1

Topic: Clam Update Log not working after upgrade

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.5.1
- Deployed with iRedMail Easy or the downloadable installer? Easy
- Linux/BSD distribution name and version: Ubuntu 20.04.03 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

After upgrading both Ubuntu from 18 to 20 and iRedMail to 1.5.1 the logwatch email is reporting:

--------------------- clam-update Begin ------------------------

No updates detected in the log for the freshclam daemon (the
ClamAV update process).  If the freshclam daemon is not running,
you may need to restart it.  Other options:

A. If you no longer wish to run freshclam, deleting the log file
   (configured is /var/log/clamav/freshclam.log ) will suppress this error message.

B. If you use a different log file, update the appropriate
   configuration file.  For example:
      echo "LogFile = log_file" >> /etc/logwatch/conf/logfiles/clam-update.conf
   where log_file is the filename of the freshclam log file.

C. If you are logging using syslog, you need to indicate that your
   log file uses the syslog format.  For example:
      echo "*OnlyService = freshclam" >> /etc/logwatch/conf/logfiles/clam-update.conf
      echo "*RemoveHeaders" >> /etc/logwatch/conf/logfiles/clam-update.conf

---------------------- clam-update End -------------------------

I have checked that both the clamav and freshclam daemons are running:

root@mail:~# /etc/init.d/clamav-daemon status
● clamav-daemon.service - Clam AntiVirus userspace daemon
     Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; vendor preset: enabled)
    Drop-In: /etc/systemd/system/clamav-daemon.service.d
             └─extend.conf, override.conf
     Active: active (running) since Thu 2022-01-06 15:12:23 NZDT; 2 days ago
       Docs: man:clamd(8)
             man:clamd.conf(5)
             https://www.clamav.net/documents/
    Process: 372 ExecStartPre=/bin/mkdir -p /run/clamav (code=exited, status=0/SUCCESS)
    Process: 382 ExecStartPre=/bin/chown clamav /run/clamav (code=exited, status=0/SUCCESS)
   Main PID: 384 (clamd)
      Tasks: 2 (limit: 7109)
     Memory: 1.6G
     CGroup: /system.slice/clamav-daemon.service
             └─384 /usr/sbin/clamd --foreground=true

Jan 09 01:54:22 mail.safestore.co.nz clamd[384]: Sun Jan  9 01:54:22 2022 -> SelfCheck: Database status OK.
Jan 09 01:54:22 mail.safestore.co.nz clamd[384]: SelfCheck: Database status OK.
Jan 09 03:00:09 mail.safestore.co.nz clamd[384]: Sun Jan  9 03:00:09 2022 -> SelfCheck: Database status OK.
Jan 09 03:00:09 mail.safestore.co.nz clamd[384]: SelfCheck: Database status OK.
Jan 09 04:02:00 mail.safestore.co.nz clamd[384]: Sun Jan  9 04:02:00 2022 -> SelfCheck: Database status OK.
Jan 09 04:02:00 mail.safestore.co.nz clamd[384]: SelfCheck: Database status OK.
Jan 09 05:25:54 mail.safestore.co.nz clamd[384]: Sun Jan  9 05:25:54 2022 -> SelfCheck: Database status OK.
Jan 09 05:25:54 mail.safestore.co.nz clamd[384]: SelfCheck: Database status OK.
Jan 09 06:51:29 mail.safestore.co.nz clamd[384]: Sun Jan  9 06:51:29 2022 -> SelfCheck: Database status OK.
Jan 09 06:51:29 mail.safestore.co.nz clamd[384]: SelfCheck: Database status OK.

root@mail:~# /etc/init.d/clamav-freshclam status
● clamav-freshclam.service - ClamAV virus database updater
     Loaded: loaded (/lib/systemd/system/clamav-freshclam.service; enabled; vendor preset: enabled)
    Drop-In: /etc/systemd/system/clamav-freshclam.service.d
             └─override.conf
     Active: active (running) since Thu 2022-01-06 15:12:25 NZDT; 2 days ago
       Docs: man:freshclam(1)
             man:freshclam.conf(5)
             https://www.clamav.net/documents
   Main PID: 586 (freshclam)
      Tasks: 1 (limit: 7109)
     Memory: 179.9M
     CGroup: /system.slice/clamav-freshclam.service
             └─586 /usr/bin/freshclam -d --foreground=true

Jan 09 07:12:52 mail.safestore.co.nz freshclam[586]: check_for_new_database_version: Local copy of main found: main.cld.
Jan 09 07:12:52 mail.safestore.co.nz freshclam[586]: query_remote_database_version: main.cvd version from DNS: 62
Jan 09 07:12:52 mail.safestore.co.nz freshclam[586]: main.cld database is up-to-date (version: 62, sigs: 6647427, f-…sigmgr)
Jan 09 07:12:52 mail.safestore.co.nz freshclam[586]: fc_update_database: main.cld already up-to-date.
Jan 09 07:12:52 mail.safestore.co.nz freshclam[586]: Current working dir is /var/lib/clamav/
Jan 09 07:12:52 mail.safestore.co.nz freshclam[586]: check_for_new_database_version: Local copy of bytecode found: b…de.cld.
Jan 09 07:12:52 mail.safestore.co.nz freshclam[586]: query_remote_database_version: bytecode.cvd version from DNS: 333
Jan 09 07:12:52 mail.safestore.co.nz freshclam[586]: bytecode.cld database is up-to-date (version: 333, sigs: 92, f-…illia2)
Jan 09 07:12:52 mail.safestore.co.nz freshclam[586]: fc_update_database: bytecode.cld already up-to-date.
Jan 09 07:12:52 mail.safestore.co.nz freshclam[586]: --------------------------------------
Hint: Some lines were ellipsized, use -l to show in full.

The contents of /etc/logwatch/conf/logfiles/clam-update.conf are:
*OnlyService = freshclam
*RemoveHeaders

which indicates option (c) in the message.

What to do to get the Clam Update log to report correctly?

Thanks

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.