[SLE] Problem with amavis-new

From: Hans du Plooy (hansdp_at_newingtoncs.co.za)
Date: 11/29/04

  • Next message: Sid Boyce: "Re: [SLE] 9.2 and Sax" 
    To: suse-linux-e@suse.com
Date: Mon, 29 Nov 2004 13:37:21 +0200

    Hi all,

    I'm having a weird problem on a mailserver. The setup is postfix-2.1.5-3 and
    amavisd-new-2.1.2-5 with clamav-0.80-2.1,
    BitDefender-Console-Antivirus-7.0.1-3, and
    antivir-2.1.1-4. OS is SUSE 9.2 with all updates applied.

    All users can receive mail, except one person who's mail gets sent to root.
    For each mail a "message undelivered mail gets set to root too, with

    Command died with status 99: "/usr/sbin/amavis"

    as the only hint. From the amavis logs I see:

    Nov 29 09:41:22 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL)
    AM.CL /var/spool/amavis/amavis-client-XXr5Y7VL: <root@company.com> ->
    <amanda@company.com>
    Nov 29 09:41:22 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL) body hash:
    d8e8fca2dc0f896fd7cb4cb0031ba249
    Nov 29 09:41:22 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL) Checking:
    <root@company.com> -> <amanda@company.com>
    Nov 29 09:41:22 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL) Cached virus
    check expired, TTL = 180 s
    Nov 29 09:41:22 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL) cached
    d8e8fca2dc0f896fd7cb4cb0031ba249 from <root@company.com> (1,0,0)
    Nov 29 09:41:22 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL) Using (Clam
    Antivirus - clamscan): /usr/bin/clamscan --stdout --no-summary
    -r /var/spool/amavis/amavis-client-XXr5Y7VL/parts
    Nov 29 09:41:24 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL)
    run_av: /usr/bin/clamscan exit
    0, /var/spool/amavis/amavis-client-XXr5Y7VL/parts/p001: OK
    Nov 29 09:41:24 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL) Using
    (H+BEDV AntiVir or CentralCommand Vexira Antivirus): /usr/bin/antivir
    --allfiles -noboot -nombr -rs -s
    -z /var/spool/amavis/amavis-client-XXr5Y7VL/parts
    Nov 29 09:41:25 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL)
    run_av: /usr/bin/antivir exit 0, AntiVir / Linux Version 2.1.2-15
    +gui\nCopyright (c) 1994-2004 by H+BEDV Datentechnik GmbH.\nAll rights
    reserved.\n\nLoading /usr/lib/AntiVir/antivir.vdf ...\n\nVDF version:
    6.28.0.94 created 28 Nov 2004\n\nAntiVir license: 149999 for Evaluation
    License for SuSE Linux\n\nchecking drive/path
    (list): /var/spool/amavis/amavis-client-XXr5Y7VL/parts\n\n------ scan results
    ------\n directories: ...1\n scanned
    files: ...1\n...alerts: ...0\n...suspicious: ...0\n...scan time:
    00:00:01\n--------------------------\nThank you for using AntiVir.
    Nov 29 09:41:25 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL) Using
    (BitDefender): /usr/bin/bdc --all --arc
    --mail /var/spool/amavis/amavis-client-XXr5Y7VL/parts
    Nov 29 09:41:27 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL)
    run_av: /usr/bin/bdc exit 0, BDC/Linux-Console v7.0 (build 2490) (i386) (Dec
    10 2003 16:11:35)\nCopyright (C) 1996-2003 SOFTWIN SRL. All rights reserved.
    \n\n\n\nResults:
    \nFolders ...:1\nFiles ...:1\nPacked ...:0\nArchives ...:0\nInfected
    files :0\nSuspect files ...:0\nWarnings ...:0\nI/O errors ...:0\n
    Nov 29 09:41:29 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL) spam_scan:
    hits=-2.574 tests=ALL_TRUSTED,AWL,DNS_FROM_RFC_WHOIS
    Nov 29 09:41:29 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL) SPAM-TAG,
    <root@company.com> -> <amanda@company.com>, No, hits=-2.574
    tagged_above=-2200 required=9 tests=ALL_TRUSTED, AWL, DNS_FROM_RFC_WHOIS
    Nov 29 09:41:29 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL) FWD via
    SMTP: [127.0.0.1]:10025 <root@company.com> -> <amanda@company.com>
    Nov 29 09:41:29 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL) AUTH not
    needed, user='', MTA offers ''
    Nov 29 09:41:29 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL)
    mail_via_smtp: 250 2.6.0 Ok, id=client-XXr5Y7VL, from MTA: 250 Ok: queuedas
    1603F11E98
    Nov 29 09:41:29 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL) Passed,
    <root@company.com> -> <amanda@company.com>, Message-ID:
    <41AAD2A2.mailK7K1UA1PW@mpost.company.com>, Hits: -2.574
    Nov 29 09:41:29 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL) Passed
    CLEAN, <root@company.com> -> <amanda@company.com>, Hits: -2.574, tag=-2200,
    tag2=9, kill=9, L/Y/0/0
    Nov 29 09:41:29 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL) WARN: no
    recips left (forgot to set $forward_method=undef using milter?),250 2.6.0 Ok,
    id=client-XXr5Y7VL, from MTA: 250 Ok: queued as 1603F11E98
    Nov 29 09:41:29 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL) mail
    checking ended: setreply=250 2.6.0 Ok,%20id=client-XXr5Y7VL,%20from%20MTA:
    %20250%20Ok:%20queued%20as%201603F11E98\nreturn_value=discard\nexit_code=99
    Nov 29 09:41:29 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL) TIMING
    [total 6841 ms] - got data: 8 (0%), body_hash: 6 (0%), mkdir parts: 3 (0%),
    mime_decode: 38 (1%), get-file-type1: 27 (0%), decompose_part: 1 (0%),
    parts_decode: 0 (0%), AV-scan-1: 2120 (31%), AV-scan-2: 1036 (15%),
    AV-scan-3: 2030 (30%), spam-wb-list: 7 (0%), SA msg read: 3 (0%), SA parse: 7
    (0%), SA check: 1359 (20%), update_cache: 4 (0%), fwd-connect: 30 (0%),
    fwd-mail-from: 5 (0%), fwd-rcpt-to: 10 (0%), write-header: 11 (0%), fwd-data:
    1 (0%), fwd-data-end: 76 (1%), fwd-rundown:9 (0%), main_log_entry: 43 (1%),
    update_snmp: 0 (0%), unlink-1-files: 2 (0%), rmdir: 0 (0%), unlink-1-files: 1
    (0%), rmdir: 0 (0%), rundown: 3 (0%)
    Nov 29 09:41:29 mpost /usr/sbin/amavisd[26107]: (client-XXr5Y7VL) load: 5 %,
    total idle 449.889 s, busy 23.596 s

