Bug 39372 - emails may not be delivered if clamav is disabled
emails may not be delivered if clamav is disabled
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Mail
UCS 4.0
Other Linux
: P5 normal (vote)
: UCS 4.3-2-errata
Assigned To: Erik Damrose
Sönke Schwardt-Krummrich
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-09-21 11:17 CEST by Daniel Tröder
Modified: 2018-11-28 12:10 CET (History)
4 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 3: Simply Wrong: The implementation doesn't match the docu
Who will be affected by this bug?: 5: Will affect all installed domains
How will those affected feel about the bug?: 3: A User would likely not purchase the product
User Pain: 0.257
Enterprise Customer affected?: Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Tröder univentionstaff 2015-09-21 11:17:39 CEST
A customer reported that emails were not delivered if UCRV clamav/daemon/autostart=no.

In a test the email was delivered to the recipient after some time. Amavis sent a complaint to systemmail@localhost that it was not scanned but delivered anyway.

When setting clamav/daemon/autostart=no, Amavis should be reconfigured to not use ClamAV anymore. A 12s timeout on a non-idle system may grow to be a problem (and the complaint spam aswell).

=======================================================================
Sep 18 21:02:59 dc2000 postfix/smtpd[9898]: disconnect from unknown[10.205.1.238]
Sep 18 21:03:12 dc2000 postfix/smtpd[10061]: connect from unknown[10.205.1.238]
Sep 18 21:03:12 dc2000 postfix/smtpd[10061]: 9BAF51012EB: client=unknown[10.205.1.238]
Sep 18 21:03:12 dc2000 postfix/cleanup[10064]: 9BAF51012EB: message-id=<>
Sep 18 21:03:12 dc2000 postfix/smtpd[10061]: disconnect from unknown[10.205.1.238]
Sep 18 21:03:12 dc2000 postfix/qmgr[3044]: 9BAF51012EB: from=<test@example.com>, size=383, nrcpt=1 (queue active)
Sep 18 21:03:17 dc2000 amavis[2528]: (02528-01) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory
Sep 18 21:03:18 dc2000 amavis[2528]: (02528-01) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory
Sep 18 21:03:18 dc2000 amavis[2528]: (02528-01) (!)Clam Antivirus-clamd: All attempts (1) failed connecting to /var/run/clamav/clamd.ctl, retrying (2)
Sep 18 21:03:24 dc2000 amavis[2528]: (02528-01) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory
Sep 18 21:03:24 dc2000 amavis[2528]: (02528-01) (!)Clam Antivirus-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (All attempts (1) failed connecting to /var/run/clamav/clamd.ctl) at (eval 111) line 603.\n
Sep 18 21:03:24 dc2000 amavis[2528]: (02528-01) (!)WARN: all primary virus scanners failed, considering backups
Sep 18 21:03:24 dc2000 amavis[2528]: (02528-01) (!!)AV: ALL VIRUS SCANNERS FAILED
Sep 18 21:03:27 dc2000 postfix/smtpd[10085]: connect from localhost[127.0.0.1]
Sep 18 21:03:27 dc2000 postfix/smtpd[10085]: F1B1B100A50: client=localhost[127.0.0.1]
Sep 18 21:03:28 dc2000 postfix/cleanup[10064]: F1B1B100A50: message-id=<VAKTcieF2opiLE@dc2000.uni.dtr>
Sep 18 21:03:28 dc2000 postfix/qmgr[3044]: F1B1B100A50: from=<postmaster@uni.dtr>, size=1872, nrcpt=1 (queue active)
Sep 18 21:03:28 dc2000 postfix/local[10086]: F1B1B100A50: to=<systemmail@dc2000.uni.dtr>, orig_to=<postmaster@dc2000.uni.dtr>, relay=local, delay=0.09, delays=0.05/0.01/0/0.02, dsn=2.0.0, status=sent (delivered to mailbox)
Sep 18 21:03:28 dc2000 postfix/qmgr[3044]: F1B1B100A50: removed
Sep 18 21:03:28 dc2000 postfix/smtpd[10085]: 0DDCB100A50: client=localhost[127.0.0.1], orig_queue_id=9BAF51012EB, orig_client=unknown[10.205.1.238]
Sep 18 21:03:28 dc2000 postfix/cleanup[10064]: 0DDCB100A50: message-id=<>
Sep 18 21:03:28 dc2000 postfix/qmgr[3044]: 0DDCB100A50: from=<test@example.com>, size=1032, nrcpt=1 (queue active)
Sep 18 21:03:28 dc2000 amavis[2528]: (02528-01) Passed UNCHECKED {RelayedInternal}, LOCAL [10.205.1.238]:56851 [10.205.1.238] <test@example.com> -> <test2m@uni.dtr>, Queue-ID: 9BAF51012EB, mail_id: KTcieF2opiLE, Hits: -0.047, size: 383, queued_as: 0DDCB100A50, 14189 ms
Sep 18 21:03:28 dc2000 postfix/smtp[10066]: 9BAF51012EB: to=<test2m@uni.dtr>, relay=127.0.0.1[127.0.0.1]:10024, delay=16, delays=0.25/0.05/2.8/13, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 0DDCB100A50)
Sep 18 21:03:28 dc2000 postfix/qmgr[3044]: 9BAF51012EB: removed
Sep 18 21:03:28 dc2000 postfix/lmtp[10087]: 0DDCB100A50: to=<test2m@uni.dtr>, relay=dc2000.uni.dtr[private/dovecot-lmtp], delay=0.06, delays=0.01/0.01/0.02/0.02, dsn=2.0.0, status=sent (250 2.0.0 <test2m@uni.dtr> GJCSBQBg/FVoJwAA3lwJdg Saved)
Sep 18 21:03:28 dc2000 postfix/qmgr[3044]: 0DDCB100A50: removed
Comment 1 Stefan Gohmann univentionstaff 2016-12-13 08:10:37 CET
The Enterprise Customer affected flag is set but neither a Ticket number is referenced nor a Customer ID is set. Please set a Ticket number or a Customer ID. Otherwise the Enterprise Customer affected flag will be reset.
Comment 2 Erik Damrose univentionstaff 2018-11-27 11:17:43 CET
5ee348cb Remove clamav from amavis config if clamav daemon is disabled via UCR clamav/daemon/autostart=no

5440ec92 yaml

Package: univention-antivir-mail
Version: 9.0.0-5A~4.3.0.201811271114
Comment 3 Sönke Schwardt-Krummrich univentionstaff 2018-11-27 14:18:44 CET
Code change looks good so far.
Manual and jenkins test is pending.

c916ac63bb Bug #39372: pimped the advisory
Comment 4 Sönke Schwardt-Krummrich univentionstaff 2018-11-28 11:21:21 CET
Manual check was ok:
- spam check is still performed
- no delay anymore

→ VERIFIED
Comment 5 Arvid Requate univentionstaff 2018-11-28 12:10:43 CET
<http://errata.software-univention.de/ucs/4.3/337.html>