[clamav-users] clamd crashed

Steven Morgan smorgan at sourcefire.com
Wed Sep 3 16:20:55 UTC 2014 

Hello Hans,

Please send your clamd.conf to me at smorgan at sourcefire.com. If you can
identify a file or email that causes the failure, that will help as well.
In the meantime, I'll find a place where you can send your core file.

Thanks,
Steve


On Wed, Sep 3, 2014 at 11:46 AM, MAYER Hans <mayer at iiasa.ac.at> wrote:

>
>
> Dear ClamAv Users,
>
> In my environment I have 2 external  mail gateway in the DMZ, forwarding
> all e-mails to an internal mail server.
> All of them are running Solaris 11 with sendmail and mimedefang as milter.
> I am running this constellation since about more than a year very
> successfully without any downtime till 2 weeks.
>
> Around 2 weeks ago all 3 servers stopped working for mail forwarding
> because the process clamd core dumped.
> At that time I had in use a beta version of 0.98.4 it was clamav-0.98.4-rc1
> I traced back the problem due to the fact I didn't use the latest version.
> So I upgraded to clamav-0.98.4 and in the same step also mimedefang to the
> latest version 2.75
> This is how mimedefang involves clamd in /usr/local/bin/mimedefang.pl
> $Features{'Virus:CLAMD'}    = ('/usr/local/sbin/clamd' ne '/bin/false' ?
> '/usr/local/sbin/clamd' : 0);
> The system worked stable for 2 weeks.
>
> Yesterday evening I noticed the same problem. A restart didn't help. After
> short time clamed crashed again.
> As short solution I disabled the virus scanning overnight.
> Today I have a stable situation without changing anything. Of course
> pattern updates are running.
> I assume an ugly attachment did crash the virus scanning process. Now this
> mail is passed and it's running fine.
>
> I am worried about the fact that the ClamAV solution becomes more and more
> instable.
>
> How can I support the ClamAV team with additional information to reach a
> stable system again ?
> What I have is a 305 MB core dump from clamd for Sparc platform. But I
> think, this will not help.
> In the meantime I started clamd with the option --debug
> Till now I didn't find any entries in the syslog.
>
> Kind regards
> Hans
>
>
>
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>

More information about the clamav-users mailing list