1 Topic by giu989 (edited by giu989 2016-05-28 18:33:06)

  • giu989
  • Member
  • Offline
  • Registered: 2016-05-13
  • Posts: 13

Topic: ClamAV fails to load

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.5-1
- Linux/BSD distribution name and version:  Ubuntu 14
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  MySQL
- Web server (Apache or Nginx): Nginx
- Related log if you're reporting an issue:
====

Hi all, I recently set up an email server, and I seem to be encountering an error with ClamAV antivirus. I don't much experience with iRedMail so apologies if this question is obvious/easy to solve. Any help would be greatly appreciated. Thanks!!

(From what I can tell ClamAV seems to not be able to find a critical file for its functionality. However, I'm not sure how to fix this.)

Anyway, here is the relevant part of the log:

May 28 06:15:09 mail amavis[5931]: (05931-10) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory
May 28 06:15:10 mail amavis[5931]: (05931-10) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory
May 28 06:15:10 mail amavis[5931]: (05931-10) (!)ClamAV-clamd: All attempts (1) failed connecting to /var/run/clamav/clamd.ctl, retrying (2)
May 28 06:15:16 mail amavis[5931]: (05931-10) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory
May 28 06:15:16 mail amavis[5931]: (05931-10) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (All attempts (1) failed connecting to /var/run/clamav$
May 28 06:15:16 mail amavis[5931]: (05931-10) (!)WARN: all primary virus scanners failed, considering backups
May 28 06:15:19 mail amavis[5931]: (05931-10) (!)run_av (ClamAV-clamscan) FAILED - unexpected exit 2, output="WARNING: Ignoring deprecated option --disable-summary\nLibClamAV Error: mpool_malloc(): Can't$
May 28 06:15:19 mail amavis[5931]: (05931-10) (!)ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan unexpected exit 2, output="WARNING: Ignoring deprecated option --disable-summary\nLibClamAV Error: mp$
May 28 06:15:19 mail amavis[5931]: (05931-10) (!)...40) line 899.
May 28 06:15:19 mail amavis[5931]: (05931-10) (!!)AV: ALL VIRUS SCANNERS FAILED

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,809

Re: ClamAV fails to load

Please try to run 'freshclam' command first to update signature database, then make sure ClamAV service is running.

3 Reply by giu989

  • giu989
  • Member
  • Offline
  • Registered: 2016-05-13
  • Posts: 13

Re: ClamAV fails to load

ZhangHuangbin wrote:

Please try to run 'freshclam' command first to update signature database, then make sure ClamAV service is running.

Thanks very much for your reply!

I ran freshclam and it gave:

root@mail:~# freshclam
ClamAV update process started at Sat May 28 09:44:07 2016
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.98.7 Recommended version: 0.99.2
DON'T PANIC! Read http://www.clamav.net/support/faq
main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
nonblock_connect: connect timing out (30 secs)
Can't connect to port 80 of host db.local.clamav.net (IP: 213.73.255.243)
WARNING: getfile: daily-21627.cdiff not found on remote server (IP: 217.19.16.188)
WARNING: getpatch: Can't download daily-21627.cdiff from db.local.clamav.net
Downloading daily-21627.cdiff [100%]
daily.cld updated (version: 21627, sigs: 188968, f-level: 63, builder: neo)
bytecode.cvd is up to date (version: 277, sigs: 47, f-level: 63, builder: neo)
Database updated (4407805 signatures) from db.local.clamav.net (IP: 194.109.6.97)

To check whether ClamAV was running:

root@mail:~# service clamd status
clamd: unrecognised service

Which seemed very weird. I then did

rpm -q clamav
package clamav is not installed

I made sure to install it during the set up process, so this is very confusing!

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,809

Re: ClamAV fails to load

Are you running RHEL/CentOS or Ubuntu? Your first post mentions it's Ubuntu. On Debian/Ubuntu, the service name is 'clamav-daemon'.

5 Reply by giu989

  • giu989
  • Member
  • Offline
  • Registered: 2016-05-13
  • Posts: 13

Re: ClamAV fails to load

ZhangHuangbin wrote:

Are you running RHEL/CentOS or Ubuntu? Your first post mentions it's Ubuntu. On Debian/Ubuntu, the service name is 'clamav-daemon'.

Yes I am sorry, I was running Ubuntu and typed in the wrong command. 'service clam-av daemon' reported that clamav was in fact not running. When trying to enable it I received a lack of memory error. My server ran on 512 MB ram and I fixed the issue by upgrading the RAM amount.

ClamAV is now working.

Thank you very much!!

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,809

Re: ClamAV fails to load

It's clearly mentioned in the "System Requirements" section of iRedMail installation guide:

2 GB of memory is recommended for a low traffic production server. Spam/Virus scanning will take most system resource.