After 3 hours of chasing this problem, I have solved it with a simple solution. I am recording the fault and workaround for the benefit of others.
The system: * qmail 1.03 * qmail-scanner 1.25 * clamav 0.88.2, clamdscan running, qmail-scanner configured to use this * qmail-stmpd running under daemontool's service function with softlimit set to 15000000 * perl 5.6.1 * FreeBSD 5.2.1 Symptom: * At 17:45 GMT 19 Jun I received clamav's release virus signature daily.cvd version 1550. * Around this time, incoming mail was being blocked. * Mail clients report "451 qq crashed (#4.3.0)" * Problem reproduced using telnet to port 25 locally on the machine * No new activity in /var/log/qmail/current (excluding retries of messages still in the queue) My initial assumption was that Clamav was breaking qmail-scanner which was breaking qmail. Investigation 1. tried altering softlimit (like everyone says, e.g. http://msgs.securepoint.com/cgi-bin/get/qmail0304/374/2.html), in vain 2. Unit test of clamdscan was fine (# clamdscan /tmp) 3. Executing this: "/var/qmail/bin/qmail-scanner-queue.pl -h" produced: "Segmentation fault" before showing any output 4. Tried upgrading to 2.01 of qmail-scanner but still got same issue 5. Tried cycling clamdscan daemon, in vain 6. Problem narrowed to qmail-scanner and its interaction with syslog using: perl -d -T /var/qmail/bin/qmail-scanner-queue.pl -h showed an "Abort trap" in Syslog.pm line 234 which for my version is around this code: ($whoami = 'syslog'); 7. tried restarting FreeBSD syslogd daemon in vain. Solution I applied Microsoft solution number 1: reboot. And it worked! The box had run for 78 days and there was nothing else showing errors; I can only conclude that the syslog subsystem was irrevocably screwed. Andrew Liles. _______________________________________________ Qmail-scanner-general mailing list Qmail-scanner-general@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
