Hi,
our efaproject server stopped this morning to deliver any mails. Nothing was changed at that time (as far as I could find out).
The last two entries in the monitor are:
14/12/20 07:04:30 azglfvmzcqy@mega.nz info@mydomain.net Men Drugs Shop 1.87kB
Virus (Porcupine.Junk.49454.UNOFFICIAL)
14/12/20 07:04:30 uldjxokazx@mega.nz info@mydomain.eu RE: Delivery For You 1.86kB
Virus (Porcupine.Junk.49454.UNOFFICIAL)
An attempt to deliver this virus was successfully blocked several times during the last days.
A simple test via TELNET shows:
$ telnet 192.168.1.19 25
Trying 192.168.1.19...
Connected to 192.168.1.19.
Escape character is '^]'.
220 efaproject.mydomain.net ESMTP Postfix
helo acme.com
250 efaproject.mydomain.net
mail from:tester@acme.com
250 2.1.0 Ok
rcpt to:anexistinguser@mydomain.net
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
blah fasel
.
250 2.0.0 Ok: queued as 4Cvclw1W67z6Wy
and that's it. The mail seems to be accepted but is NOT displayed in the website monitor and NOT delivered.
Any ideas/hints what to do/check?
Thanks in advance, Man
efaproject stopped to work
-
shawniverson
- Posts: 3650
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: efaproject stopped to work
Do you see anything in /var/log/maillog or /var/log/messages that might be a clue?
Re: efaproject stopped to work
thanks for your answer and the guidance 
had a look at messages and found the following:
...
Dec 14 04:52:21 efaproject freshclam: ClamAV update process started at Mon Dec 14 04:52:21 2020
Dec 14 04:52:21 efaproject freshclam[1187]: ClamAV update process started at Mon Dec 14 04:52:21 2020
Dec 14 04:52:21 efaproject freshclam[1187]: daily.cld database is up to date (version: 26016, sigs: 4401988, f-level: 63, builder: raynman)
Dec 14 04:52:21 efaproject freshclam: daily.cld database is up to date (version: 26016, sigs: 4401988, f-level: 63, builder: raynman)
Dec 14 04:52:21 efaproject freshclam: main.cvd database is up to date (version: 59, sigs: 4564902, f-level: 60, builder: sigmgr)
Dec 14 04:52:21 efaproject freshclam: bytecode.cvd database is up to date (version: 331, sigs: 94, f-level: 63, builder: anvilleg)
Dec 14 04:52:21 efaproject freshclam[1187]: main.cvd database is up to date (version: 59, sigs: 4564902, f-level: 60, builder: sigmgr)
Dec 14 04:52:21 efaproject freshclam[1187]: bytecode.cvd database is up to date (version: 331, sigs: 94, f-level: 63, builder: anvilleg)
Dec 14 04:52:21 efaproject freshclam[1187]: --------------------------------------
...
Dec 14 05:32:01 efaproject clamd[1278]: SelfCheck: Database status OK.
...
Dec 14 05:38:55 efaproject systemd: Started Clamav Unofficial Sigs Update service.
...
Dec 14 05:52:01 efaproject clamd[1278]: SelfCheck: Database modification detected. Forcing reload.
Dec 14 05:52:01 efaproject clamd[1278]: Reading databases from /var/lib/clamav
Dec 14 05:52:11 efaproject clamd[1278]: reload_th: Database load failed: Malformed database
Dec 14 05:52:12 efaproject clamd[1278]: Database reload failed, keeping the previous instance
...
Dec 14 07:33:34 efaproject yum[13546]: Updated: MailScanner.noarch 5.3.4-3.eFa.el7
Dec 14 07:33:34 efaproject yum[13546]: Updated: clamav-unofficial-sigs.noarch 1:7.2.0-1.eFa.el7
Dec 14 07:33:34 efaproject systemd: Reloading.
Dec 14 07:33:35 efaproject systemd: Reloading.
Dec 14 07:33:44 efaproject kernel: SELinux: Converting 1434 SID table entries...
Dec 14 07:33:45 efaproject dbus[673]: [system] Reloaded configuration
Dec 14 07:33:45 efaproject systemd: Reloading.
Dec 14 07:33:45 efaproject systemd: Reloading The Apache HTTP Server.
