213]
2014-08-06 09:49:39.700423500 31331 logging::logterse plugin (deny): ` 212.32.55.213 Unknown check_earlytalker 902 Connecting host started transmitting before SMTP greeting msg denied before queued
2014-08-06 09:49:39.700518500 31331 450 Connecting host started transmitting before SMTP greeting
2014-08-06 09:49:39.701364500 31331 click, disconnecting
2014-08-06 09:49:40.121428500 4270 cleaning up after 31331
2014-08-06 09:49:40.129815500 31337 Accepted connection 1/10 from 212.32.55.213 / Unknown
2014-08-06 09:49:40.129930500 31337 Connection from Unknown [212.32.55.213]
2014-08-06 09:49:40.131883500 31337 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 09:49:40.134481500 31337 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 09:49:40.144093500 31337 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 09:49:40.255194500 31337 tls plugin (connect): Connected via SMTPS
2014-08-06 09:49:40.319808500 31337 check_earlytalker plugin (connect): remote host started talking before we said hello [212.32.55.213]
2014-08-06 09:49:40.320060500 31337 logging::logterse plugin (deny): ` 212.32.55.213 Unknown check_earlytalker 902 Connecting host started transmitting before SMTP greeting msg denied before queued
2014-08-06 09:49:40.320165500 31337 450 Connecting host started transmitting before SMTP greeting
2014-08-06 09:49:40.321039500 31337 click, disconnecting
2014-08-06 09:49:41.124350500 4270 cleaning up after 31337
2014-08-06 10:19:13.065970500 14985 Accepted connection 0/10 from 212.32.55.213 / Unknown
2014-08-06 10:19:13.066086500 14985 Connection from Unknown [212.32.55.213]
2014-08-06 10:19:13.068040500 14985 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 10:19:13.070622500 14985 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 10:19:13.077692500 14985 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 10:19:13.187710500 14985 tls plugin (connect): Connected via SMTPS
2014-08-06 10:19:13.527252500 14985 check_earlytalker plugin (connect): remote host started talking before we said hello [212.32.55.213]
2014-08-06 10:19:13.527471500 14985 logging::logterse plugin (deny): ` 212.32.55.213 Unknown check_earlytalker 902 Connecting host started transmitting before SMTP greeting msg denied before queued
2014-08-06 10:19:13.527566500 14985 450 Connecting host started transmitting before SMTP greeting
2014-08-06 10:19:13.528406500 14985 click, disconnecting
2014-08-06 10:19:13.705966500 4270 cleaning up after 14985
2014-08-06 10:19:13.715588500 14991 Accepted connection 1/10 from 212.32.55.213 / Unknown
2014-08-06 10:19:13.715775500 14991 Connection from Unknown [212.32.55.213]
2014-08-06 10:19:13.716650500 14991 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 10:19:13.717805500 14991 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 10:19:13.721892500 14991 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 10:19:13.829304500 14991 tls plugin (connect): Connected via SMTPS
2014-08-06 10:19:13.907888500 14991 check_earlytalker plugin (connect): remote host started talking before we said hello [212.32.55.213]
2014-08-06 10:19:13.908040500 14991 logging::logterse plugin (deny): ` 212.32.55.213 Unknown check_earlytalker 902 Connecting host started transmitting before SMTP greeting msg denied before queued
2014-08-06 10:19:13.908115500 14991 450 Connecting host started transmitting before SMTP greeting
2014-08-06 10:19:13.908549500 14991 click, disconnecting
2014-08-06 10:19:14.705830500 4270 cleaning up after 14991
2014-08-06 10:53:32.723421500 752 Accepted connection 0/10 from 212.32.55.213 / Unknown
2014-08-06 10:53:32.723530500 752 Connection from Unknown [212.32.55.213]
2014-08-06 10:53:32.725530500 752 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 10:53:32.728129500 752 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 10:53:32.737781500 752 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 10:53:32.852669500 752 tls plugin (connect): Connected via SMTPS
2014-08-06 10:53:32.918866500 752 check_earlytalker plugin (connect): remote host started talking before we said hello [212.32.55.213]
2014-08-06 10:53:32.919093500 752 logging::logterse plugin (deny): ` 212.32.55.213 Unknown check_earlytalker 902 Connecting host started transmitting before SMTP greeting msg denied before queued
2014-08-06 10:53:32.919192500 752 450 Connecting host started transmitting before SMTP greeting
2014-08-06 10:53:32.920056500 752 click, disconnecting
2014-08-06 10:53:32.986212500 4270 cleaning up after 752
2014-08-06 10:53:32.995825500 760 Accepted connection 1/10 from 212.32.55.213 / Unknown
2014-08-06 10:53:32.995934500 760 Connection from Unknown [212.32.55.213]
2014-08-06 10:53:32.997893500 760 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 10:53:33.000463500 760 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 10:53:33.007637500 760 tls plugin (init): ciphers: HIGH:!SSLv2:!ADH:!aNULL:!MD5:!RC4
2014-08-06 10:53:33.117932500 760 tls plugin (connect): Connected via SMTPS
2014-08-06 10:53:33.237032500 760 check_earlytalker plugin (connect): remote host started talking before we said hello [212.32.55.213]
2014-08-06 10:53:33.237222500 760 logging::logterse plugin (deny): ` 212.32.55.213 Unknown check_earlytalker 902 Connecting host started transmitting before SMTP greeting msg denied before queued
2014-08-06 10:53:33.237316500 760 450 Connecting host started transmitting before SMTP greeting
2014-08-06 10:53:33.238134500 760 click, disconnecting
2014-08-06 10:53:33.985856500 4270 cleaning up after 760
-
Why do you think that? What have you seen which makes you think that?
I was getting emails from sme8admin that the server had sent x emails in the last 5 mins. Friday night when noone was in work
-
jameswilson
Perhaps you should answer the questions/follow advices that RequestedDeletion, daniel & myself have put to you, rather than (apparently) ignoring them.
Where is the evidence or proof you have been exploited, it's a guess.
Seems more likely to me that something went wrong during the upgrade, or maybe you had settings in place that were not previously saved correctly (eg as custom templates).
There are many possibilities, guessing is not a good approach, search for information that will provide clues, & keep searching until you find it.
You could also do an external port scan (grc.com) to see what is open, but nothing is yet pointing at that as the problem source, all suggestions are just "process of elimination" techniques at present.
I get the same telnet response so that's normal enough.
Janet
My appologies im not ignoring it i will provide all response now
-
jameswilson
Send a message(s) locally and/or remotely & then check the log files mentioned around the time the message was sent.
Also check config settings
config show |more
scroll down (enter or space) to view mail settings, & I would also check RBL list settings.
You really need to find something more relevant/informative from the logs.
Did you do
signal-event post-upgrade
and
signal-event reboot
after the upgrade ?
Did the upgrade, reconfigure & reboot processes all run successfully & without apparent errors ?
Ultimately if you did a normal update process & the server is now problematic, then there could be a bug.
Upgrades are supposed to work correctly, so a better approach may be to lodge a bug (ie potential bug) at bugzilla.
On sending locally (can only loginto webmail local smtp does not work) horde gives an smtp error of 452.
Which log am i looking at for the time error etc info?
Yes the upgrade and reconfigure did appear normal
-
Your log snippets show nothing wrong, and no connection attempt from the local network, nor the webmail. Please, check your logs at the time you try to send an email (either with thunderbird or the webmail)
-
Might the problem be related to this?
