1 Topic by awol123

  • awol123
  • Member
  • Offline
  • Registered: 2019-03-21
  • Posts: 28

Topic: amavis error in mail.log

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.2.1
- Deployed with iRedMail Easy or the downloadable installer? downloadable
- Linux/BSD distribution name and version:  Debian GNU/Linux 9.12 (stretch)
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I had to restart my mail server today and noticed the below errors in the mail.log when starting. Mail is going in/out fine.


Jun  8 18:02:04 mailserver amavis[1801]: Using primary internal av scanner code for clamav-socket
Jun  8 18:02:04 mailserver amavis[1801]: Found secondary av scanner clamav-clamscan at /usr/bin/clamscan
Jun  8 18:02:20 mailserver amavis[1838]: (01838-01) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to a UNIX socket /var/run/clamav/clamd.ctl: No such file or directory
Jun  8 18:02:21 mailserver amavis[1838]: (01838-01) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to a UNIX socket /var/run/clamav/clamd.ctl: No such file or directory
Jun  8 18:02:21 mailserver amavis[1838]: (01838-01) (!)clamav-socket: All attempts (1) failed connecting to /var/run/clamav/clamd.ctl, retrying (2)
Jun  8 18:02:24 mailserver amavis[1838]: (01838-01) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to a UNIX socket /var/run/clamav/clamd.ctl: No such file or directory
Jun  8 18:02:24 mailserver amavis[1838]: (01838-01) (!)clamav-socket av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (All attempts (1) failed connecting to /var/run/clamav/clamd.ctl) at (eval 113) line 613.\n
Jun  8 18:02:24 mailserver amavis[1838]: (01838-01) (!)WARN: all primary virus scanners failed, considering backups
Jun  8 18:02:32 mailserver amavis[1839]: (!)policy protocol: INVALID AM.PDP ATTRIBUTE LINE: POST / HTTP/1.1\r\n
Jun  8 18:02:32 mailserver amavis[1839]: (!!)policy_server FAILED: Missing 'request' field at (eval 105) line 196, <GEN32> line 7.
Jun  8 18:02:33 mailserver amavis[1839]: (!)policy protocol: INVALID AM.PDP ATTRIBUTE LINE: [{"version": "1.1", "params": [], "id": 0, "method": "getmempoolinfo"}, {"version": "1.1", "params": [], "id": 1, "method": "getnetworkinfo"}, {"version": "1.1", "params": [], "id": 2, "method": "getblockchaininfo"}, {"version": "1.1", "params": [], "id": 3, "method": "getmemoryinfo"}, {"version": "1.1", "params": [], "id": 4, "method": "gettxoutsetinfo"}]
Jun  8 18:02:33 mailserver amavis[1840]: (!)policy protocol: INVALID AM.PDP ATTRIBUTE LINE: POST / HTTP/1.1\r\n
Jun  8 18:02:33 mailserver amavis[1840]: (!!)policy_server FAILED: Missing 'request' field at (eval 105) line 196, <GEN32> line 7.
Jun  8 18:02:34 mailserver amavis[1840]: (!)policy protocol: INVALID AM.PDP ATTRIBUTE LINE: [{"version": "1.1", "params": [], "id": 0, "method": "getmempoolinfo"}, {"version": "1.1", "params": [], "id": 1, "method": "getnetworkinfo"}, {"version": "1.1", "params": [], "id": 2, "method": "getblockchaininfo"}, {"version": "1.1", "params": [], "id": 3, "method": "getmemoryinfo"}, {"version": "1.1", "params": [], "id": 4, "method": "gettxoutsetinfo"}]

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by MuPp3t33r

  • MuPp3t33r
  • Member
  • Offline
  • Registered: 2017-01-17
  • Posts: 149

Re: amavis error in mail.log

Is clam running?

/etc/init.d/clamav-daemon status

if clam does not start then post the clam logs for troubleshooting

3 Reply by awol123 (edited by awol123 2020-06-09 01:50:11)

  • awol123
  • Member
  • Offline
  • Registered: 2019-03-21
  • Posts: 28

Re: amavis error in mail.log

MuPp3t33r wrote:

Is clam running?

/etc/init.d/clamav-daemon status

if clam does not start then post the clam logs for troubleshooting

Thanks for the quick reply.