Dec 14 07:33:45 efaproject httpd: [Mon Dec 14 07:33:45.912174 2020] [alias:warn] [pid 15008:tid 15008] AH00671: The Alias directive in /etc/httpd/conf.d/welcome.conf at line 18 will probably never match because it overlaps an earlier Alias.
Dec 14 07:33:45 efaproject systemd: Reloaded The Apache HTTP Server.
Dec 14 07:33:45 efaproject systemd: Reloading The PHP FastCGI Process Manager.
Dec 14 07:33:45 efaproject systemd: Reloaded The PHP FastCGI Process Manager.
Dec 14 07:33:45 efaproject systemd: Reloading Postfix Mail Transport Agent.
Dec 14 07:33:46 efaproject systemd: Reloaded Postfix Mail Transport Agent.
Dec 14 07:33:46 efaproject systemd: Stopping clamd scanner (scan) daemon...
Dec 14 07:33:48 efaproject clamd[1278]: --- Stopped at Mon Dec 14 07:33:48 2020
Dec 14 07:33:48 efaproject clamd[1278]: Socket file removed.
Dec 14 07:33:48 efaproject systemd: Stopped clamd scanner (scan) daemon.
Dec 14 07:33:48 efaproject systemd: Starting clamd scanner (scan) daemon...
Dec 14 07:33:48 efaproject clamd[15251]: Received 0 file descriptor(s) from systemd.
Dec 14 07:33:48 efaproject clamd[15251]: clamd daemon 0.103.0 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Dec 14 07:33:48 efaproject clamd[15251]: Log file size limited to 1048576 bytes.
Dec 14 07:33:48 efaproject clamd[15251]: Reading databases from /var/lib/clamav
Dec 14 07:33:48 efaproject clamd[15251]: Not loading PUA signatures.
Dec 14 07:33:48 efaproject clamd[15251]: Bytecode: Security mode set to "TrustSigned".
Dec 14 07:33:57 efaproject clamd[15251]: Malformed database
Dec 14 07:33:57 efaproject clamd: LibClamAV Error: cli_tgzload: Invalid checksum for file daily.ldb
Dec 14 07:33:57 efaproject clamd: LibClamAV Error: Can't load /var/lib/clamav/daily.cld: Malformed database
Dec 14 07:33:57 efaproject clamd: LibClamAV Error: cli_loaddbdir(): error loading database /var/lib/clamav/daily.cld
Dec 14 07:33:57 efaproject clamd: ERROR: Malformed database
Dec 14 07:33:57 efaproject systemd: clamd@scan.service: control process exited, code=exited status=1
Dec 14 07:33:57 efaproject systemd: Failed to start clamd scanner (scan) daemon.
Dec 14 07:33:57 efaproject systemd: Unit clamd@scan.service entered failed state.
Dec 14 07:33:57 efaproject systemd: clamd@scan.service failed.
Dec 14 07:33:57 efaproject systemd: Stopped Clamav Unofficial Sigs Update timer.
Dec 14 07:33:57 efaproject systemd: Stopping Clamav Unofficial Sigs Update timer.
Dec 14 07:33:57 efaproject systemd: Started Clamav Unofficial Sigs Update timer.
Dec 14 07:33:57 efaproject systemd: Started Clamav Unofficial Sigs Update service.
Dec 14 07:33:57 efaproject systemd: Stopping LSB: MSMilter daemon...
Dec 14 07:33:57 efaproject systemd: clamd@scan.service holdoff time over, scheduling restart.
Dec 14 07:33:57 efaproject systemd: Stopped clamd scanner (scan) daemon.
Dec 14 07:33:58 efaproject systemd: Starting clamd scanner (scan) daemon...
Dec 14 07:33:58 efaproject clamd[15300]: Received 0 file descriptor(s) from systemd.
Dec 14 07:33:58 efaproject clamd[15300]: clamd daemon 0.103.0 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Dec 14 07:33:58 efaproject clamd[15300]: Log file size limited to 1048576 bytes.
Dec 14 07:33:58 efaproject clamd[15300]: Reading databases from /var/lib/clamav
Dec 14 07:33:58 efaproject clamd[15300]: Not loading PUA signatures.
