Hello, I've noticed that clamav has some problems. I've found two strange situations (logs):
1) Oct 23 06:46:40 server sendmail[9505]: l9N4kcJE009505: from=<[EMAIL PROTECTED]>, size=24270, class=0, nrcpts=1, msgid=<[EMAIL PROTECTED]>, proto=ESMTP, daemon=MTA, relay=p54ACF66C.dip.t-dialin.net [84.172.246.108] Oct 23 06:46:40 server clamav-milter[7502]: /tmp/clamav-06caa41c9bc06f15eb78a6234dc2fb90/msg.U2hvF8: Worm.SomeFool.D FOUND Oct 23 06:46:40 server sendmail[9505]: l9N4kcJE009505: Milter add: header: X-Virus-Scanned: ClamAV 0.91.2/4568/Tue Oct 23 06:23:16 2007 on smtp.domain Oct 23 06:46:40 server sendmail[9505]: l9N4kcJE009505: Milter add: header: X-Virus-Status: Infected with Worm.SomeFool.D Oct 23 06:50:40 server sendmail[9505]: l9N4kcJE009505: Milter (clamav): timeout during data read Oct 23 06:50:40 server sendmail[9505]: l9N4kcJE009505: Milter (clamav): to error state Oct 23 06:50:46 server sendmail[9505]: l9N4kcJE009505: Milter add: header: X-Spam-Flag: YES ... It seems to me all messages with virus timed out (why?). 2) Oct 22 18:26:42 server sendmail[3965]: l9MGQgoK003965: from=<[EMAIL PROTECTED]>, size=5702, class=0, nrcpts=1, msgid=<[EMAIL PROTECTED]>, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=dahlia.mendelu.cz [195.178.72.10] Oct 22 18:30:42 server sendmail[3965]: l9MGQgoK003965: Milter (clamav): timeout during data read Oct 22 18:30:42 server sendmail[3965]: l9MGQgoK003965: Milter (clamav): to error state Oct 22 18:30:53 server sendmail[3965]: l9MGQgoK003965: Milter add: header: X-Spam-Status: No, hits=-0.4/5.0 learn=no ... Users report this happen usually with bigger e-mails. Mailer client show them error message (client time out - but sendmail deliver the mail) so they resend it second time without problem. I have no problematic e-mail. My configuration: CentOS 4.5: sendmail 8.13.1-3.2.el4, clamav 0.91.2 (self-compiled), XFS fs clamav configuration: ./configure --prefix=/some/path --sysconfdir=/etc --enable-milter --with-dbdir=/home/clamav --enable-bigstack --enable-id-check --disable-clamuko --with-tcpwrappers --disable-zlib-vcheck I'm running clamav-milter this way: /some/path/clamav-milter -fdNH local:/var/run/clamav/milter.sock sendmail config (clamav related): O InputMailFilters=clamav,spamassassin Xclamav, S=local:/var/run/clamav/milter.sock, F=, T=C:15;S:4m;R:4m;E:10m Thanks for some hint Luf _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
