Hi Nuxwin,
You are right. I found the README file in the directory of the plugin.
After restarting the clamav-daemon and the clamav-milter:
Output of ls -la /run/clamav:
Output of ls -la /var/spool/postfix/clamav:
Output of cat /etc/clamav/clamd.conf:
Code
- #Automatically Generated by clamav-daemon postinst
- #To reconfigure clamd run #dpkg-reconfigure clamav-daemon
- #Please read /usr/share/doc/clamav-daemon/README.Debian.gz for details
- LocalSocket /var/run/clamav/clamd.ctl
- FixStaleSocket true
- LocalSocketGroup clamav
- LocalSocketMode 666
- # TemporaryDirectory is not set to its default /tmp here to make overriding
- # the default with environment variables TMPDIR/TMP/TEMP possible
- User clamav
- ScanMail true
- ScanArchive true
- ArchiveBlockEncrypted false
- MaxDirectoryRecursion 15
- FollowDirectorySymlinks false
- FollowFileSymlinks false
- ReadTimeout 180
- MaxThreads 12
- MaxConnectionQueueLength 15
- LogSyslog false
- LogRotate true
- LogFacility LOG_LOCAL6
- LogClean false
- LogVerbose false
- PreludeEnable no
- PreludeAnalyzerName ClamAV
- DatabaseDirectory /var/lib/clamav
- OfficialDatabaseOnly false
- SelfCheck 3600
- Foreground false
- Debug false
- ScanPE true
- MaxEmbeddedPE 10M
- ScanOLE2 true
- ScanPDF true
- ScanHTML true
- MaxHTMLNormalize 10M
- MaxHTMLNoTags 2M
- MaxScriptNormalize 5M
- MaxZipTypeRcg 1M
- ScanSWF true
- ExitOnOOM false
- LeaveTemporaryFiles false
- AlgorithmicDetection true
- ScanELF true
- IdleTimeout 30
- CrossFilesystems true
- PhishingSignatures true
- PhishingScanURLs true
- PhishingAlwaysBlockSSLMismatch false
- PhishingAlwaysBlockCloak false
- PartitionIntersection false
- DetectPUA false
- ScanPartialMessages false
- HeuristicScanPrecedence false
- StructuredDataDetection false
- CommandReadTimeout 5
- SendBufTimeout 200
- MaxQueue 100
- ExtendedDetectionInfo true
- OLE2BlockMacros false
- ScanOnAccess false
- AllowAllMatchScan true
- ForceToDisk false
- DisableCertCheck false
- DisableCache false
- MaxScanTime 120000
- MaxScanSize 100M
- MaxFileSize 25M
- MaxRecursion 16
- MaxFiles 10000
- MaxPartitions 50
- MaxIconsPE 100
- PCREMatchLimit 10000
- PCRERecMatchLimit 5000
- PCREMaxFileSize 25M
- ScanXMLDOCS true
- ScanHWP3 true
- MaxRecHWP3 16
- StreamMaxLength 25M
- LogFile /var/log/clamav/clamav.log
- LogTime true
- LogFileUnlock false
- LogFileMaxSize 0
- Bytecode true
- BytecodeSecurity TrustSigned
- BytecodeTimeout 60000
Output of cat /etc/clamav/clamav-milter.conf:
Code
- #Automatically Generated by clamav-milter postinst
- #To reconfigure clamav-milter run #dpkg-reconfigure clamav-milter
- #Please read /usr/share/doc/clamav-base/README.Debian.gz for details
- #MilterSocket /var/run/clamav/clamav-milter.ctl
- #FixStaleSocket true
- #User clamav
- #ReadTimeout 120
- #Foreground false
- #PidFile /var/run/clamav/clamav-milter.pid
- #ClamdSocket unix:/var/run/clamav/clamd.ctl
- #OnClean Accept
- #OnInfected Quarantine
- #OnFail Defer
- #AddHeader Replace
- #LogSyslog false
- #LogFacility LOG_LOCAL6
- #LogVerbose false
- #LogInfected Off
- #LogClean Off
- #LogRotate true
- #MaxFileSize 25M
- #SupportMultipleRecipients false
- #TemporaryDirectory /tmp
- #LogFile /var/log/clamav/clamav-milter.log
- #LogTime true
- #LogFileUnlock false
- #LogFileMaxSize 1M
- #MilterSocketGroup clamav
- #MilterSocketMode 666
- # Begin Plugin::ClamAV
- LogClean Off
- FixStaleSocket true
- LogFacility LOG_MAIL
- AddHeader Replace
- OnInfected Reject
- LogSyslog true
- LogInfected Basic
- LogTime true
- RejectMsg Blocked by ClamAV - FOUND VIRUS: %v
- TemporaryDirectory /tmp
- MaxFileSize 25M
- OnClean Accept
- MilterSocket /var/spool/postfix/clamav/clamav-milter.ctl
- PidFile /var/run/clamav/clamav-milter.pid
- Foreground false
- LogVerbose false
- SupportMultipleRecipients false
- ReadTimeout 120
- LogRotate true
- OnFail Defer
- LogFile /var/log/clamav/clamav-milter.log
- LogFileMaxSize 0M
- User clamav
- LogFileUnlock false
- MilterSocketMode 666
- MilterSocketGroup clamav
- ClamdSocket unix:/var/run/clamav/clamd.ctl
- # Ending Plugin::ClamAV
The weird thing now is:
The previous problem described by fulltilt and myself does not show again after the current restart, but did before. See:
Code
- systemctl status clamav-milter
- ● clamav-milter.service - LSB: ClamAV virus milter
- Loaded: loaded (/etc/init.d/clamav-milter; generated; vendor preset: enabled)
- Active: active (running) since Wed 2019-09-11 17:34:33 CEST; 14min ago
- Docs: man:systemd-sysv-generator(8)
- Process: 6788 ExecStop=/etc/init.d/clamav-milter stop (code=exited, status=0/SUCCESS)
- Process: 9472 ExecStart=/etc/init.d/clamav-milter start (code=exited, status=0/SUCCESS)
- Tasks: 6 (limit: 4915)
- CGroup: /system.slice/clamav-milter.service
- └─9596 /usr/sbin/clamav-milter --config-file=/etc/clamav/clamav-milter.conf
- Sep 11 17:34:33 neptun systemd[1]: Starting LSB: ClamAV virus milter...
