Menu

"Not scanned!

Get Help
MACscr
2016-01-22
2016-01-23

  • MACscr

    MACscr - 2016-01-22

    Ooop, didnt meant hit submit yet. Anyway, I just setup a few new scrollout nodes as I needed to move to debian 8 from ubuntu to resolve some pesty upgrade issues. Anyway, it seems that on my test mailbox, most of the emails that I am receiving are getting tagged with "not scanned!" in the subject line. The problem is that I am not seein any errors in the logs to know why its not getting scanned. A default install uses clamav, right? 

    root@mx2:/var/log# ps auxf |grep clam
clamav     546  0.1  0.2  92864  1968 ?        Ss   01:23   0:10 /usr/bin/freshclam -d --foreground=true
root     31678  0.0  0.2  12720  2056 pts/0    S+   03:29   0:00  |       \_ grep clam
clamav   30877  0.4 42.6 521536 326316 ?       Ssl  02:42   0:12 /usr/sbin/clamd --foreground=true

    Any ideas where i should be looking?

     

    Last edit: MACscr 2016-01-22

  • MACscr

    MACscr - 2016-01-22

    I am seeing the following in my clamav log, not sure what it means though. perm issue? Would be odd as i would think the intaller would set all the correct perms for things it installs.

    Fri Jan 22 01:21:38 2016 -> TCP: No tcp AF_INET/AF_INET6 SOCK_STREAM socket received from systemd.
Fri Jan 22 01:21:38 2016 -> LOCAL: Received AF_UNIX SOCK_STREAM socket from systemd.
Fri Jan 22 01:21:38 2016 -> Limits: Global size limit set to 104857600 bytes.
Fri Jan 22 01:21:38 2016 -> Limits: File size limit set to 26214400 bytes.
Fri Jan 22 01:21:38 2016 -> Limits: Recursion level limit set to 10.
Fri Jan 22 01:21:38 2016 -> Limits: Files limit set to 10000.
Fri Jan 22 01:21:38 2016 -> Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Fri Jan 22 01:21:38 2016 -> Limits: MaxHTMLNormalize limit set to 10485760 bytes.
Fri Jan 22 01:21:38 2016 -> Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Fri Jan 22 01:21:38 2016 -> Limits: MaxScriptNormalize limit set to 5242880 bytes.
Fri Jan 22 01:21:38 2016 -> Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Fri Jan 22 01:21:38 2016 -> Limits: MaxPartitions limit set to 50.
Fri Jan 22 01:21:38 2016 -> Limits: MaxIconsPE limit set to 100.
Fri Jan 22 01:21:38 2016 -> Archive support enabled.
Fri Jan 22 01:21:38 2016 -> Algorithmic detection enabled.
Fri Jan 22 01:21:38 2016 -> Portable Executable support enabled.
Fri Jan 22 01:21:38 2016 -> ELF support enabled.
Fri Jan 22 01:21:38 2016 -> Mail files support enabled.
Fri Jan 22 01:21:38 2016 -> OLE2 support enabled.
Fri Jan 22 01:21:38 2016 -> PDF support enabled.
Fri Jan 22 01:21:38 2016 -> SWF support enabled.
Fri Jan 22 01:21:38 2016 -> HTML support enabled.
Fri Jan 22 01:21:38 2016 -> Self checking every 3600 seconds.
Fri Jan 22 02:11:44 2016 -> WARNING: lstat() failed on: /var/lib/amavis/tmp/amavis-20160122T021144-03837-J_8eu3IO/parts
Fri Jan 22 02:34:12 2016 -> No stats for Database check - forcing reload
Fri Jan 22 02:34:16 2016 -> Reading databases from /var/lib/clamav
Fri Jan 22 02:34:29 2016 -> Database correctly reloaded (4232635 signatures)
Fri Jan 22 02:34:29 2016 -> WARNING: lstat() failed on: /var/lib/amavis/tmp/amavis-20160122T023412-17371-ND_TsCtC/parts
Fri Jan 22 02:40:48 2016 -> WARNING: lstat() failed on: /var/lib/amavis/tmp/amavis-20160122T024048-26898-4NFUR2pv/parts
Fri Jan 22 02:47:24 2016 -> WARNING: lstat() failed on: /var/lib/amavis/tmp/amavis-20160122T024724-26896-0hazHc67/parts
Fri Jan 22 03:05:27 2016 -> WARNING: lstat() failed on: /var/lib/amavis/tmp/amavis-20160122T030527-03176-nMlGMQlM/parts
     

  • Anonymous

    Anonymous - 2016-01-22

    Mine just won't run

     

  • MACscr

    MACscr - 2016-01-23

    Surprised this isnt setup right by the installer, but had to change the to do the following:

    sed -i 's/^AllowSupplementaryGroups*/AllowSupplementaryGroups true/g' /etc/clamav/clamd.conf

    For some reason it was set to false.

     

Log in to post a comment.