2014-08-06 10:59:22.243006500 4292 virus::clamav plugin (data_post): clamscan results: ERROR: Can't connect to clamd: No such file or directory
2014-08-06 10:59:22.243007500 4292 virus::clamav plugin (data_post): ClamAV error: /usr/bin/clamdscan --stdout --config-file=/etc/clamd.conf --no-summary /var/spool/qpsmtpd/1407319160:4292:0 2>&1: 2
-
Arg, well spotted, I missed that. The OP has AV scan enabled for inbound emails, but the clamd daemon isn't available for some reason. Please, show
db configuration show clamd
If the clamd daemon is enabled, you'll have to open a bug (and if it's disabled, you probably have disabled it manually, so you either have to re-enable it, or disable AV scan)
-
Daniel
[root@sme-big ~]# db configuration show clamd
clamd=service
MemLimit=600000000
status=enabled
i can also confirm if i disable virus scanning of incoming mail, it starts to work again.
-
What's the output of
# ls -l /usr/sbin/clamd
# rpm -V clamd
-
What's the output of
# ls -l /usr/sbin/clamd
# rpm -V clamd
[root@sme-big ~]# ls -l /usr/sbin/clamd
-rwxr-xr-x 1 root root 155277 Sep 25 2013 /usr/sbin/clamd
[root@sme-big ~]# ls -l /usr/sbin/clamd
-rwxr-xr-x 1 root root 155277 Sep 25 2013 /usr/sbin/clamd
-
rpm -V clamd
package clamd is not installed
i havnt removed it though.
-
[root@sme-big ~]# db configuration show clamd
clamd=service
MemLimit=600000000
status=enabled
OK, so clamd is enabled. Did you investigate why it didn't appear to be running? e.g. have you looked at the clamd logs?
What do you see when you do:
cd /service/clamd
sv st .
sv d .
./run
^C
-
[root@sme-big clamd]# sv st .
down: .: 1s, want up; run: log: (pid 2257) 28353s
[root@sme-big clamd]# sv d .
[root@sme-big clamd]#
[root@sme-big clamd]# ./run
LibClamAV Error: Can't load /var/clamav/daily.cld: Malformed database
ERROR: Malformed database
Closing the main socket.
-
# yum install clamd
-
# yum install clamd
[root@sme-big clamd]# yum install clamd
Loaded plugins: fastestmirror, kmod, protect-packages, smeserver
Loading mirror speeds from cached hostfile
* base: centos.openitc.uk
* smeaddons: mirror.pialasse.com
* smeextras: mirror.pialasse.com
* smeos: mirror.pialasse.com
* smeupdates: mirror.pialasse.com
* updates: centos.hyve.com
base | 1.1 kB 00:00
fws | 2.5 kB 00:00
http://smeserver.nethesis.it/releases/8/i386/repodata/repomd.xml: [Errno 14] HTT P Error 404: Componente non trovato
Trying other mirror.
smeaddons | 2.5 kB 00:00
smeextras | 2.5 kB 00:00
smeos | 2.7 kB 00:00
smeupdates | 2.5 kB 00:00
sogo | 951 B 00:00
updates | 1.9 kB 00:00
Excluding Packages from CentOS - os
Finished
Excluding Packages from CentOS - updates
Finished
Setting up Install Process
Resolving Dependencies
There are unfinished transactions remaining. You might consider running yum-comp lete-transaction first to finish them.
The program yum-complete-transaction is found in the yum-utils package.
--> Running transaction check
---> Package clamd.i386 0:0.98.4-2.el5.sme set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
clamd i386 0.98.4-2.el5.sme smeupdates 247 k
Transaction Summary
================================================================================
Install 1 Package(s)
Upgrade 0 Package(s)
Total download size: 247 k
Is this ok [y/N]: y
Downloading Packages:
clamd-0.98.4-2.el5.sme.i386.rpm | 247 kB 00:00
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : clamd 1/1
warning: /etc/clamd.conf created as /etc/clamd.conf.rpmnew
Migrating existing database backups
Migrating existing database hosts
Migrating existing database configuration
Migrating existing database yum_installed
Migrating existing database networks
Migrating existing database yum_updates
Migrating existing database accounts
Migrating existing database domains
Migrating existing database spamassassin
Migrating existing database yum_available
Migrating existing database mailpatterns
Migrating existing database yum_repositories
Installed:
clamd.i386 0:0.98.4-2.el5.sme
Complete!
