I've been running SmarterMail on a Windows Server 2008 R2 box since version 6 and have never been able to get ClamAV to work. In the years between versions 7 and 14 I've probably spent a couple man weeks trying to get it running and the end result has always been the same; no joy and the frustratingly unhelpful "Unable to run Clam virus checks: System.Net.Sockets.SocketException (0x80004005): No connection could be made because the target machine actively refused it..." error. It’s important to note that despite the error in the log, SM has always been perfectly content with my clam settings and successfully retrieves virus definition database updates daily.
Yesterday, I upgraded to SM Enterprise 14.4 hopeful that Clam would miraculously start working--nope same old problem. I spent a half a day trying many of the same things all over again. This time, though, I actually got it working! Here's the run down:
SmarterMail installs Clam in the following location: C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam. Under this folder there are two bin folder: "\bin" and "\bin64" that contain the binaries that SM uses for clam processes. You should be able to run clamd.exe from either of these folders. Simply open a command window and drag and drop the clamd.exe onto the window and hit enter key. When I tried I got the following error:
The program can't start because MSVCR100.dll is missing from your computer. Try reinstalling the program to fix this problem.
If you get this error you’re missing the C++ 2010 redistributables. Why the SM installer doesn’t catch this and/or make it available an in optional installation component is beyond me and I’m certain I installed the redistributables the last time I tried getting clam working so it’s a bit of a mystery as to why they were missing.
The C++ 2010 redistributable installers are available here:
EDIT: I would have posted links but when I try to submit this post I get a "Your account does not have permission to use hyperlinks in posts". I've had a forum account for approx. 5 years so I guess I'm not trustworthy enough?
Google the C++ 2010 redistributables--they should be easy enough to find.
After reinstalling the redistributables, try running clamd.exe again. In my case, I got the following error:
C:\Users\Administrator>"C:\Program Files (x86)\SmarterTools\SmarterMail\Service\
Clam\bin\clamd.exe"
ERROR: Can't open/parse the config file C:\Program Files (x86)\SmarterTools\Smar
terMail\Service\Clam\bin64\clamd.conf
Clearly clam is looking for the conf file in the same folder that it’s located in and yes, the config files are missing. Running a search on clamd.conf, or freshclam.conf reveals that configuration files are located in the C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\etc folder. Oddly, when clam settings are changed in the SM Web GUI, the values don't appear to be persisted to the conf files. Odder still; restarting the SM services seems to write something to the files but as far as I can tell, it just rewrites the default values. I still don’t know where SM persists the clam settings. I’ve run a search on the entire C drive and the only folder that contains the clamd.conf and freshclam.conf is the C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\etc folder
Next I copied the clamd.conf and freshclam.conf files to the \bin64 folder and tried running clamd.exe again. This time I received the following error:
C:\Users\Administrator>"C:\Program Files (x86)\SmarterTools\SmarterMail\Service\
Clam\bin\clamd.exe"
ERROR: Parse error at line 55: Unknown option LogRotate
ERROR: Can't open/parse the config file C:\Program Files (x86)\SmarterTools\Smar
terMail\Service\Clam\bin\clamd.conf
If you see similar error messages, open the clamd.conf file in a text editor and comment out the offending setting. After commenting out “LogRotate” I received similar errors for the following entries:
MaxEmbeddedPE
MaxHTMLNormalize
MaxHTMLNoTags
MaxScriptNormalize
MaxZipTypeRcg
Comment out any offending entries and try again. After doing this I got following result:
C:\Users\Administrator>"C:\Program Files (x86)\SmarterTools\SmarterMail\Service\
Clam\bin\clamd.exe"
Limits: Global size limit set to 157286400 bytes.
Limits: File size limit set to 31457280 bytes.
Limits: Recursion level limit set to 10.
Limits: Files limit set to 15000.
Archive support enabled.
Algorithmic detection enabled.
Portable Executable support enabled.
ELF support enabled.
Mail files support enabled.
OLE2 support enabled.
PDF support enabled.
HTML support enabled.
Self checking every 600 seconds.
EUREKA!? Well, mostly. SM isn’t writing to the conf files so changes need to be manually edited. Also, while I was able to get the x64 version of clamd.exe running, I was still get the “Unable to run Clam virus checks: System.Net.Sockets.SocketException (0x80004005):…” error in the delivery log. The reason? Despite running SM on a 64 bit OS, SM runs as a 32 bit process and presumably runs the 32 bit version of clamd.exe not the 64 bit version.
Copy the clamd.conf and freshclam.conf files to the \Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\bin folder and try running the clamd.exe as above. Note that you’ll need to kill the existing running 64 bit instance of clamd.exe using Task Manager. With the 32 bit version of clamd.exe running, open another command prompt window and run the following command:
netstat -an | find "3310"
You should see the following result which confirms that clam has opened (and is listening on) port 3310:
TCP 127.0.0.1:3310 0.0.0.0:0 LISTENING
Just to confirm everything was setup properly, I rebooted my server. I’m guessing I could have simply restarted the SmarterMail service and recycled the IIS SmarterMail Application Pool but I decided to reboot. Clam has been running for nearly a full day without connection errors.
A couple of parting notes: if you look at the freshclam.log file in the \Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\log folder you’ll likely see the following entries:
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.97.6 Recommended version: 0.98.7
Looking at the source files on clamav.net, version 0.97.6 appears to have been released in 9/2012. Interestingly, the bin64 version of clamd.exe has version number 0.98.6. That appears to have been released in 12/2014. The latest version (0.98.7) doesn’t appear to have a Windows build yet. This still doesn’t explain why SM installs the older 0.97.6 in the \bin folder and the newer 0.98.6 in the \bin64 folder. NOTE: I’ve confirmed that this issue isn’t specific to an upgrade installation. I’m seeing the same this on a fresh, first time SM install on a different box. Nor for that matter do I understand the why SM is using the 32 bit versions of clamd.exe and freshclam.exe on a 64 bit OS.
Lastly, I was convinced that there might be something odd about my Windows Server 2008 R2 installation that might be causing the issues and workarounds detailed in this post. As a sanity check, I did a fresh SM install on my home Win 2008 R2 box and ran into exactly the same issues. The only difference is that the clamd.conf contained a much smaller file without any comments and without the LogRotate (and other) values that caused the parse errors. Other than that, all of the steps listed above netted the same results—clamd.exe now runs.
Hopefully, this is helpful to others who have struggled with similar problems getting clam to work and to the SmarterMail devs as this could and should be fixed at the installer level.
Happy clamming -- Steve