    Postfix logs give me:

    Nov 29 09:41:29 mpost postfix/qmgr[25477]: 1603F11E98:
    from=<root@company.com>, size=895, nrcpt=1 (queue active)
    Nov 29 09:41:29 mpost postfix/pipe[26195]: 43D1B11E96:
    to=<amanda@company.com>, orig_to=<amanda>, relay=vscan, delay=7,
    status=bounced (Command died with status 99: "/usr/sbin/amavis")
    Nov 29 09:41:29 mpost postfix/local[26187]: 1603F11E98:
    to=<hansdp@company.com>, orig_to=<amanda@company.com>, relay=local, delay=0,
    status=sent (delivered to maildir)
    Nov 29 09:41:29 mpost postfix/qmgr[25477]: 1603F11E98: removed
    Nov 29 09:41:29 mpost postfix/cleanup[26167]: AB45111E97:
    message-id=<20041129074129.AB45111E97@mpost.company.com>
    Nov 29 09:41:29 mpost postfix/qmgr[25477]: AB45111E97: from=<>, size=2128,
    nrcpt=1 (queue active)
    Nov 29 09:41:29 mpost postfix/qmgr[25477]: 43D1B11E96: removed
    Nov 29 09:41:29 mpost postfix/local[26187]: AB45111E97:
    to=<hansdp@company.com>, orig_to=<root@company.com>, relay=local, delay=0,
    status=sent (delivered to maildir)

    I thought I'd make a temporary user and alias her mail to that user, but the
    new user had the same problem. Now I'm baffled.

    Anybody know what causes this? Even a simple test mail sent with mailx from
    command line causes this to happen.

    Thanks 

    -- 
Kind regards
Hans du Plooy
Newington Consulting Services
hansdp at newingtoncs dot co dot za
-- 
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@suse.com
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@suse.com
  • Next message: Sid Boyce: "Re: [SLE] 9.2 and Sax"