- Sep 11 17:34:33 neptun clamav-milter[9595]: +++ Started at Wed Sep 11 17:34:33 2019
- Sep 11 17:34:33 neptun clamav-milter[9472]: Starting Sendmail milter plugin for ClamAV: clamav-milter.
- Sep 11 17:34:33 neptun systemd[1]: Started LSB: ClamAV virus milter.
Code
- systemctl status clamav-daemon
- ● clamav-daemon.service - Clam AntiVirus userspace daemon
- Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; vendor preset: enabled)
- Drop-In: /etc/systemd/system/clamav-daemon.service.d
- └─extend.conf
- Active: active (running) since Wed 2019-09-11 17:33:31 CEST; 15min ago
- Docs: man:clamd(8)
- man:clamd.conf(5)
- https://www.clamav.net/documents/
- Process: 7546 ExecStartPre=/bin/chown clamav /run/clamav (code=exited, status=0/SUCCESS)
- Process: 7543 ExecStartPre=/bin/mkdir /run/clamav (code=exited, status=1/FAILURE)
- Main PID: 7549 (clamd)
- Tasks: 2 (limit: 4915)
- CGroup: /system.slice/clamav-daemon.service
- └─7549 /usr/sbin/clamd --foreground=true
- Sep 11 17:34:04 neptun clamd[7549]: Wed Sep 11 17:34:04 2019 -> Portable Executable support enabled.
- Sep 11 17:34:04 neptun clamd[7549]: Wed Sep 11 17:34:04 2019 -> ELF support enabled.
- Sep 11 17:34:04 neptun clamd[7549]: Wed Sep 11 17:34:04 2019 -> Mail files support enabled.
- Sep 11 17:34:04 neptun clamd[7549]: Wed Sep 11 17:34:04 2019 -> OLE2 support enabled.
- Sep 11 17:34:04 neptun clamd[7549]: Wed Sep 11 17:34:04 2019 -> PDF support enabled.
- Sep 11 17:34:04 neptun clamd[7549]: Wed Sep 11 17:34:04 2019 -> SWF support enabled.
- Sep 11 17:34:04 neptun clamd[7549]: Wed Sep 11 17:34:04 2019 -> HTML support enabled.
- Sep 11 17:34:04 neptun clamd[7549]: Wed Sep 11 17:34:04 2019 -> XMLDOCS support enabled.
- Sep 11 17:34:04 neptun clamd[7549]: Wed Sep 11 17:34:04 2019 -> HWP3 support enabled.
- Sep 11 17:34:04 neptun clamd[7549]: Wed Sep 11 17:34:04 2019 -> Self checking every 3600 seconds.
Output of tail -f /var/log/clamav/clamav-milter.log after the update until now:
Code
- tail -f /var/log/clamav/clamav-milter.log
- Wed Sep 11 02:00:19 2019 -> WARNING: No clamd server appears to be available
- Wed Sep 11 02:15:53 2019 -> +++ Started at Wed Sep 11 02:15:53 2019
- Wed Sep 11 02:15:53 2019 -> WARNING: No clamd server appears to be available
- Wed Sep 11 02:16:52 2019 -> WARNING: No clamd server appears to be available
- Wed Sep 11 02:45:07 2019 -> +++ Started at Wed Sep 11 02:45:07 2019
- Wed Sep 11 02:45:07 2019 -> WARNING: No clamd server appears to be available
- Wed Sep 11 17:32:46 2019 -> +++ Started at Wed Sep 11 17:32:46 2019
- Wed Sep 11 17:32:46 2019 -> WARNING: No clamd server appears to be available
- Wed Sep 11 17:34:33 2019 -> +++ Started at Wed Sep 11 17:34:33 2019
The latest restart at 17:34:33 2019 - right before I started to check everything again - seems to fixed the problem itself, because the previous error WARNING: No clamd server appears to be available isn't there anymore.