==============================================================
WARNING: You now need to run BOTH of the following commands
to ensure consistent system state:
signal-event post-upgrade; signal-event reboot
You should run these commands unless you are certain that
yum made no changes to your system.
==============================================================
[root@sme-big clamd]#
-
After running signal-event post-upgrade and signal-event reboot, does it work?
-
im not onsite with the sme so im not brave enough to reboot it till tomorrow morning
-
but thankyou dan for your help, i can see if it was removed why it would be a problem.
-
Of course, the question remains: why/how was it removed? That may have been a bug somewhere in an update. You might try the following before the reboot:
# yum-complete-transaction
# yum update
-
# yum install clamd
That won't be sufficient. Pay attention to every error message:
LibClamAV Error: Can't load /var/clamav/daily.cld: Malformed database
So James will need to check all the clamAV components - are they installed? Are they up to date? Are they running correctly?
cd /service/freshclam
sv st .
sv d .
./run
^C
sv u .
-
Of course, the question remains: why/how was it removed?
Looking the yum log would be a good idea.
-
im confused now sorry
charlie do you want me to run those commands or post the yum log?
-
icharlie do you want me to run those commands or post the yum log?
You should do both. The first is to see if freshclam is also broken, and looking in the yum log is to look for clues as to how/when/why clamd was removed.
-
You should do both. The first is to see if freshclam is also broken, and looking in the yum log is to look for clues as to how/when/why clamd was removed.
yum current
2014-08-05 04:56:30.467559500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:56:30.468192500 The other application is: yum
2014-08-05 04:56:30.468345500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:56:30.468479500 Started: Tue Aug 5 04:20:29 2014 - 36:01 ago
2014-08-05 04:56:30.468571500 State : Sleeping, pid: 1970
2014-08-05 04:56:32.467782500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:56:32.468402500 The other application is: yum
2014-08-05 04:56:32.468558500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:56:32.468693500 Started: Tue Aug 5 04:20:29 2014 - 36:03 ago
2014-08-05 04:56:32.468786500 State : Sleeping, pid: 1970
2014-08-05 04:56:34.477976500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:56:34.478592500 The other application is: yum
2014-08-05 04:56:34.478744500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:56:34.478877500 Started: Tue Aug 5 04:20:29 2014 - 36:05 ago
2014-08-05 04:56:34.478969500 State : Sleeping, pid: 1970
2014-08-05 04:56:36.488144500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:56:36.488758500 The other application is: yum
2014-08-05 04:56:36.488912500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:56:36.489047500 Started: Tue Aug 5 04:20:29 2014 - 36:07 ago
2014-08-05 04:56:36.489140500 State : Sleeping, pid: 1970
2014-08-05 04:56:38.498351500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:56:38.498968500 The other application is: yum
2014-08-05 04:56:38.499122500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:56:38.499259500 Started: Tue Aug 5 04:20:29 2014 - 36:09 ago
2014-08-05 04:56:38.499352500 State : Sleeping, pid: 1970
2014-08-05 04:56:40.508516500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:56:40.509140500 The other application is: yum
2014-08-05 04:56:40.509294500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:56:40.509427500 Started: Tue Aug 5 04:20:29 2014 - 36:11 ago
2014-08-05 04:56:40.509519500 State : Sleeping, pid: 1970
2014-08-05 04:56:42.518725500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:56:42.519341500 The other application is: yum
2014-08-05 04:56:42.519494500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:56:42.519628500 Started: Tue Aug 5 04:20:29 2014 - 36:13 ago
2014-08-05 04:56:42.519721500 State : Sleeping, pid: 1970
2014-08-05 04:56:44.518887500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:56:44.519501500 The other application is: yum
2014-08-05 04:56:44.519654500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:56:44.519787500 Started: Tue Aug 5 04:20:29 2014 - 36:15 ago
