|
»
»
»
/var/amavis filling up regularly
|
View:
New views
3 Messages
—
Rating Filter:
Alert me
|
 |
/var/amavis filling up regularly
by Heinrich Moser-2
::
Rate this Message:
# Version: Endian Firewall Community release 2.1.2
Hi! We run Endian as a spam/virus filter. Usually, everything works fine, but 5-15 times a day clamav "chokes" on some mail and either (a) fails or (b) does not respond to amavis in time (see below for log examples). Every time this happens, some directory in /var/amavis is created to "preserve evidence" (/var/amavis/clamav-* or /var/amavis/amavis-*). Every month or so, these directories fill up the whole hard drive and no more mails are accepted ("452 Insufficient system storage") until these directories have been removed manually. Clearly, this behavior cannot be "by design", since I'm sure Endian has been designed to run _without_ a Linux guru manually fixing stuff every month. :-) Any ideas on how to permanently fix this? (I know that I could create a cron-job removing these files, but that wouldn't really solve the "cause" of the problem...) Greetings, Heinzi PS: Just to make sure there's no misunderstanding: Endian is *not* configured to quarantine spam or virus mail, it's just those clamav crashes that fill up the HDD. PPS: Log file examples for (a) [reformatted for better reading]: May 17 00:28:48 EFWmoser amavis[23593]: (23593-01) (!!)run_av (Clam Antivirus - clamscan) FAILED - unexpected exit 50, output=" LibClamAV Warning: *********************************************************** LibClamAV Warning: *** This version of the ClamAV engine is outdated. ...*** LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/support/faq *** LibClamAV Warning: *********************************************************** LibClamAV Error: Wrote 0 instead of 512 (/var/amavis/clamav-df61825c7734fa92e5f13c52abb511a3/main.ndb). LibClamAV Error: cli_cvdload(): Can't unpack CVD file. LibClamAV Error: Can't load /usr/share/clamav/main.cvd: CVD extraction failure ERROR: CVD extraction failure" Log file examples for (b): May 11 12:17:14 EFWmoser amavis[3020]: (03020-20) (!)run_av (Clam Antivirus-clamd, built-in i/f): Exceeded allowed time at (eval 40) line 292. May 11 12:17:14 EFWmoser amavis[3020]: (03020-20) (!!)Clam Antivirus-clamd av-scanner FAILED: CODE(0x9edce00) Exceeded allowed time at (eval 40) line 292. at (eval 40) line 491. May 11 12:17:14 EFWmoser amavis[3020]: (03020-20) (!!)WARN: all primary virus scanners failed, considering backups May 11 12:17:36 EFWmoser amavis[3020]: (03020-20) (!)killing process [8664] running Clam Antivirus - clamscan (reason: on reading: timed out) May 11 12:17:36 EFWmoser amavis[3020]: (03020-20) (!)run_av (Clam Antivirus - clamscan): collect_results - reading aborted: timed out at /usr/sbin/amavisd line 2671. May 11 12:17:36 EFWmoser amavis[3020]: (03020-20) (!!)Clam Antivirus - clamscan av-scanner FAILED: /usr/bin/clamscan collect_results - reading aborted: timed out at /usr/sbin/amavisd line 2671. at (eval 40) line 491. May 11 12:17:36 EFWmoser amavis[3020]: (03020-20) (!!)TROUBLE in check_mail: virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: Clam Antivirus-clamd av-scanner FAILED: CODE(0x9edce00) Exceeded allowed time at (eval 40) line 292. at (eval 40) line 491.; Clam Antivirus - clamscan av-scanner FAILED: /usr/bin/clamscan collect_results - reading aborted: timed out at /usr/sbin/amavisd line 2671. at (eval 40) line 491. May 11 12:17:36 EFWmoser amavis[3020]: (03020-20) (!)PRESERVING EVIDENCE in /var/amavis/amavis-20080511T053835-03020 ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Efw-user mailing list Efw-user@... https://lists.sourceforge.net/lists/listinfo/efw-user |
|
|
Re: /var/amavis filling up regularly
by Heinrich Moser-2
::
Rate this Message:
Heinrich Moser <usenet@...> writes:
> We run Endian as a spam/virus filter. Usually, everything works fine, > but 5-15 times a day clamav "chokes" on some mail and either (a) fails > or (b) does not respond to amavis in time (see below for log > examples). [...] > Log file examples for (a) [reformatted for better reading]: > > May 17 00:28:48 EFWmoser amavis[23593]: (23593-01) (!!)run_av (Clam Antivirus - clamscan) FAILED - unexpected exit 50, output=" > LibClamAV Warning: *********************************************************** > LibClamAV Warning: *** This version of the ClamAV engine is outdated. ...*** > LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/support/faq *** > LibClamAV Warning: *********************************************************** > LibClamAV Error: Wrote 0 instead of 512 (/var/amavis/clamav-df61825c7734fa92e5f13c52abb511a3/main.ndb). > LibClamAV Error: cli_cvdload(): Can't unpack CVD file. > LibClamAV Error: Can't load /usr/share/clamav/main.cvd: CVD extraction failure > ERROR: CVD extraction failure" Uh, I just realized that this is just a follow-up error on the "no more disk space" issue, so please ignore this (first) log file example. However, the original error remains (clamav-* or amavis-* directories filling up the HDD), and any help is appreciated. Greetings, Heinzi ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Efw-user mailing list Efw-user@... https://lists.sourceforge.net/lists/listinfo/efw-user |
|
|
Re: /var/amavis filling up regularly
by Pedrotim
::
Rate this Message:
Hi
What could happen if I delete these files?
|
| Free Forum Powered by Nabble | Forum Help |