Disable clamav and amavis due to postfix email problems

On my installation, from time to time clamav goes down and mails send via postfix no longer get out and are queued in the server.

I don’t know the reason for such behavior and after searching the internet and my logs, I still have no concrete explanation on why this happens. I know, still, that it’s extremely annoying.

Here is a sample of what I found under /var/log/mail.err:

Apr 23 11:25:08 r12925 amavis[6531]: (06531-08) (!!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (Can’t connect to UNIX socket /var/run/clamav/clamd.ctl: Connection refused) at (eval 88) line 309.
Apr 23 11:25:08 r12925 amavis[6531]: (06531-08) (!!)WARN: all primary virus scanners failed, considering backups
Apr 23 11:25:19 r12925 amavis[6531]: (06531-08) (!!)ClamAV-clamscan av-scanner FAILED: run_av error: run_av: Exceeded allowed time at (eval 88) line 516.
Apr 23 11:25:19 r12925 amavis[6531]: (06531-08) (!!)TROUBLE in check_mail: virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (Can’t connect to UNIX socket /var/run/clamav/clamd.ctl: Connection refused) at (eval 88) line 309.; ClamAV-clamscan av-scanner FAILED: run_av error: run_av: Exceeded allowed time at (eval 88) line 516.

Since all my packages are up-to-date, and since this erratic behavior is extremely annoying, I decided to disable clamav. In my case, this is not really an issue since clamav is used to filter out viruses, but my usage of postfix is only to send emails, not to receive them.

To prevent postfix filtering emails via clamav, do the following:

  1. edit /etc/postfix/main.cf and comment the following two lines (prepending ‘#’ as displayed below):
    #content_filter = amavis:[127.0.0.1]:10024
    #receive_override_options = no_address_mappings
  2. next edit /etc/postfix/master.cf and comment lines relating to clamav and clamav port number, as displayed below:
    #amavis unix - - - - 2 smtp
    #        -o smtp_data_done_timeout=1200
    #        -o smtp_send_xforward_command=yes
    #127.0.0.1:10025 inet n - - - - smtpd
    #        -o content_filter=
    #        -o local_recipient_maps=
    #        -o relay_recipient_maps=
    #        -o smtpd_restriction_classes=
    #        -o smtpd_client_restrictions=
    #        -o smtpd_helo_restrictions=
    #        -o smtpd_sender_restrictions=
    #        -o smtpd_recipient_restrictions=permit_mynetworks,reject
    #        -o mynetworks=127.0.0.0/8
    #        -o strict_rfc821_envelopes=yes
    #        -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
    #        -o smtpd_bind_address=127.0.0.1
  3. stop clamav and amavis daemons and restart postfix:
    /etc/init.d/clamav-daemon stop
    /etc/init.d/clamav-freshclam stop
    /etc/init.d/amavis stop
    /etc/init.d/postfix restart
  4. test email sending via mail() function

note

If you want to go further, you can event prevent amavis and clamav from being launched when server is booting.
Simply revoke execution right on files (in fact they are links, not files) under /etc/rc* found via:

  • find /etc/rc* -name '*clamav*'
  • find /etc/rc* -name '*amavis*'

sources

One Comment Trackback URL | Comments RSS

  1. Ayhan Says:

    Thank you.

Post a Comment

Your email is never published nor shared. You're allow to say what you want...