[Postfixbuch-users] amavisd-avira-clamav

Andreas Kienle andreas.kienle at drs.de
Do Nov 30 16:05:30 CET 2006 

Hallo miteinander,

wollte eigentlich nur  kurz einen neuen Postfix aufsetzen, da wir am Samstag 
einen Stromausfall im Rechenzetrum haben und ich somit einen Ersatzserver in 
ein anderes Netz mit Strom reinstellen kann.

Soweit läuft eigentlich alles. Allerdings scheitert es gerade an den zwei 
Virenscannern avira (ehemals Antivir) und clamav (installiert aus volatile)
mir scheint dass hier die E-Mails nicht richtig übergeben werden können. 
WEissaber gerade auchn icht an welchem Schräubchen ich drehen muss.

Da ich gerade hier mit ein Krippe rumsitze und ne ziemlichMatschbirne habe, 
ist es gut möglich, dass ich meinen Fehler einfach nicht sehe.

Hier mal ein paar Eckdaten:

setze hier auf Debian sarge sowie den volatile Paketen für den CLAMAV
dem policyd V1.80


mail3:~# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
biff = no
body_checks = pcre:/etc/postfix/body_checks
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/lib/postfix
default_transport = hold
defer_transports = hold
delay_warning_time = 7h
disable_vrfy_command = yes
header_checks = pcre:/etc/postfix/header_checks
local_transport = error:Local transport disabled.
mailbox_command = procmail -a "$EXTENSION"
maximal_backoff_time = 4000s
maximal_queue_lifetime = 7d
message_size_limit = 10240000
mime_header_checks = pcre:/etc/postfix/mime_checks
mydestination =
mydomain = drs.de
myhostname = mail3.drs.de
mynetworks = 127.0.0.0/8
myorigin = $mydomain
nested_header_checks = pcre:/etc/postfix/nested_header_checks
queue_run_delay = 300s
recipient_delimiter = +
relay_domains = hash:/etc/postfix/relay_domains
sender_canonical_maps = hash:/etc/postfix/canonical-sender
setgid_group = postdrop
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_connection_rate_limit = 40
smtpd_client_restrictions = reject_rbl_client relay.ordb.org,    
reject_rbl_client cbl.abuseat.org,    reject_rbl_client opm.blietzed.org,    
reject_rbl_client sbl-xbl.spamhaus.org
smtpd_helo_required = yes
smtpd_recipient_restrictions = reject_invalid_hostname    check_helo_access 
pcre:/etc/postfix/helo_checks    reject_non_fqdn_sender     
reject_non_fqdn_recipient    reject_unknown_sender_domain    
reject_unknown_recipient_domain    permit_mynetworks    
check_recipient_access hash:/etc/postfix/recipient_access    
check_recipient_access hash:/etc/postfix/spamtrap    check_client_access 
hash:/etc/postfix/interne_netze    check_sender_access 
hash:/etc/postfix/nicht_unsere_absenderadresse    reject_unauth_destination    
reject_unlisted_recipient    check_policy_service inet:127.0.0.1:10031    
permit
smtpd_restriction_classes = hat_unsere_absenderadresse
strict_rfc821_envelopes = yes
transport_maps = hash:/etc/postfix/transport
unknown_address_reject_code = 554
unknown_hostname_reject_code = 554


/etc/postfix/master.conf

# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       10      smtpd
#628      inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       -       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       nqmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       -       -       200     smtp
relay     unix  -       -       -       -       -       smtp
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
smtp-amavis     unix    -       -       n       -       10      smtp -o 
smtp_data_done_timeout=1800 -o disable_dns_lookups=no
hold            unix    -       -       n       -   -   smtp
#
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# maildrop. See the Postfix MAILDROP_README file for details.
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
#
# The Cyrus deliver program has changed incompatibly, multiple times.
cyrus     unix  -       n       n       -       -       pipe
  flags=R user=cyrus argv=/usr/sbin/cyrdeliver -e -m "${extension}" ${user}
# Cyrus 2.1.5 (Amos Gouaux)
#cyrus     unix  -       n       n       -       -       pipe
#  user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail 
($recipient)
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender 
$recipient
scalemail-backend unix  -       n       n       -       2       pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store 
${nexthop} ${user} ${extension}
smtp    inet    n       -       n       -       -       smtpd
localhost:10025 inet    n       -       n       -       -       smtpd   -o 
content_filter=
# only used by postfix-tls
#tlsmgr   fifo  -       -       n       300     1       tlsmgr
#smtps    inet  n       -       n       -       -       smtpd -o 
smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
#587      inet  n       -       n       -       -       smtpd -o 
smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
#tlsmgr    unix  -       -       -       1000   1       tlsmgr
anvil     unix  -       -       -       -       1       anvil
scache    unix  -       -       -       -       1       scache
discard   unix  -       -       -       -       -       discard


