[Mimedefang] Problem using ClamAV

Philip Prindeville philipp_subx at redfish-solutions.com
Sat Nov 12 14:45:47 EST 2011 

I'm running mimedefang 2.72 on Fedora 15.  I've installed the packaged clamav:

[root at mail clamav-server-0.97.3]# rpm -qa clamav\*
clamav-0.97.3-1500.fc15.x86_64
clamav-lib-0.97.3-1500.fc15.x86_64
clamav-update-0.97.3-1500.fc15.x86_64
clamav-server-sysvinit-0.97.3-1500.fc15.noarch
clamav-data-empty-0.97.3-1500.fc15.noarch
clamav-filesystem-0.97.3-1500.fc15.noarch
clamav-server-0.97.3-1500.fc15.x86_64
[root at mail clamav-server-0.97.3]#

And configured it, having copied over the sample config file:

[root at mail clamav-server-0.97.3]# egrep '^(User|LocalSocket|PidFile|LogFile) ' /etc/clamd.d/default.conf
LogFile /var/log/clamd.default
PidFile /var/run/clamd.default/clamd.pid
LocalSocket /var/run/clamd.default/clamd.sock
User defang
[root at mail clamav-server-0.97.3]#


And tweaked mimedefang:

[root at mail clamav-server-0.97.3]# grep '^\$ClamdSock' /usr/bin/mimedefang.pl
$ClamdSock  = '/var/run/clamd.default/clamd.sock';
[root at mail clamav-server-0.97.3]#

Started clamd and mimedefang:

[root at mail clamav-server-0.97.3]# ls -lRd /var/run/clamd.default /var/run/clamd.default/*
drwxr-xr-x. 2 defang defang 80 Nov 11 18:49 /var/run/clamd.default
-rw-rw-r--. 1 defang defang  5 Nov 11 18:49 /var/run/clamd.default/clamd.pid
srw-rw-rw-. 1 defang defang  0 Nov 11 18:49 /var/run/clamd.default/clamd.sock
[root at mail clamav-server-0.97.3]#

But here's what I see:

Nov 11 20:50:15 localhost mimedefang.pl[24747]: pAC3o9T3024771: Could not connect to clamd daemon at /var/run/clamd.default/clamd.sock (Permission denied)
Nov 11 20:50:15 localhost mimedefang.pl[24747]: pAC3o9T3024771: Problem running virus scanner: code=999, category=cannot-execute, action=tempfail
Nov 11 20:50:15 localhost mimedefang.pl[24747]: pAC3o9T3024771: filter: pAC3o9T3024771:  tempfail=1
Nov 11 20:50:15 localhost mimedefang[24764]: pAC3o9T3024771: Tempfailing because filter instructed us to
Nov 11 20:50:15 localhost sendmail[24771]: pAC3o9T3024771: Milter: data, reject=451 4.3.0 Problem running virus-scanner


Seems to be here:

    # PING/PONG test to make sure clamd is alive
    $sock = IO::Socket::UNIX->new(Peer => $clamd_sock);

    if (!defined($sock)) {
        # md_syslog('err', "Could not connect to clamd daemon at $clamd_sock");
        md_syslog('err', "Could not connect to clamd daemon at $clamd_sock ($!)");
        return (wantarray ? (999, 'cannot-execute', 'tempfail') : 999);
    }


that the failure is happening.

Also, a minor annoyance, seeing:

ERROR: Problem with internal logger (UpdateLogFile = /var/log/freshclam.log).
ERROR: Can't open /var/log/freshclam.log in append mode (check permissions!).

from cron.

[root at mail clamav-server-0.97.3]# ls -l /var/log/freshclam.log
-rw-rw-r--. 1 root clamupdate 746 Nov 11 11:17 /var/log/freshclam.log
[root at mail clamav-server-0.97.3]#

so the file is being written to... not sure why I'm seeing this message either.

Any pointers appreciated.  I already read:

http://72.14.189.113/howto/mimedefang/clamav/

but it's either out-of-date or I'm missing something Fedora specific.

I also noticed that there's no "clamav" id created on my system by default.

-Philip

More information about the MIMEDefang mailing list