ClamAV plugin - Error with Clamav-milter

    @Ninos


    Also, try to raise the StreamMaxLength value for clamd..


    In fact, there is many parameters for filezize... http://manpages.ubuntu.com/man…se/man5/clamd.conf.5.html

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

    SSH key for online support

    Thansk @Ninos


    I leave here information system... @Nuxwin can see all the details


    System working with


    -- Debian wheezy
    -- i-MSCP 1.2.9
    -- Build: 20150703
    -- Codename: Andromeda



    Main.cf
    -------------


    # Some common configuration parameters
    inet_protocols = ipv4
    inet_interfaces = all
    mynetworks_style = host



    # IPv4 source for outbound mails
    smtp_bind_address = sending_ip



    # IPv6 source for outbound mails
    #smtp_bind_address6 =



    myhostname = balder.com.es
    mydomain = server.com.local
    myorigin = $myhostname



    smtpd_banner = $myhostname ESMTP i-MSCP 1.2.9 Managed



    # Receiving messages parameters
    mydestination = $myhostname, $mydomain
    append_dot_mydomain = no
    append_at_myorigin = yes
    local_transport = local
    transport_maps = hash:/etc/postfix/imscp/transport
    relay_domains = hash:/etc/postfix/imscp/relay_domains
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases



    # Delivering local messages parameters
    mail_spool_directory = /var/mail



    # Mailboxquota
    # => 0 for unlimited
    # => 104857600 for 100 MB
    mailbox_size_limit = 0
    mailbox_command = procmail -a "$EXTENSION"



    # Message size limit
    # => 0 for unlimited
    # => 104857600 for 100 MB
    message_size_limit = 0



    biff = no
    recipient_delimiter = +



    local_destination_recipient_limit = 1
    local_recipient_maps = unix:passwd.byname $alias_database



    # i-MSCP Autoresponder parameters
    imscp-arpl_destination_recipient_limit = 1



    # Delivering virtual messages parameters
    virtual_mailbox_base = /var/mail/virtual
    virtual_mailbox_limit = 0



    virtual_mailbox_domains = hash:/etc/postfix/imscp/domains
    virtual_mailbox_maps = hash:/etc/postfix/imscp/mailboxes



    virtual_alias_maps = hash:/etc/postfix/imscp/aliases



    virtual_minimum_uid = 999
    virtual_uid_maps = static:999
    virtual_gid_maps = static:8



    # SASL parameters
    smtpd_sasl_type = cyrus
    smtpd_sasl_path = smtpd
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_sasl_authenticated_header = yes



    smtpd_helo_required = yes



    smtpd_helo_restrictions = permit_mynetworks,
    permit_sasl_authenticated,
    reject_invalid_helo_hostname,
    reject_non_fqdn_helo_hostname



    smtpd_sender_restrictions = reject_non_fqdn_sender,
    reject_unknown_sender_domain,
    permit_mynetworks,
    permit_sasl_authenticated



    smtpd_relay_restrictions =



    smtpd_recipient_restrictions = reject_non_fqdn_recipient,
    reject_unknown_recipient_domain,
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_unauth_destination,
    reject_unlisted_recipient,
    check_policy_service inet:127.0.0.1:12525,
    permit



    smtpd_data_restrictions = reject_multi_recipient_bounce,
    reject_unauth_pipelining



    # TLS parameters
    smtpd_tls_security_level = may
    smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
    smtpd_tls_protocols = !SSLv2, !SSLv3
    smtpd_tls_loglevel = 1
    smtpd_tls_cert_file = /etc/imscp/imscp_services.pem
    smtpd_tls_key_file = /etc/imscp/imscp_services.pem
    smtpd_tls_auth_only = no
    smtpd_tls_received_header = yes



    smtp_tls_security_level = may
    smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
    smtp_tls_protocols = !SSLv2, !SSLv3
    smtp_tls_loglevel = 1
    smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt



    virtual_transport = dovecot
    dovecot_destination_recipient_limit = 1
    non_smtpd_milters = inet:localhost:32767 inet:localhost:12345 unix:/spamass/spamass.sock
    smtpd_milters = inet:localhost:32767 inet:localhost:12345 unix:/spamass/spamass.sock
    milter_default_action = accept
    milter_connect_macros = j {daemon_name} v {if_name} _