Dec 14 07:33:58 efaproject clamd[15300]: Bytecode: Security mode set to "TrustSigned".
Dec 14 07:34:00 efaproject msmilter-init: MSMilter stopped
Dec 14 07:34:00 efaproject systemd: Stopped LSB: MSMilter daemon.
Dec 14 07:34:00 efaproject systemd: Stopping LSB: MailScanner daemon...
Dec 14 07:34:01 efaproject systemd: Started Session 5953 of user root.
Dec 14 07:34:04 efaproject ms-init: MailScanner stopped
Dec 14 07:34:04 efaproject systemd: Stopped LSB: MailScanner daemon.
Dec 14 07:34:04 efaproject systemd: Stopping MariaDB 10.1 database server...
Dec 14 07:34:04 efaproject php: Error: Database connection failed: it is possible that the database is overloaded or otherwise not running properly; contact the system administrator if the problem persists
Dec 14 07:34:05 efaproject systemd: postfix_relay.service holdoff time over, scheduling restart.
Dec 14 07:34:05 efaproject systemd: Stopped Postfix relay service for MailWatch.
Dec 14 07:34:08 efaproject systemd: Stopped MariaDB 10.1 database server.
Dec 14 07:34:08 efaproject systemd: Starting MariaDB 10.1 database server...
Dec 14 07:34:08 efaproject clamd[15300]: Malformed database
Dec 14 07:34:08 efaproject clamd: LibClamAV Error: cli_tgzload: Invalid checksum for file daily.ldb
Dec 14 07:34:08 efaproject clamd: LibClamAV Error: Can't load /var/lib/clamav/daily.cld: Malformed database
Dec 14 07:34:08 efaproject clamd: LibClamAV Error: cli_loaddbdir(): error loading database /var/lib/clamav/daily.cld
Dec 14 07:34:08 efaproject clamd: ERROR: Malformed database
Dec 14 07:34:08 efaproject systemd: clamd@scan.service: control process exited, code=exited status=1
Dec 14 07:34:08 efaproject systemd: Failed to start clamd scanner (scan) daemon.
Dec 14 07:34:08 efaproject systemd: Unit clamd@scan.service entered failed state.
Dec 14 07:34:08 efaproject systemd: clamd@scan.service failed.
the last successfully delivered/rejected mail was at 14/12/20 07:04:30
looks like a clamd problem, right?
So, what to do? Pls help...
Thx, Man
had a look at messages and found the following:
...
Dec 14 04:52:21 efaproject freshclam: ClamAV update process started at Mon Dec 14 04:52:21 2020
Dec 14 04:52:21 efaproject freshclam[1187]: ClamAV update process started at Mon Dec 14 04:52:21 2020
Dec 14 04:52:21 efaproject freshclam[1187]: daily.cld database is up to date (version: 26016, sigs: 4401988, f-level: 63, builder: raynman)
Dec 14 04:52:21 efaproject freshclam: daily.cld database is up to date (version: 26016, sigs: 4401988, f-level: 63, builder: raynman)
Dec 14 04:52:21 efaproject freshclam: main.cvd database is up to date (version: 59, sigs: 4564902, f-level: 60, builder: sigmgr)
Dec 14 04:52:21 efaproject freshclam: bytecode.cvd database is up to date (version: 331, sigs: 94, f-level: 63, builder: anvilleg)
Dec 14 04:52:21 efaproject freshclam[1187]: main.cvd database is up to date (version: 59, sigs: 4564902, f-level: 60, builder: sigmgr)
Dec 14 04:52:21 efaproject freshclam[1187]: bytecode.cvd database is up to date (version: 331, sigs: 94, f-level: 63, builder: anvilleg)
Dec 14 04:52:21 efaproject freshclam[1187]: --------------------------------------
...
Dec 14 05:32:01 efaproject clamd[1278]: SelfCheck: Database status OK.
...
Dec 14 05:38:55 efaproject systemd: Started Clamav Unofficial Sigs Update service.
...
Dec 14 05:52:01 efaproject clamd[1278]: SelfCheck: Database modification detected. Forcing reload.
Dec 14 05:52:01 efaproject clamd[1278]: Reading databases from /var/lib/clamav
Dec 14 05:52:11 efaproject clamd[1278]: reload_th: Database load failed: Malformed database
Dec 14 05:52:12 efaproject clamd[1278]: Database reload failed, keeping the previous instance
...
Dec 14 07:33:34 efaproject yum[13546]: Updated: MailScanner.noarch 5.3.4-3.eFa.el7
Dec 14 07:33:34 efaproject yum[13546]: Updated: clamav-unofficial-sigs.noarch 1:7.2.0-1.eFa.el7
Dec 14 07:33:34 efaproject systemd: Reloading.
Dec 14 07:33:35 efaproject systemd: Reloading.
Dec 14 07:33:44 efaproject kernel: SELinux: Converting 1434 SID table entries...
Dec 14 07:33:45 efaproject dbus[673]: [system] Reloaded configuration
Dec 14 07:33:45 efaproject systemd: Reloading.
Dec 14 07:33:45 efaproject systemd: Reloading The Apache HTTP Server.
Dec 14 07:33:45 efaproject httpd: [Mon Dec 14 07:33:45.912174 2020] [alias:warn] [pid 15008:tid 15008] AH00671: The Alias directive in /etc/httpd/conf.d/welcome.conf at line 18 will probably never match because it overlaps an earlier Alias.
Dec 14 07:33:45 efaproject systemd: Reloaded The Apache HTTP Server.
Dec 14 07:33:45 efaproject systemd: Reloading The PHP FastCGI Process Manager.
Dec 14 07:33:45 efaproject systemd: Reloaded The PHP FastCGI Process Manager.
Dec 14 07:33:45 efaproject systemd: Reloading Postfix Mail Transport Agent.
Dec 14 07:33:46 efaproject systemd: Reloaded Postfix Mail Transport Agent.
Dec 14 07:33:46 efaproject systemd: Stopping clamd scanner (scan) daemon...
Dec 14 07:33:48 efaproject clamd[1278]: --- Stopped at Mon Dec 14 07:33:48 2020
Dec 14 07:33:48 efaproject clamd[1278]: Socket file removed.
Dec 14 07:33:48 efaproject systemd: Stopped clamd scanner (scan) daemon.
Dec 14 07:33:48 efaproject systemd: Starting clamd scanner (scan) daemon...
Dec 14 07:33:48 efaproject clamd[15251]: Received 0 file descriptor(s) from systemd.
Dec 14 07:33:48 efaproject clamd[15251]: clamd daemon 0.103.0 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Dec 14 07:33:48 efaproject clamd[15251]: Log file size limited to 1048576 bytes.
Dec 14 07:33:48 efaproject clamd[15251]: Reading databases from /var/lib/clamav
Dec 14 07:33:48 efaproject clamd[15251]: Not loading PUA signatures.
Dec 14 07:33:48 efaproject clamd[15251]: Bytecode: Security mode set to "TrustSigned".
Dec 14 07:33:57 efaproject clamd[15251]: Malformed database
Dec 14 07:33:57 efaproject clamd: LibClamAV Error: cli_tgzload: Invalid checksum for file daily.ldb
Dec 14 07:33:57 efaproject clamd: LibClamAV Error: Can't load /var/lib/clamav/daily.cld: Malformed database
Dec 14 07:33:57 efaproject clamd: LibClamAV Error: cli_loaddbdir(): error loading database /var/lib/clamav/daily.cld
Dec 14 07:33:57 efaproject clamd: ERROR: Malformed database
Dec 14 07:33:57 efaproject systemd: clamd@scan.service: control process exited, code=exited status=1
Dec 14 07:33:57 efaproject systemd: Failed to start clamd scanner (scan) daemon.
Dec 14 07:33:57 efaproject systemd: Unit clamd@scan.service entered failed state.
Dec 14 07:33:57 efaproject systemd: clamd@scan.service failed.
Dec 14 07:33:57 efaproject systemd: Stopped Clamav Unofficial Sigs Update timer.
Dec 14 07:33:57 efaproject systemd: Stopping Clamav Unofficial Sigs Update timer.
Dec 14 07:33:57 efaproject systemd: Started Clamav Unofficial Sigs Update timer.
Dec 14 07:33:57 efaproject systemd: Started Clamav Unofficial Sigs Update service.
Dec 14 07:33:57 efaproject systemd: Stopping LSB: MSMilter daemon...