2014-08-05 04:56:44.519890500 State : Sleeping, pid: 1970
2014-08-05 04:56:46.519095500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:56:46.519711500 The other application is: yum
2014-08-05 04:56:46.519864500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:56:46.519999500 Started: Tue Aug 5 04:20:29 2014 - 36:17 ago
2014-08-05 04:56:46.520091500 State : Sleeping, pid: 1970
2014-08-05 04:56:48.519285500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:56:48.519899500 The other application is: yum
2014-08-05 04:56:48.520055500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:56:48.520189500 Started: Tue Aug 5 04:20:29 2014 - 36:19 ago
2014-08-05 04:56:48.520282500 State : Sleeping, pid: 1970
2014-08-05 04:56:50.519478500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:56:50.520095500 The other application is: yum
2014-08-05 04:56:50.520250500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:56:50.520383500 Started: Tue Aug 5 04:20:29 2014 - 36:21 ago
2014-08-05 04:56:50.520473500 State : Sleeping, pid: 1970
2014-08-05 04:56:52.519655500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:56:52.520267500 The other application is: yum
2014-08-05 04:56:52.520421500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:56:52.520556500 Started: Tue Aug 5 04:20:29 2014 - 36:23 ago
2014-08-05 04:56:52.520645500 State : Sleeping, pid: 1970
2014-08-05 04:56:54.519846500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:56:54.520466500 The other application is: yum
2014-08-05 04:56:54.520621500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:56:54.520752500 Started: Tue Aug 5 04:20:29 2014 - 36:25 ago
2014-08-05 04:56:54.520844500 State : Sleeping, pid: 1970
2014-08-05 04:56:56.520025500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:56:56.520643500 The other application is: yum
2014-08-05 04:56:56.520794500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:56:56.520929500 Started: Tue Aug 5 04:20:29 2014 - 36:27 ago
2014-08-05 04:56:56.521022500 State : Sleeping, pid: 1970
2014-08-05 04:56:58.520224500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:56:58.520844500 The other application is: yum
2014-08-05 04:56:58.520996500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:56:58.521132500 Started: Tue Aug 5 04:20:29 2014 - 36:29 ago
2014-08-05 04:56:58.521225500 State : Sleeping, pid: 1970
2014-08-05 04:57:00.520405500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:00.521016500 The other application is: yum
2014-08-05 04:57:00.521169500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:00.521303500 Started: Tue Aug 5 04:20:29 2014 - 36:31 ago
2014-08-05 04:57:00.521396500 State : Sleeping, pid: 1970
2014-08-05 04:57:02.520600500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:02.521226500 The other application is: yum
2014-08-05 04:57:02.521382500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:02.521518500 Started: Tue Aug 5 04:20:29 2014 - 36:33 ago
2014-08-05 04:57:02.521622500 State : Sleeping, pid: 1970
2014-08-05 04:57:04.520783500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:04.521401500 The other application is: yum
2014-08-05 04:57:04.521553500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:04.521687500 Started: Tue Aug 5 04:20:29 2014 - 36:35 ago
2014-08-05 04:57:04.521778500 State : Sleeping, pid: 1970
2014-08-05 04:57:06.520980500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:06.521606500 The other application is: yum
2014-08-05 04:57:06.521763500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:06.521898500 Started: Tue Aug 5 04:20:29 2014 - 36:37 ago
2014-08-05 04:57:06.521990500 State : Sleeping, pid: 1970
2014-08-05 04:57:08.521157500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:08.521768500 The other application is: yum
2014-08-05 04:57:08.521922500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:08.522056500 Started: Tue Aug 5 04:20:29 2014 - 36:39 ago
2014-08-05 04:57:08.522148500 State : Sleeping, pid: 1970
2014-08-05 04:57:10.521346500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:10.521962500 The other application is: yum
2014-08-05 04:57:10.522116500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:10.522252500 Started: Tue Aug 5 04:20:29 2014 - 36:41 ago
2014-08-05 04:57:10.522342500 State : Sleeping, pid: 1970