Clam appears to be running:
   Active: active (running) since Mon 2020-06-08 18:01:50 BST; 26min ago

However i've just restarted the service and although it's still running, there is an error on one of the processes:

● clamav-daemon.service - Clam AntiVirus userspace daemon
   Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; vendor preset: enabled)
  Drop-In: /etc/systemd/system/clamav-daemon.service.d
           └─extend.conf
   Active: active (running) since Mon 2020-06-08 18:37:26 BST; 5s ago
     Docs: man:clamd(8)
           man:clamd.conf(5)
           https://www.clamav.net/documents/
  Process: 5958 ExecStartPre=/bin/chown clamav /run/clamav (code=exited, status=0/SUCCESS)
  Process: 5955 ExecStartPre=/bin/mkdir /run/clamav (code=exited, status=1/FAILURE)
Main PID: 5960 (clamd)
    Tasks: 1 (limit: 4915)
   CGroup: /system.slice/clamav-daemon.service
           └─5960 /usr/sbin/clamd --foreground=true

The only log entry relevant is
Jun 08 18:37:26 mailserver mkdir[5955]: /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

I've just checked the apt log and clam was upgraded earlier, freshclam has gone from 0.102.2 to 0.102.3

Upgrade: clamav:amd64 (0.102.2+dfsg-0~deb9u1, 0.102.3+dfsg-0~deb9u1), clamav-daemon:amd64 (0.102.2+dfsg-0~deb9u1, 0.102.3+dfsg-0~deb9u1), clamdscan:amd64 (0.102.2+dfsg-0~deb9u1, 0.102.3+dfsg-0~deb9u1), clamav-freshclam:amd64 (0.102.2+dfsg-0~deb9u1, 0.102.3+dfsg-0~deb9u1), ca-certificates:amd64 (20161130+nmu1+deb9u1, 20200601~deb9u1), clamav-base:amd64 (0.102.2+dfsg-0~deb9u1, 0.102.3+dfsg-0~deb9u1), libclamav9:amd64 (0.102.2+dfsg-0~deb9u1, 0.102.3+dfsg-0~deb9u1)
End-Date: 2020-06-08  17:51:49

4 Reply by awol123 (edited by awol123 2020-06-09 02:23:42)

  • awol123
  • Member
  • Offline
  • Registered: 2019-03-21
  • Posts: 28

Re: amavis error in mail.log

Well this is odd, I just restarted the server again and the (!)connect errors no longer appear.
I wonder if the upgraded clam installation was doing an update or something at the time.

I am, however, still getting the (!)policy protocol errors.

Jun  8 19:14:00 mailserver amavis[1791]: Using primary internal av scanner code for clamav-socket
Jun  8 19:14:00 mailserver amavis[1791]: Found secondary av scanner clamav-clamscan at /usr/bin/clamscan
Jun  8 19:14:17 mailserver amavis[1838]: (!)policy protocol: INVALID AM.PDP ATTRIBUTE LINE: POST / HTTP/1.1\r\n
Jun  8 19:14:17 mailserver amavis[1838]: (!!)policy_server FAILED: Missing 'request' field at (eval 105) line 196, <GEN32> line 7.
Jun  8 19:14:18 mailserver amavis[1838]: (!)policy protocol: INVALID AM.PDP ATTRIBUTE LINE: [{"version": "1.1", "params": [], "id": 0, "method": "getmempoolinfo"}, {"version": "1.1", "params": [], "id": 1, "method": "getnetworkinfo"}, {"version": "1.1", "params": [], "id": 2, "method": "getblockchaininfo"}, {"version": "1.1", "params": [], "id": 3, "method": "getmemoryinfo"}, {"version": "1.1", "params": [], "id": 4, "method": "gettxoutsetinfo"}]
Jun  8 19:14:18 mailserver amavis[1839]: (!)policy protocol: INVALID AM.PDP ATTRIBUTE LINE: POST / HTTP/1.1\r\n
Jun  8 19:14:18 mailserver amavis[1839]: (!!)policy_server FAILED: Missing 'request' field at (eval 105) line 196, <GEN32> line 7.
Jun  8 19:14:19 mailserver amavis[1839]: (!)policy protocol: INVALID AM.PDP ATTRIBUTE LINE: [{"version": "1.1", "params": [], "id": 0, "method": "getmempoolinfo"}, {"version": "1.1", "params": [], "id": 1, "method": "getnetworkinfo"}, {"version": "1.1", "params": [], "id": 2, "method": "getblockchaininfo"}, {"version": "1.1", "params": [], "id": 3, "method": "getmemoryinfo"}, {"version": "1.1", "params": [], "id": 4, "method": "gettxoutsetinfo"}]

5 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: amavis error in mail.log

awol123 wrote:

I am, however, still getting the (!)policy protocol errors.

Safe to ignore. It's triggered by netdata, it is trying to connect to another network service running on the network port which is used by Amavisd.

6 Reply by awol123

  • awol123
  • Member
  • Offline
  • Registered: 2019-03-21
  • Posts: 28

Re: amavis error in mail.log

ZhangHuangbin wrote:
awol123 wrote:

I am, however, still getting the (!)policy protocol errors.

Safe to ignore. It's triggered by netdata, it is trying to connect to another network service running on the network port which is used by Amavisd.

Thanks Zhang.