Dec 14 07:33:57 efaproject systemd: clamd@scan.service holdoff time over, scheduling restart.
Dec 14 07:33:57 efaproject systemd: Stopped clamd scanner (scan) daemon.
Dec 14 07:33:58 efaproject systemd: Starting clamd scanner (scan) daemon...
Dec 14 07:33:58 efaproject clamd[15300]: Received 0 file descriptor(s) from systemd.
Dec 14 07:33:58 efaproject clamd[15300]: clamd daemon 0.103.0 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Dec 14 07:33:58 efaproject clamd[15300]: Log file size limited to 1048576 bytes.
Dec 14 07:33:58 efaproject clamd[15300]: Reading databases from /var/lib/clamav
Dec 14 07:33:58 efaproject clamd[15300]: Not loading PUA signatures.
Dec 14 07:33:58 efaproject clamd[15300]: Bytecode: Security mode set to "TrustSigned".
Dec 14 07:34:00 efaproject msmilter-init: MSMilter stopped
Dec 14 07:34:00 efaproject systemd: Stopped LSB: MSMilter daemon.
Dec 14 07:34:00 efaproject systemd: Stopping LSB: MailScanner daemon...
Dec 14 07:34:01 efaproject systemd: Started Session 5953 of user root.
Dec 14 07:34:04 efaproject ms-init: MailScanner stopped
Dec 14 07:34:04 efaproject systemd: Stopped LSB: MailScanner daemon.
Dec 14 07:34:04 efaproject systemd: Stopping MariaDB 10.1 database server...
Dec 14 07:34:04 efaproject php: Error: Database connection failed: it is possible that the database is overloaded or otherwise not running properly; contact the system administrator if the problem persists
Dec 14 07:34:05 efaproject systemd: postfix_relay.service holdoff time over, scheduling restart.
Dec 14 07:34:05 efaproject systemd: Stopped Postfix relay service for MailWatch.
Dec 14 07:34:08 efaproject systemd: Stopped MariaDB 10.1 database server.
Dec 14 07:34:08 efaproject systemd: Starting MariaDB 10.1 database server...
Dec 14 07:34:08 efaproject clamd[15300]: Malformed database
Dec 14 07:34:08 efaproject clamd: LibClamAV Error: cli_tgzload: Invalid checksum for file daily.ldb
Dec 14 07:34:08 efaproject clamd: LibClamAV Error: Can't load /var/lib/clamav/daily.cld: Malformed database
Dec 14 07:34:08 efaproject clamd: LibClamAV Error: cli_loaddbdir(): error loading database /var/lib/clamav/daily.cld
Dec 14 07:34:08 efaproject clamd: ERROR: Malformed database
Dec 14 07:34:08 efaproject systemd: clamd@scan.service: control process exited, code=exited status=1
Dec 14 07:34:08 efaproject systemd: Failed to start clamd scanner (scan) daemon.
Dec 14 07:34:08 efaproject systemd: Unit clamd@scan.service entered failed state.
Dec 14 07:34:08 efaproject systemd: clamd@scan.service failed.
the last successfully delivered/rejected mail was at 14/12/20 07:04:30
looks like a clamd problem, right?
So, what to do? Pls help...
