Antispam com erro deixou de funcionar depois de um Update
Depois da ultima actualização do CLAMD, comecei a ter problemas com o meu antispam.
Sintomas detectados:
- Loop com emails
- Inbound Queue e Outbound Queue retidas
- Todo o correio marcado como SPAM
Tudo isto começou imediatamente após do email interno com a seguinte informação:
Cron <clam@efa> [ -x /usr/bin/clamav-unofficial-sigs.sh ] && /bin/bash /usr/bin/clamav-unofficial-sigs.sh > /dev/null
Para quem utiliza o antispam EFA Project a solução é a seguinte:
Alterar as seguintes linhas em master.conf:
[zeus@antispam ~]$ sudo nano /etc/clamav-unofficial-sigs/master.conf ... # ======================== # Enabled Databases # ======================== # Set to no to disable an entire database, if the database is empty it will also be disabled. sanesecurity_enabled="yes" # Sanesecurity securiteinfo_enabled="yes" # SecuriteInfo linuxmalwaredetect_enabled="yes" # Linux Malware Detect malwarepatrol_enabled="yes" # Malware Patrol yararulesproject_enabled="yes" # Yara-Rule Project, automatically disabled if clamav is older than 0.99 additional_enabled="yes" # Additional Databases ## Disabling this will also cause the yararulesproject to be disabled. enable_yararules="yes" #Enables yararules in the various databases, automatically disabled if clamav is older than 0.99 ...
para ficar assim:
[zeus@antispam ~]$ sudo nano /etc/clamav-unofficial-sigs/master.conf ... # ======================== # Enabled Databases # ======================== # Set to no to disable an entire database, if the database is empty it will also be disabled. sanesecurity_enabled="yes" # Sanesecurity securiteinfo_enabled="yes" # SecuriteInfo linuxmalwaredetect_enabled="yes" # Linux Malware Detect malwarepatrol_enabled="yes" # Malware Patrol yararulesproject_enabled="no" # Yara-Rule Project, automatically disabled if clamav is older than 0.99 additional_enabled="yes" # Additional Databases ## Disabling this will also cause the yararulesproject to be disabled. enable_yararules="no" #Enables yararules in the various databases, automatically disabled if clamav is older than 0.99 ...
No meu caso as linhas a serem editadas são a linha 124 e 128.
Devemos então remover os respectivos ficheiros:
[zeus@antispam ~]$ sudo rm /var/lib/clamav/*yar [zeus@antispam ~]$ sudo rm /var/lib/clamav/*yara
E finalmente arrancar com o serviço CLAMD
[zeus@antispam ~]$ sudo service clamd start
Espero ter ajudado.