    #####
    # Quitar warning de postifix
    # non_smtpd_milters = inet:localhost:12345 unix:/spamass/spamass.sock inet:localhost:32767
    # smtpd_milters = inet:localhost:12345 unix:/spamass/spamass.sock inet:localhost:32767



    Clamav-Milter Automatic configuration plugin 1.1.4


    #Automatically Generated by clamav-milter postinst
    #To reconfigure clamav-milter run #dpkg-reconfigure clamav-milter
    #Please read /usr/share/doc/clamav-base/README.Debian.gz for details
    #MilterSocket /var/run/clamav/clamav-milter.ctl
    #FixStaleSocket true
    #User clamav
    #AllowSupplementaryGroups true
    #ReadTimeout 120
    #Foreground false
    #PidFile /var/run/clamav/clamav-milter.pid
    #ClamdSocket unix:/var/run/clamav/clamd.ctl
    #OnClean Accept
    #OnInfected Quarantine
    #OnFail Defer
    #AddHeader Replace
    #LogSyslog false
    #LogFacility LOG_LOCAL6
    #LogVerbose false
    #LogInfected Off
    #LogClean Off
    #LogRotate true
    #MaxFileSize 25M
    #SupportMultipleRecipients false
    #TemporaryDirectory /tmp
    #LogFile /var/log/clamav/clamav-milter.log
    #LogTime true
    #LogFileUnlock false
    #LogFileMaxSize 1M
    #MilterSocketGroup clamav
    #MilterSocketMode 666





    # Begin Plugin::ClamAV
    MilterSocket inet:32767@localhost
    MilterSocketGroup clamav
    MilterSocketMode 666
    FixStaleSocket true
    User clamav
    AllowSupplementaryGroups true
    ReadTimeout 120
    Foreground false
    PidFile /var/run/clamav/clamav-milter.pid
    TemporaryDirectory /tmp
    ClamdSocket unix:/var/run/clamav/clamd.ctl
    MaxFileSize 25M
    OnClean Accept
    OnInfected Reject
    OnFail Defer
    RejectMsg Blocked by ClamAV - FOUND VIRUS: %v
    AddHeader Replace
    LogFile /var/log/clamav/clamav-milter.log
    LogFileUnlock false
    LogFileMaxSize 0M
    LogTime true
    LogSyslog true
    LogFacility LOG_MAIL
    LogVerbose false
    LogInfected Basic
    LogClean Off
    LogRotate true
    SupportMultipleRecipients false
    # Ending Plugin::ClamAV

    something new?I am saying @kurgans
    method not working now :( it is impossible to send large attachments if the plugin is activated.


    El método que decías me estuvo funcionando pero creo que algo he actualiazdo y si tengo el plugin activo no hay forma de mandar archivos adjuntos grandes.

    Here is a workaround how you could fix it:


    • Open the file /var/www/imscp/gui/plugins/ClamAV/config.php and change the entry for PostfixMilterSocket and MilterSocket to the following value:


      Code
      1. 'PostfixMilterSocket' => 'unix:/clamav/clamav-milter.ctl','MilterSocket' => '/var/spool/postfix/clamav/clamav-milter.ctl',
    • Go to the directory /var/spool/postfix and check that the clamav directory exists and is owned by the user clamav.


      Code
      1. # cd /var/spool/postfix/
      2. # ls -ld clamav
      5. The output should look like this:
      8. drwxr-xr-x 2 clamav root 4.0K Oct 8 10:41 clamav
    • Logon to i-MSCP admin panel and navigate to the plugins and press the Update Plugins button.
    • Send a mail with an attachment that is larger then 10MB and it should work.
    • Check also the mail.log for errors from clamav-milter.

    I also found the root couse of the problem.


    TCP Socket communication (what is the default at the moment) between clamav-milter and clamd on large files is too slow and therefore clamav-milter is getting a timeout from clamd.


    If you want to use TCP Socket communication (what I would not recommend, because it is slower than Unix Socket communication), you have to change the CommandReadTimeout value.


    • Open the file /etc/clamav/clamd.conf
    • Change the entry CommandReadTimeout 5 to CommandReadTimeout 30
    • Restart the clamav-daemon with 'service clamav-daemon restart'


    If you want to switch to the faster Unix Socket communication, then use my description from post 25.

    Edited once, last by mrpink ().

    I love you @mrpink, thx!! I'll do tests the next few days and release a newer version :-)