Thx, Man
Re: efaproject stopped to work
some more info from maillog:
Dec 14 07:04:29 efaproject MailScanner[22154]: New Batch: Found 2 messages waiting
Dec 14 07:04:29 efaproject MailScanner[22154]: New Batch: Scanning 1 messages, 1916 bytes
Dec 14 07:04:29 efaproject MailScanner[22606]: New Batch: Found 2 messages waiting
Dec 14 07:04:29 efaproject MailScanner[22606]: New Batch: Scanning 1 messages, 1900 bytes
Dec 14 07:04:29 efaproject MailScanner[22154]: Virus and Content Scanning: Starting
Dec 14 07:04:29 efaproject MailScanner[22606]: Virus and Content Scanning: Starting
Dec 14 07:04:30 efaproject MailScanner[22606]: Clamd::INFECTED::Porcupine.Junk.49454.UNOFFICIAL :: ./4CvM7n5cXfz7WD/
Dec 14 07:04:30 efaproject MailScanner[22606]: Found spam based virus Sanesecurity.Jurlbl.aabefa.UNOFFICIAL in 4CvM7n5cXfz7WD
Dec 14 07:04:30 efaproject MailScanner[22154]: Clamd::INFECTED::Porcupine.Junk.49454.UNOFFICIAL :: ./4CvM7m4hTQz39SR/
Dec 14 07:04:30 efaproject MailScanner[22606]: Virus Scanning: Clamd found 1 infections
Dec 14 07:04:30 efaproject MailScanner[22606]: Infected message 4CvM7n5cXfz7WD came from 14.207.161.4
Dec 14 07:04:30 efaproject MailScanner[22606]: Virus Scanning: Found 1 viruses
Dec 14 07:04:30 efaproject MailScanner[22606]: Spam Checks: Starting
Dec 14 07:04:30 efaproject MailScanner[22606]: Deleted 1 messages from processing-database
Dec 14 07:04:30 efaproject MailScanner[22154]: Virus Scanning: Clamd found 2 infections
Dec 14 07:04:30 efaproject MailScanner[22154]: Infected message 4CvM7m4hTQz39SR came from 14.207.161.4
Dec 14 07:04:30 efaproject MailScanner[22154]: Virus Scanning: Found 2 viruses
Dec 14 07:04:30 efaproject MailScanner[22154]: Viruses marked as silent: Clamd: message was infected: Porcupine.Junk.49454.UNOFFICIAL,Clamd: message was infected: Porcupine.Junk.49454.UNOFFICIAL
Dec 14 07:04:30 efaproject MailScanner[22154]: Spam Checks: Starting
Dec 14 07:04:30 efaproject MailScanner[22154]: Deleted 1 messages from processing-database
...
Dec 14 07:33:46 efaproject postfix/postfix-script[15235]: refreshing the Postfix mail system
Dec 14 07:33:46 efaproject postfix/master[2004]: reload -- version 3.4.8, configuration /etc/postfix
Dec 14 07:33:46 efaproject postfix/qmgr[15242]: warning: database /etc/postfix/transport.db is older than source file /etc/postfix/transport
...
Dec 14 07:34:33 efaproject postfix/smtpd[16591]: warning: database /etc/postfix/transport.db is older than source file /etc/postfix/transport
Dec 14 07:34:33 efaproject postfix/smtpd[16591]: warning: database /etc/postfix/virtual.db is older than source file /etc/postfix/virtual
Dec 14 07:34:33 efaproject postfix/smtpd[16591]: warning: database /etc/postfix/helo_access.db is older than source file /etc/postfix/helo_access
Dec 14 07:34:33 efaproject postfix/smtpd[16591]: warning: database /etc/postfix/sender_access.db is older than source file /etc/postfix/sender_access
these messages are repeated over and over...
Dec 14 07:04:29 efaproject MailScanner[22154]: New Batch: Found 2 messages waiting
Dec 14 07:04:29 efaproject MailScanner[22154]: New Batch: Scanning 1 messages, 1916 bytes
Dec 14 07:04:29 efaproject MailScanner[22606]: New Batch: Found 2 messages waiting
Dec 14 07:04:29 efaproject MailScanner[22606]: New Batch: Scanning 1 messages, 1900 bytes
Dec 14 07:04:29 efaproject MailScanner[22154]: Virus and Content Scanning: Starting
Dec 14 07:04:29 efaproject MailScanner[22606]: Virus and Content Scanning: Starting
Dec 14 07:04:30 efaproject MailScanner[22606]: Clamd::INFECTED::Porcupine.Junk.49454.UNOFFICIAL :: ./4CvM7n5cXfz7WD/
Dec 14 07:04:30 efaproject MailScanner[22606]: Found spam based virus Sanesecurity.Jurlbl.aabefa.UNOFFICIAL in 4CvM7n5cXfz7WD
Dec 14 07:04:30 efaproject MailScanner[22154]: Clamd::INFECTED::Porcupine.Junk.49454.UNOFFICIAL :: ./4CvM7m4hTQz39SR/
Dec 14 07:04:30 efaproject MailScanner[22606]: Virus Scanning: Clamd found 1 infections
Dec 14 07:04:30 efaproject MailScanner[22606]: Infected message 4CvM7n5cXfz7WD came from 14.207.161.4
Dec 14 07:04:30 efaproject MailScanner[22606]: Virus Scanning: Found 1 viruses
Dec 14 07:04:30 efaproject MailScanner[22606]: Spam Checks: Starting
Dec 14 07:04:30 efaproject MailScanner[22606]: Deleted 1 messages from processing-database
Dec 14 07:04:30 efaproject MailScanner[22154]: Virus Scanning: Clamd found 2 infections
Dec 14 07:04:30 efaproject MailScanner[22154]: Infected message 4CvM7m4hTQz39SR came from 14.207.161.4
Dec 14 07:04:30 efaproject MailScanner[22154]: Virus Scanning: Found 2 viruses
Dec 14 07:04:30 efaproject MailScanner[22154]: Viruses marked as silent: Clamd: message was infected: Porcupine.Junk.49454.UNOFFICIAL,Clamd: message was infected: Porcupine.Junk.49454.UNOFFICIAL
Dec 14 07:04:30 efaproject MailScanner[22154]: Spam Checks: Starting
Dec 14 07:04:30 efaproject MailScanner[22154]: Deleted 1 messages from processing-database
...
Dec 14 07:33:46 efaproject postfix/postfix-script[15235]: refreshing the Postfix mail system
Dec 14 07:33:46 efaproject postfix/master[2004]: reload -- version 3.4.8, configuration /etc/postfix
Dec 14 07:33:46 efaproject postfix/qmgr[15242]: warning: database /etc/postfix/transport.db is older than source file /etc/postfix/transport
...
Dec 14 07:34:33 efaproject postfix/smtpd[16591]: warning: database /etc/postfix/transport.db is older than source file /etc/postfix/transport
Dec 14 07:34:33 efaproject postfix/smtpd[16591]: warning: database /etc/postfix/virtual.db is older than source file /etc/postfix/virtual
Dec 14 07:34:33 efaproject postfix/smtpd[16591]: warning: database /etc/postfix/helo_access.db is older than source file /etc/postfix/helo_access
Dec 14 07:34:33 efaproject postfix/smtpd[16591]: warning: database /etc/postfix/sender_access.db is older than source file /etc/postfix/sender_access
these messages are repeated over and over...
-
shawniverson
- Posts: 3650
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: efaproject stopped to work
Try removing daily.cld and re-running freshclamDec 14 07:34:08 efaproject clamd[15300]: Malformed database
Dec 14 07:34:08 efaproject clamd: LibClamAV Error: cli_tgzload: Invalid checksum for file daily.ldb
Dec 14 07:34:08 efaproject clamd: LibClamAV Error: Can't load /var/lib/clamav/daily.cld: Malformed database
Dec 14 07:34:08 efaproject clamd: LibClamAV Error: cli_loaddbdir(): error loading database /var/lib/clamav/daily.cld
Dec 14 07:34:08 efaproject clamd: ERROR: Malformed database
Dec 14 07:34:08 efaproject systemd: clamd@scan.service: control process exited, code=exited status=1
Dec 14 07:34:08 efaproject systemd: Failed to start clamd scanner (scan) daemon.
Dec 14 07:34:08 efaproject systemd: Unit clamd@scan.service entered failed state.
Code: Select all
sudo rm /var/lib/clamav/daily.cld
sudo freshclam
sudo systemctl start clamd@scan
Re: efaproject stopped to work
fantastic 
mail delivery is up and running again. Even the buffered jobs that failed the clam test arrived...
Thanks a lot for your help
Man
mail delivery is up and running again. Even the buffered jobs that failed the clam test arrived...
Thanks a lot for your help
Man
Re: efaproject stopped to work
and it happened again 
Dec 19 12:02:14 efaproject clamd[1478]: Malformed database
Dec 19 12:02:14 efaproject clamd: LibClamAV Error: cli_loadldb: The number of subsignatures (== 6) doesn't match the IDs in the logical expression (== 5)
Dec 19 12:02:14 efaproject clamd: LibClamAV Error: Problem parsing database at line 54113
Dec 19 12:02:14 efaproject clamd: LibClamAV Error: Can't load daily.ldb: Malformed database
Dec 19 12:02:14 efaproject clamd: LibClamAV Error: cli_tgzload: Can't load daily.ldb
Dec 19 12:02:14 efaproject clamd: LibClamAV Error: Can't load /var/lib/clamav/daily.cld: Malformed database
Dec 19 12:02:14 efaproject clamd: LibClamAV Error: cli_loaddbdir(): error loading database /var/lib/clamav/daily.cld
Dec 19 12:02:14 efaproject clamd: ERROR: Malformed database
Dec 19 12:02:14 efaproject systemd: clamd@scan.service: control process exited, code=exited status=1
Dec 19 12:02:14 efaproject systemd: Failed to start clamd scanner (scan) daemon.