2014-08-05 04:57:12.521524500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:12.522160500 The other application is: yum
2014-08-05 04:57:12.522314500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:12.522445500 Started: Tue Aug 5 04:20:29 2014 - 36:43 ago
2014-08-05 04:57:12.522537500 State : Sleeping, pid: 1970
2014-08-05 04:57:14.521707500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:14.522323500 The other application is: yum
2014-08-05 04:57:14.522478500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:14.522613500 Started: Tue Aug 5 04:20:29 2014 - 36:45 ago
2014-08-05 04:57:14.522704500 State : Sleeping, pid: 1970
2014-08-05 04:57:16.521898500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:16.522509500 The other application is: yum
2014-08-05 04:57:16.522663500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:16.522797500 Started: Tue Aug 5 04:20:29 2014 - 36:47 ago
2014-08-05 04:57:16.522888500 State : Sleeping, pid: 1970
2014-08-05 04:57:18.522086500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:18.522707500 The other application is: yum
2014-08-05 04:57:18.522862500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:18.522997500 Started: Tue Aug 5 04:20:29 2014 - 36:49 ago
2014-08-05 04:57:18.523089500 State : Sleeping, pid: 1970
2014-08-05 04:57:20.522271500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:20.522883500 The other application is: yum
2014-08-05 04:57:20.523037500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:20.523171500 Started: Tue Aug 5 04:20:29 2014 - 36:51 ago
2014-08-05 04:57:20.523263500 State : Sleeping, pid: 1970
2014-08-05 04:57:22.522476500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:22.523097500 The other application is: yum
2014-08-05 04:57:22.523250500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:22.523385500 Started: Tue Aug 5 04:20:29 2014 - 36:53 ago
2014-08-05 04:57:22.523475500 State : Sleeping, pid: 1970
2014-08-05 04:57:24.522624500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:24.523244500 The other application is: yum
2014-08-05 04:57:24.523398500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:24.523530500 Started: Tue Aug 5 04:20:29 2014 - 36:55 ago
2014-08-05 04:57:24.523638500 State : Sleeping, pid: 1970
2014-08-05 04:57:26.522829500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:26.523446500 The other application is: yum
2014-08-05 04:57:26.523601500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:26.523734500 Started: Tue Aug 5 04:20:29 2014 - 36:57 ago
2014-08-05 04:57:26.523826500 State : Sleeping, pid: 1970
2014-08-05 04:57:28.523028500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:28.523646500 The other application is: yum
2014-08-05 04:57:28.523801500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:28.523934500 Started: Tue Aug 5 04:20:29 2014 - 36:59 ago
2014-08-05 04:57:28.524027500 State : Sleeping, pid: 1970
2014-08-05 04:57:30.523201500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:30.523820500 The other application is: yum
2014-08-05 04:57:30.523973500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:30.524106500 Started: Tue Aug 5 04:20:29 2014 - 37:01 ago
2014-08-05 04:57:30.524197500 State : Sleeping, pid: 1970
2014-08-05 04:57:32.523414500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:32.524030500 The other application is: yum
2014-08-05 04:57:32.524186500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:32.524320500 Started: Tue Aug 5 04:20:29 2014 - 37:03 ago
2014-08-05 04:57:32.524412500 State : Sleeping, pid: 1970
2014-08-05 04:57:34.523588500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:34.524205500 The other application is: yum
2014-08-05 04:57:34.524359500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:34.524494500 Started: Tue Aug 5 04:20:29 2014 - 37:05 ago
2014-08-05 04:57:34.524587500 State : Sleeping, pid: 1970
2014-08-05 04:57:36.523768500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:36.524379500 The other application is: yum
2014-08-05 04:57:36.524533500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:36.524668500 Started: Tue Aug 5 04:20:29 2014 - 37:07 ago
2014-08-05 04:57:36.524760500 State : Sleeping, pid: 1970
2014-08-05 04:57:38.523974500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:38.524596500 The other application is: yum
