View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions postfix + clamd + clamsmtp problems
Log in to Ask a Question

postfix + clamd + clamsmtp problems

email

I'm using postfix + clamd + clamsmtp + freshclam in Debian Sarge (testing). It was easy to setup, and seems fast.

However, in a 24 hour period I've had clam mysteriously start returning error messages 6+ times. This causes postfix to queue all e-mails.

I can fix this by restarting both clamd & clamsmtp, and then flushing postfix's queue. But I can't figure out why clam stops working in the first place!

Here's some excerpts from mail.log. I can't see exactly what's causing the problem.

09:42:50 clamsmtpd: 1000BF: accepted connection from: 127.0.0.1
09:42:50 postfix/smtpd[15781]: connect from localhost[127.0.0.1]
...
09:43:26 clamsmtpd: 1000BE: network read operation timed out: CLAM
09:43:26 clamsmtpd: 1000BE: unexepected response from clamd:
09:43:26 clamsmtpd: 1000BE: from= <xxxxx@xxxxxxxxxxx.com>SIZE=1500, to=<yyyy@yyyyyy.com>, status=CLAMAV-ERROR
09:43:26 postfix/smtp[15599]: 50CF89DA85: to=<yyyy@yyyyyy.com>, relay=127.0.0.1[127.0.0.1], delay=60, status=deferred (host 127.0.0.1[127.0.0.1] said: 451 Local Error (in reply to end of DATA command))
09:43:26 postfix/smtpd[15601]: disconnect from localhost[127.0.0.1]
...restarted clamd & clamsmtp...
15:38:58 postfix/qmgr[19749]: 05D259DA5F: from=<aaaaaa@aaaaaa.com>, size=2270, nrcpt=1 (queue active)
15:38:58 clamsmtpd: 10000A: from= <aaaaaaa@aaaaaa.com>SIZE=2028, to=<yyyyy@yyyyy.com>, status=CLEAN
15:38:58 postfix/smtp[26934]: AD8019DA4B: to=<yyyyyy@yyyyy.com>, relay=127.0.0.1[127.0.0.1], delay=1, status=sent (250 Ok: queued as 05D259DA5F)
15:38:58 postfix/qmgr[19749]: AD8019DA4B: removed
15:38:58 postfix/smtpd[26936]: disconnect from localhost[127.0.0.1]
15:38:58 postfix/virtual[26939]: 05D259DA5F: to=<yyyyy@yyyyyi.com>, relay=virtual, delay=0, status=sent (delivered to maildir)</yyyyy@yyyyyi.com></yyyyyy@yyyyy.com></yyyyy@yyyyy.com></aaaaaaa@aaaaaa.com></aaaaaa@aaaaaa.com></yyyy@yyyyyy.com></yyyy@yyyyyy.com></xxxxx@xxxxxxxxxxx.com>

4 Replies

Sarge currently includes clamsmtp 0.8. The problem of clamsmtp bombing on some but not all connections (coupled with excessive cpu usage) is a known bug in versions up to and including 0.9 (see here). An upgrade to 0.9.5 would be the first thing to try.

Thanks for the tip. I upgraded to clamsmtp-0.9-1 in Debian Unstable, and it's been working great all day.

However, just recently it seems to have returned an error twice, but then continued working. I restarted clamsmtp & flushed postfix's queue just to be safe.

I'd like to upgrade to 0.9.5, but there isn't a Debian package for that release yet. I've used Slackware a lot more than Debian, so I'm used to compiling programs myself. However, I've been trying to play by Debian's rules with my Linode (its our production server!).

Should I just go ahead and compile 0.9.5 myself? Should I contact the Debian package maintainer? I don't know how Debian package issues usually work.

Clarification: It appears to throw an error (451 Local Error) & queue an e-mail when a spammer floods one of my clients who insists on having a catch-all address. clamsmtp seems to recover on its own & good e-mails still get through. Maybe it's a feature :)

Now I've read the change log, rather than relying on the faq page, I see that the problems with clamsmtp bombing when too many threads were created was actually fixed in 0.9, along with a couple of other stability problems. You are probably OK sticking with 0.9.

It still started giving me 451 errors & queueing a bunch of e-mails. Not nearly as bad as before. I'm not even sure if it wouldn't eventually send them given time.

However time is one thing I don't have right now (angry users). I've disabled it for now and will probably attempt to troubleshoot it some day when I have time off peak hours.

The developer did tell me a 1.0 version should be released soon. I'd like to stick with clamsmtp since it seems much lighter weight than other solutions I've seen (like amavis).

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct