![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
なんだろう、このログ?
May 31 06:57:14 hotshot postfix/smtpd[65109]: connect from chervil.tandem-m.com[115.125.151.127]
May 31 06:57:15 hotshot postfix/smtpd[65109]: 274C916732BB: client=chervil.tandem-m.com[115.125.151.127]
May 31 06:57:15 hotshot postfix/cleanup[65113]: 274C916732BB: message-id=<1091031.162944529.1369951035187.tdm@oregano.tandem-m.com>
May 31 06:57:15 hotshot postfix/qmgr[77614]: 274C916732BB: from=<mailmag-0000190956@receive.mag2.com>, size=4353, nrcpt=1
(queue active)
May 31 06:57:15 hotshot postfix/smtpd[65109]: disconnect from chervil.tandem-m.com[115.125.151.127]
May 31 06:57:51 hotshot amavis[50138]: (50138-02) (!)FWD from <mailmag-0000190956@receive.mag2.com> -> <kuji@smb.net>,
451 4.5.0 From MTA() during fwd-connect (Error reading from socket: Connection reset by peer at
/usr/local/sbin/amavisd line 6814.): id=50138-02
May 31 06:57:51 hotshot amavis[50138]: (50138-02) Blocked MTA-BLOCKED {TempFailedInbound}, [115.125.151.127]:32992
[115.125.151.127] <mailmag-0000190956@receive.mag2.com> -> <kuji@smb.net>, Queue-ID: 274C916732BB,
Message-ID: <1091031.162944529.1369951035187.tdm@oregano.tandem-m.com>, mail_id: MpFfet2BSz3q,
Hits: -1.899, size: 4353, 36743 ms
May 31 06:57:52 hotshot amavis[50138]: (50138-02) (!!)TROUBLE in process_request: Error writing to socket: Broken pipe
at /usr/local/sbin/amavisd line 6843.
May 31 06:57:52 hotshot amavis[50138]: (50138-02) (!)Requesting process rundown after fatal error
May 31 06:57:52 hotshot amavis[50138]: (50138-02) (!)_DIE: Error writing to socket: Broken pipe at /usr/local/sbin/amavisd line 6843.
してからの様なきがするが、
MAILER-DAEMON@k222.kuji-clinic.net (Mail Delivery System) <root@k222.kuji-clinic.net> (expanded from <root>): connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
というメールが来るようになった。:-)
% netstat -an すると 有るべきはずの tcp4 0 0 127.0.0.1.10025 *.* LISTEN tcp4 0 0 127.0.0.1.10024 *.* LISTEN
二行目が無くなっていた。
# cat /var/log/all.log すると、
Aug 20 05:53:32 k222 amavis[996]: Using primary internal av scanner code for ClamAV-clamd
Aug 20 05:53:32 k222 amavis[996]: Found secondary av scanner ClamAV-clamscan at /usr/local/bin/clamscan
Aug 20 05:53:32 k222 amavis[996]: (!!)TROUBLE in pre_loop_hook: No TEMPBASE directory: /var/amavis/tmp
at /usr/local/sbin/amavisd line 9063.
Aug 20 05:53:32 k222 amavis[996]: (!)_DIE: Suicide () TROUBLE in pre_loop_hook: No TEMPBASE directory: /var/amavis/tmp
at /usr/local/sbin/amavisd line 9063.
Aug 20 05:53:34 k222 kernel: Starting clamav_freshclam.
と有ったので、/var/amavis/tmp を作ってchown clamav:clamav してreboot
portupgrade -a したあと、
Aug 25 09:24:09 mail amavis[905]: Creating db in /var/amavis/db/; BerkeleyDB 0.39, libdb 4.1
Aug 25 09:24:09 mail amavis[905]: (!!)TROUBLE in pre_loop_hook: QUARANTINEDIR directory /var/virusmails not writable at
/usr/local/sbin/amavisd line 9311.
Aug 25 09:24:09 mail amavis[905]: (!)_DIE: Suicide () TROUBLE in pre_loop_hook: QUARANTINEDIR directory /var/virusmails
not writable at /usr/local/sbin/amavisd line 9311.
Aug 25 09:24:12 mail kernel: Starting clamav_freshclam.
Aug 25 09:24:12 mail kernel: Starting mrtg_daemon.
Aug 25 09:24:13 mail kernel: Daemonizing MRTG ...
となって、10024が出来てないケースがありました。
mail# chown -R clamav:clamav virusmails/
最近、起動時に、
Sep 8 11:22:50 hotshot kernel: LibClamAV Warning: *********************************************************** Sep 8 11:22:50 hotshot kernel: LibClamAV Warning: *** This version of the ClamAV engine is outdated. *** Sep 8 11:22:50 hotshot kernel: LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/support/faq *** Sep 8 11:22:50 hotshot kernel: LibClamAV Warning: *********************************************************** Sep 8 11:22:50 hotshot kernel: LibClamAV Warning: *********************************************************** Sep 8 11:22:50 hotshot kernel: LibClamAV Warning: *** This version of the ClamAV engine is outdated. *** Sep 8 11:22:50 hotshot kernel: LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/support/faq *** Sep 8 11:22:50 hotshot kernel: LibClamAV Warning: *********************************************************** Sep 8 11:22:53 hotshot kernel: Starting clamav_freshclam.
などと、仰るので、http://www.clamav.net/support/faq を見ますと、どうやら、サーバのclamav が腐っている風味・・・
と言うわけで、clamav を最新版にする。
# portupgrade clamav [Updating the portsdb <format:bdb_btree> in /usr/ports ... - 19095 port entries found .........1000.........2000.........3000.........4000.........5000...... ...6000.........7000.........8000.........9000.........10000.........11000.. .......12000.........13000.........14000.........15000.........16000........ .17000.........18000.........19000 ..... done] #
や、
# cd /usr/ports/security/clamav # make deinstall # make reinstall
しても、NG。で、/var/log/clamav.freshclam.log みると、
-------------------------------------- freshclam daemon 0.93.3 (OS: freebsd6.3, ARCH: amd64, CPU: amd64) ClamAV update process started at Mon Sep 8 13:15:49 2008 WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.93.3 Recommended version: 0.94 DON'T PANIC! Read http://www.clamav.net/support/faq main.cvd is up to date (version: 48, sigs: 399264, f-level: 35, builder: sven) daily.cld is up to date (version: 8184, sigs: 16875, f-level: 35, builder: arnaud) --------------------------------------
とのこと。/usr/ports/security/clamavは、0.93.3 なので、一旦、放置(^^
ClamAV update process started at Mon May 20 06:07:37 2013 WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.97.7 Recommended version: 0.97.8 DON'T PANIC! Read http://www.clamav.net/support/faq main.cld is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven) daily.cld is up to date (version: 17239, sigs: 1277664, f-level: 63, builder: ccordes) bytecode.cld is up to date (version: 214, sigs: 41, f-level: 63, builder: neo)