Dec 19 12:02:14 efaproject systemd: Unit clamd@scan.service entered failed state.
Dec 19 12:02:14 efaproject systemd: clamd@scan.service failed.
Dec 19 12:02:14 efaproject systemd: Starting LSB: MailScanner daemon...
Dec 19 12:02:15 efaproject systemd: clamd@scan.service holdoff time over, scheduling restart.
Dec 19 12:02:15 efaproject systemd: Stopped clamd scanner (scan) daemon.
Dec 19 12:02:15 efaproject systemd: Starting clamd scanner (scan) daemon...
Dec 19 12:02:15 efaproject clamd[2427]: Received 0 file descriptor(s) from systemd.
Dec 19 12:02:15 efaproject clamd[2427]: clamd daemon 0.103.0 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Dec 19 12:02:15 efaproject clamd[2427]: Log file size limited to 1048576 bytes.
Dec 19 12:02:15 efaproject clamd[2427]: Reading databases from /var/lib/clamav
Dec 19 12:02:15 efaproject clamd[2427]: Not loading PUA signatures.
Dec 19 12:02:15 efaproject clamd[2427]: Bytecode: Security mode set to "TrustSigned".
applied your above solution...
up and running again...
strange
Dec 19 12:02:14 efaproject clamd[1478]: Malformed database
Dec 19 12:02:14 efaproject clamd: LibClamAV Error: cli_loadldb: The number of subsignatures (== 6) doesn't match the IDs in the logical expression (== 5)
Dec 19 12:02:14 efaproject clamd: LibClamAV Error: Problem parsing database at line 54113
Dec 19 12:02:14 efaproject clamd: LibClamAV Error: Can't load daily.ldb: Malformed database
Dec 19 12:02:14 efaproject clamd: LibClamAV Error: cli_tgzload: Can't load daily.ldb
Dec 19 12:02:14 efaproject clamd: LibClamAV Error: Can't load /var/lib/clamav/daily.cld: Malformed database
Dec 19 12:02:14 efaproject clamd: LibClamAV Error: cli_loaddbdir(): error loading database /var/lib/clamav/daily.cld
Dec 19 12:02:14 efaproject clamd: ERROR: Malformed database
Dec 19 12:02:14 efaproject systemd: clamd@scan.service: control process exited, code=exited status=1
Dec 19 12:02:14 efaproject systemd: Failed to start clamd scanner (scan) daemon.
Dec 19 12:02:14 efaproject systemd: Unit clamd@scan.service entered failed state.
Dec 19 12:02:14 efaproject systemd: clamd@scan.service failed.
Dec 19 12:02:14 efaproject systemd: Starting LSB: MailScanner daemon...
Dec 19 12:02:15 efaproject systemd: clamd@scan.service holdoff time over, scheduling restart.
Dec 19 12:02:15 efaproject systemd: Stopped clamd scanner (scan) daemon.
Dec 19 12:02:15 efaproject systemd: Starting clamd scanner (scan) daemon...
Dec 19 12:02:15 efaproject clamd[2427]: Received 0 file descriptor(s) from systemd.
Dec 19 12:02:15 efaproject clamd[2427]: clamd daemon 0.103.0 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Dec 19 12:02:15 efaproject clamd[2427]: Log file size limited to 1048576 bytes.
Dec 19 12:02:15 efaproject clamd[2427]: Reading databases from /var/lib/clamav
Dec 19 12:02:15 efaproject clamd[2427]: Not loading PUA signatures.
Dec 19 12:02:15 efaproject clamd[2427]: Bytecode: Security mode set to "TrustSigned".
applied your above solution...
up and running again...
strange