ClamAV and SmarterMail 14
Question asked by Manuel - 6/11/2015 at 7:26 AM
Unanswered
Hello,
I'm try to test SmarterMail 14 before upgrade my SmarterMail 13.x Enterprise with 2700 mailboxes.

In SmarterMail 14, after installation, ClamAV not working:
 
 
[2015.06.11] 13:36:49 [51001] Unable to run Clam virus checks: System.Net.Sockets.SocketException (0x80004005): No connection could be made because the target machine actively refused it 127.0.0.1:3310
[2015.06.11] at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
[2015.06.11] at System.Net.Sockets.Socket.Connect(EndPoint remoteEP)
[2015.06.11] at MailStore.Spam.ClamDClient.CheckScan()
 
 
I have Windows Server 2012 R2.
I install Microsoft Visual C++ 2010 x64 Redistributable, and now this error no longer appears in the delivery log.
 
I try to send e-mail with rar attachment and virus inside, but ClamAV not stop it.
 
Can you help me ?
 
 
Manuel
GRAFFITI — It's Communication
Riva del Garda (TN), I-38066 – Località Pasina 46
Milano, I-20129 - via Lamberto De Bernardi 1
Verona, I-37134 - via Legnago 126
San Francisco, US-94111 California – 275 Battery St, Suite 2600
website: www.graffiti.it

20 Replies

Reply to Thread
0
Bruce Barnes Replied
Did you UNINSTALL the prior version (13.x) of SmarterMail and REBOOT the server to unlock any locked files prior to the installation of SmarterMail 14?
Bruce Barnes
ChicagoNetTech Inc
brucecnt@comcast.net

Phonr: (773) 491-9019
Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
1
Steve Reid Replied
You should try uninstalling it and manually deleting the C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam
 
Then reboot and reinstall.
 
If it's a 64 bit server then you should see the clamAV process running from the C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\bin64 directory.
0
Manuel Replied
I test SmarterMail in a new server
GRAFFITI — It's Communication
Riva del Garda (TN), I-38066 – Località Pasina 46
Milano, I-20129 - via Lamberto De Bernardi 1
Verona, I-37134 - via Legnago 126
San Francisco, US-94111 California – 275 Battery St, Suite 2600
website: www.graffiti.it
0
Manuel Replied
I check process details, and my clamd.exe is running on bin64 directory
GRAFFITI — It's Communication
Riva del Garda (TN), I-38066 – Località Pasina 46
Milano, I-20129 - via Lamberto De Bernardi 1
Verona, I-37134 - via Legnago 126
San Francisco, US-94111 California – 275 Battery St, Suite 2600
website: www.graffiti.it
0
Steve Reid Replied
Hmm that's strange, I just did the same with a Windows Server 2012 R2 VM. it installed the prerequisites and ClamAV is working fine.
0
Manuel Replied
I'm trying to send e-mail with rar file attached, with virus inside, but this file is not blocked or deleted.
In antivirus administration I have enabled only "Enable ClamAV" and virus quarantine to 30 days.
GRAFFITI — It's Communication
Riva del Garda (TN), I-38066 – Località Pasina 46
Milano, I-20129 - via Lamberto De Bernardi 1
Verona, I-37134 - via Legnago 126
San Francisco, US-94111 California – 275 Battery St, Suite 2600
website: www.graffiti.it
0
Steve Reid Replied
Is the clamAV process running?

Have you tried to restart the smartermail service?
0
Steve Reid Replied
how much ram is the ClamAV process using?
0
Manuel Replied
Yes, ClamAV process is running, I try to restart entire server.
Where find log where clamav execute the scanning ... ?
GRAFFITI — It's Communication
Riva del Garda (TN), I-38066 – Località Pasina 46
Milano, I-20129 - via Lamberto De Bernardi 1
Verona, I-37134 - via Legnago 126
San Francisco, US-94111 California – 275 Battery St, Suite 2600
website: www.graffiti.it
0
Steve Reid Replied
ClamAV logs are located: C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\log\
0
Bruce Barnes Replied
  1. Uninstall SmarterMail
  2. Reboot the server
  3. DELETE the DIRECTORY located at c:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\bin64
  4. REINSTALL SmarterMail 14.0.5637, using a FRESH DOWNLOAD from this location:

    http://www.smartertools.com/Download.aspx?Product=SmarterMail&File=Installer&Version=14&Location=Primary
 
Bruce Barnes
ChicagoNetTech Inc
brucecnt@comcast.net

Phonr: (773) 491-9019
Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
0
Manuel Replied
done, but does not work anyway.
actually I try SmarterMail 14 free as Incoming Gateway, domain forward mode.
My antivirus settings is:
virus quarantine 30 days
enable clamav yes
enable clamav realtime yes
quarantine directory c:\temp
virus action: delete
GRAFFITI — It's Communication
Riva del Garda (TN), I-38066 – Località Pasina 46
Milano, I-20129 - via Lamberto De Bernardi 1
Verona, I-37134 - via Legnago 126
San Francisco, US-94111 California – 275 Battery St, Suite 2600
website: www.graffiti.it
0
Steve Reid Replied
If the ClamSup additions are working ClamAV will be just over 400 megs ram use. I know many viruses got through without the ClamSup stuff added.
0
Manuel Replied
I need to run particular service o bat files for run ClamSum updates/additions ? How I check if ClamSup works correctly ?
GRAFFITI — It's Communication
Riva del Garda (TN), I-38066 – Località Pasina 46
Milano, I-20129 - via Lamberto De Bernardi 1
Verona, I-37134 - via Legnago 126
San Francisco, US-94111 California – 275 Battery St, Suite 2600
website: www.graffiti.it
0
Matt Petty Replied
Employee Post
SmarterMail should run the ClamSup.bat by default after running the ClamAV update. Could see the RAM usage like Steve said as ClamAV will use a lot more RAM than usual because of all the new signatures.
Matt Petty
Software Developer
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
0
Steve Reid Replied
Yeah that's how I easily tell if ClamSup is working
0
Manuel Replied
ClamSup works ... ClamAV use 300/400 Megs ...

Now ... SmarterMail configured as Incoming Gateway with domain forward, clamAv block incoming virus ?
I think only when SmarterMail work with local mailboxes.
GRAFFITI — It's Communication
Riva del Garda (TN), I-38066 – Località Pasina 46
Milano, I-20129 - via Lamberto De Bernardi 1
Verona, I-37134 - via Legnago 126
San Francisco, US-94111 California – 275 Battery St, Suite 2600
website: www.graffiti.it
0
Manuel Replied
Can you recommend some site that I send attachments to test clamav?
GRAFFITI — It's Communication
Riva del Garda (TN), I-38066 – Località Pasina 46
Milano, I-20129 - via Lamberto De Bernardi 1
Verona, I-37134 - via Legnago 126
San Francisco, US-94111 California – 275 Battery St, Suite 2600
website: www.graffiti.it
0
Brian Ellwood Replied
EICAR is what you want:
 
0
Manuel Replied
Hello,
I try ClamAV with ClamSup and SmarterMail for some days, but no viruses attached to an email, compressed in a zip or rar file is detected and blocked. you also have this problem?
GRAFFITI — It's Communication
Riva del Garda (TN), I-38066 – Località Pasina 46
Milano, I-20129 - via Lamberto De Bernardi 1
Verona, I-37134 - via Legnago 126
San Francisco, US-94111 California – 275 Battery St, Suite 2600
website: www.graffiti.it

Reply to Thread