/var/log/mail.log

Nov 30 14:51:14 mail3 policyd: DEBUG: fd: 8 db_doquery(): SELECT 
_count,_datenew,_datelast FROM triplet WHERE _host='194.95.75' AND _from='<>' 
AND _rcpt='ak
ienle at bo.drs.de'
Nov 30 14:51:14 mail3 policyd: DEBUG: fd: 8 row: 0 data: 1 (recieved)
Nov 30 14:51:14 mail3 policyd: DEBUG: fd: 8 row: 0 data: 1 (extracted)
Nov 30 14:51:14 mail3 policyd: DEBUG: fd: 8 row: 1 data: 1164876042 (recieved)
Nov 30 14:51:14 mail3 policyd: DEBUG: fd: 8 row: 1 data: 1164876042 
(extracted)
Nov 30 14:51:14 mail3 policyd: DEBUG: fd: 8 row: 2 data: 1164891045 (recieved)
Nov 30 14:51:14 mail3 policyd: DEBUG: fd: 8 row: 2 data: 1164891045 
(extracted)
Nov 30 14:51:14 mail3 policyd: DEBUG: fd: 8 db_doquery(): UPDATE triplet SET 
_datelast='1164894674',_count=_count+1 WHERE _host='194.95.75' AND _from='<>' 
A
ND _rcpt='akienle at bo.drs.de'
Nov 30 14:51:14 mail3 policyd: rcpt=1, greylist=update, host=194.95.75.227 
(dyn02.drs.de), from=<>, to=akienle at bo.drs.de, size=0
Nov 30 14:51:14 mail3 policyd: DEBUG: fd: 8 select(): fd 8 is ready for write
Nov 30 14:51:14 mail3 policyd: DEBUG: fd: 8 returning after 55 bytes of data 
written
Nov 30 14:51:14 mail3 postfix/smtpd[2413]: EFCE3128380: 
client=dyn02.drs.de[194.95.75.227]
Nov 30 14:51:25 mail3 postfix/cleanup[2429]: EFCE3128380: 
message-id=<20061130135107.EFCE3128380 at mail3.drs.de>
Nov 30 14:51:25 mail3 postfix/qmgr[2408]: EFCE3128380: from=<>, size=398, 
nrcpt=1 (queue active)
Nov 30 14:51:26 mail3 amavis[1886]: (01886-01) Clam Antivirus-clamd FAILED - 
unknown status: /var/lib/amavis/amavis-20061130T145125-01886/parts: lstat() 
fai
led. ERROR\n
Nov 30 14:51:27 mail3 amavis[1886]: (01886-01) Virus scanner 
failure: /usr/bin/antivir (exit status: 214)
Nov 30 14:51:27 mail3 amavis[1886]: (01886-01) WARN: all primary virus 
scanners failed, considering backups
Nov 30 14:51:29 mail3 postfix/smtpd[2437]: connect from 
localhost.localdomain[127.0.0.1]
Nov 30 14:51:29 mail3 postfix/smtpd[2437]: 2A07212838D: 
client=localhost.localdomain[127.0.0.1]
Nov 30 14:51:29 mail3 postfix/cleanup[2429]: 2A07212838D: 
message-id=<20061130135107.EFCE3128380 at mail3.drs.de>
Nov 30 14:51:29 mail3 postfix/smtpd[2437]: disconnect from 
localhost.localdomain[127.0.0.1]
Nov 30 14:51:29 mail3 postfix/qmgr[2408]: 2A07212838D: from=<>, size=853, 
nrcpt=1 (queue active)
Nov 30 14:51:29 mail3 amavis[1886]: (01886-01) Passed, (?) -> 
<akienle at bo.drs.de>, Message-ID: <20061130135107.EFCE3128380 at mail3.drs.de>, 
Hits: -
Nov 30 14:51:29 mail3 postfix/smtp[2430]: EFCE3128380: to=<akienle at bo.drs.de>, 
relay=127.0.0.1[127.0.0.1], delay=22, status=sent (250 2.6.0 Ok, id=01886-01,
 from MTA: 250 Ok: queued as 2A07212838D)
Nov 30 14:51:29 mail3 postfix/qmgr[2408]: EFCE3128380: removed
Nov 30 14:51:29 mail3 postfix/smtp[2438]: 2A07212838D: to=<akienle at bo.drs.de>, 
relay=smtp.drsintra.de[10.2.1.64], delay=0, status=sent (250 Ok: queued as 13
1591FC014)
--snap--
Auszüge aus dem Logfile:

--snip--


Herzlichen Dank schon mal

Andy Kienle

Mehr Informationen über die Mailingliste Postfixbuch-users