2014-08-05 04:57:38.524753500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:38.524886500 Started: Tue Aug 5 04:20:29 2014 - 37:09 ago
2014-08-05 04:57:38.524979500 State : Sleeping, pid: 1970
2014-08-05 04:57:40.524146500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:40.524761500 The other application is: yum
2014-08-05 04:57:40.524915500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:40.525050500 Started: Tue Aug 5 04:20:29 2014 - 37:11 ago
2014-08-05 04:57:40.525142500 State : Sleeping, pid: 1970
2014-08-05 04:57:42.524305500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:42.524946500 The other application is: yum
2014-08-05 04:57:42.525100500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:42.525234500 Started: Tue Aug 5 04:20:29 2014 - 37:13 ago
2014-08-05 04:57:42.525326500 State : Sleeping, pid: 1970
2014-08-05 04:57:44.524518500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:44.525131500 The other application is: yum
2014-08-05 04:57:44.525286500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:44.525421500 Started: Tue Aug 5 04:20:29 2014 - 37:15 ago
2014-08-05 04:57:44.525515500 State : Sleeping, pid: 1970
2014-08-05 04:57:46.524707500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:46.525325500 The other application is: yum
2014-08-05 04:57:46.525479500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:46.525611500 Started: Tue Aug 5 04:20:29 2014 - 37:17 ago
2014-08-05 04:57:46.525702500 State : Sleeping, pid: 1970
2014-08-05 04:57:48.524885500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:48.525505500 The other application is: yum
2014-08-05 04:57:48.525661500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:48.525795500 Started: Tue Aug 5 04:20:29 2014 - 37:19 ago
2014-08-05 04:57:48.525888500 State : Sleeping, pid: 1970
2014-08-05 04:57:50.525051500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:50.525667500 The other application is: yum
2014-08-05 04:57:50.525821500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:50.525955500 Started: Tue Aug 5 04:20:29 2014 - 37:21 ago
2014-08-05 04:57:50.526045500 State : Sleeping, pid: 1970
2014-08-05 04:57:52.525287500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:52.525903500 The other application is: yum
2014-08-05 04:57:52.526057500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:52.526192500 Started: Tue Aug 5 04:20:29 2014 - 37:23 ago
2014-08-05 04:57:52.526284500 State : Sleeping, pid: 1970
2014-08-05 04:57:54.525451500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:54.526071500 The other application is: yum
2014-08-05 04:57:54.526227500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:54.526362500 Started: Tue Aug 5 04:20:29 2014 - 37:25 ago
2014-08-05 04:57:54.526452500 State : Sleeping, pid: 1970
2014-08-05 04:57:56.535647500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:56.536265500 The other application is: yum
2014-08-05 04:57:56.536416500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:56.536551500 Started: Tue Aug 5 04:20:29 2014 - 37:27 ago
2014-08-05 04:57:56.536644500 State : Sleeping, pid: 1970
2014-08-05 04:57:58.545849500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:57:58.546469500 The other application is: yum
2014-08-05 04:57:58.546622500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:57:58.546756500 Started: Tue Aug 5 04:20:29 2014 - 37:29 ago
2014-08-05 04:57:58.546846500 State : Sleeping, pid: 1970
2014-08-05 04:58:00.556005500 Another app is currently holding the yum lock; waiting for it to exit...
2014-08-05 04:58:00.556616500 The other application is: yum
2014-08-05 04:58:00.556769500 Memory : 14 M RSS ( 53 MB VSZ)
2014-08-05 04:58:00.556904500 Started: Tue Aug 5 04:20:29 2014 - 37:31 ago
2014-08-05 04:58:00.556996500 State : Uninteruptable, pid: 1970
Refresh this logfile
SME Server 8.1
Copyright 1999-2006 Mitel Corporation
All rights reserved.
Copyright (C) 2013 Koozali Foundation, Inc.
-
ive just checked back and realise ive wasted everyones time with posting it. sorry
its all thats in the yum current file though
-
jameswilson
Try instead to look in
/var/log/yum/yum.log
and please only post pertinent information, meaning look through the log file & extract & post the part that is applicable eg when clamd was removed or whatever.