Logs Filling up wit...
 
Notifications
Clear all

Logs Filling up with Clamav.sock Errors After Disabling AV

5 Posts
4 Users
0 Reactions
381 Views
(@tlaramie)
Joined: 6 months ago
Posts: 2
Topic starter  

We're running CE 24.3 in our internal DEV network and disabled Antivirus to reduce load but after following the instructions our logs are now full of errors like so:

Jun 26 03:35:13 carbonio-ops-int-nvan amavis[90460]: (90460-01-21) (!)connect to /opt/zextras/data/clamav/clamav.sock failed, attempt #1: Can't connect to a UNIX socket /opt/zextras/data/clamav/clamav.sock: No such file or directory
Jun 26 03:35:13 carbonio-ops-int-nvan amavis[90460]: (90460-01-21) (!)ClamAV-clamd: All attempts (1) failed connecting to /opt/zextras/data/clamav/clamav.sock, retrying (2)
Jun 26 03:35:13 carbonio-ops-int-nvan amavis[90443]: (90443-01-22) (!)clamav: while feeding req_id 1: Error writing 26176 bytes to socket: Broken pipe at /opt/zextras/common/lib/perl5/Amavis/IO/RW.pm line 325.
Jun 26 03:35:13 carbonio-ops-int-nvan amavis[90443]: (90443-01-22) (!)clamav: aborting: 1 pending, 2 remaining
Jun 26 03:35:13 carbonio-ops-int-nvan amavis[90443]: (90443-01-22) (!)ClamAV-remote-stream av-scanner FAILED: run_av error: clamav: ABORTED: Error writing 26176 bytes to socket: Broken pipe at /opt/zextras/common/lib/perl5/Amavis/IO/RW.pm line 325. at /opt/zextras/common/lib/perl5/Amavis/AV.pm line 520.\n
Jun 26 03:35:13 carbonio-ops-int-nvan amavis[90443]: (90443-01-22) (!)WARN: all primary virus scanners failed, considering backups
Jun 26 03:35:13 carbonio-ops-int-nvan amavis[90443]: (90443-01-22) (!)connect to /opt/zextras/data/clamav/clamav.sock failed, attempt #1: Can't connect to a UNIX socket /opt/zextras/data/clamav/clamav.sock: No such file or directory
Jun 26 03:35:13 carbonio-ops-int-nvan amavis[90443]: (90443-01-22) ClamAV-clamd: All attempts (1) failed connecting to /opt/zextras/data/clamav/clamav.sock, retrying (1)

Mail is still being delivered but tracking message flow is even more of a pain than it usually is. Anyone encounter and/or find a fix for this?


   
Quote
(@sharif)
Admin
Joined: 3 years ago
Posts: 593
 

@tlaramie

Hi,

Could you please share some more details? Like:

1. Your OS
2. What commands you executed precisely.
3. zmcontrol status

Regards,

Sharif


   
ReplyQuote
(@tlaramie)
Joined: 6 months ago
Posts: 2
Topic starter  

@sharif 

  1. Rocky Linux release 8.9 (Green Obsidian)
  2.  As zextras
      212  240625 23:32:23 carbonio prov mcf carbonioAmavisDisableVirusCheck TRUE
      213  240625 23:32:53 zmamavisdctl restart
      214  240625 23:34:03 systemctl mask carbonio-clamav-sidecar.service
      215  240625 23:34:09 exit
    As Root
      172  2024-06-03 19:18:29 systemctl unmask carbonio-clamav-sidecar.service
      173  2024-06-03 19:18:36 systemctl restart service-discover
    As zextras
      216  240625 23:34:54 zmprov ms $(zmhostname) -zimbraServiceEnabled antivirus
  3. zmcontrol status
    Host carbonio-##########.###
    	amavis                  Running
    	directory-server        Running
    	mailbox                 Running
    	memcached               Running
    	mta                     Running
    	opendkim                Running
    	proxy                   Running
    	service webapp          Running
    	service-discover        Running
    	stats                   Running
    	config service          Running
    

 

 


   
ReplyQuote
(@stefanodavid)
Joined: 3 years ago
Posts: 227
 

@tlaramie those you followed are instructions for Carbonio, not the CE edition. You should follow these instructions:  https://docs.zextras.com/carbonio-ce/html/postinstall/disable-clamav.html


   
ReplyQuote
(@arukashi)
Joined: 2 years ago
Posts: 25
 

Same trouble.

I think the problem is that

carbonio prov mcf carbonioAmavisDisableVirusCheck TRUE

somehow doing nothing in the amavis configuration.

root@mail [test]:~# sudo -u zextras /opt/zextras/bin/carbonio prov gcf carbonioAmavisDisableVirusCheck
carbonioAmavisDisableVirusCheck: TRUE


root@mail [test]:~# cat /opt/zextras/conf/amavisd.conf.in | grep -i "uncomment to DISABLE anti-virus code"
%%uncomment VAR:carbonioAmavisDisableVirusCheck%% @bypass_virus_checks_maps = (1);  # uncomment to DISABLE anti-virus code


root@mail [test]:~# cat /opt/zextras/conf/amavisd.conf | grep -i "uncomment to DISABLE anti-virus code"
# @bypass_virus_checks_maps = (1);  # uncomment to DISABLE anti-virus code

And in the end I got in the mail headers this

X-Virus-Scanned: amavis at domain.com

which should not be. And error in the logs like in the initial post

Additional info

zextras@mail:~$ zmcontrol -v
Carbonio Release 24.5.0

zextras@mail:~$ zmcontrol status
Host mail.domain.com
        amavis                  Running
        directory-server        Running
        mailbox                 Running
        memcached               Running
        mta                     Running
        opendkim                Running
        proxy                   Running
        service webapp          Running
        service-discover        Running
        stats                   Running
        config service          Running

zextras@mail:~$ cat /etc/os-release 
PRETTY_NAME="Ubuntu 22.04.4 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.4 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy

 

 


   
ReplyQuote