Back to Community Threads
2
ClamAV isn't running any more
Problem reported by Stefan Mössner - 11/7/2023 at 5:52 PM
Resolved
Hi all,

I have SmarterMail, Version: 8684 (Okt 11, 2023), running. I use ClamAV that is shipped with SmarterMail.

The last few days I got error messages that there's a connection issue with ClamAV on127.0.0.1:3310. But this was only when restarting SmarterMail. Today, after a short power outage, I get a lot of these error messages. But I don't find the isssue. I thought that there's a file corruption because of the power outage and I decided to uninstall and reinstall SmarterMail. But this doesn't solve the issue. Then I deleted all the database files of ClamAV to let them download once again. But this doesn't solve the issue, too.

I'm wondering how ClamAv is started by SmarterMail. If I'm right there was a service in the past in Windows which started ClamAV daemon. But now, I don't see any service for this. And in the task manager there's no clamd process running. Shouldn't there be a service for ClamAV? But why isn't this service installed when reinstalling SmarterMail?

In the clamd log file I see every half a minute these lines:
Wed Nov  8 01:54:38 2023 -> +++ Started at Wed Nov  8 01:54:38 2023
Wed Nov  8 01:54:38 2023 -> Received 0 file descriptor(s) from systemd.
Wed Nov  8 01:54:38 2023 -> clamd daemon 1.2.0 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Wed Nov  8 01:54:38 2023 -> Log file size limited to 1048576 bytes.
Wed Nov  8 01:54:38 2023 -> Reading databases from C:\PROGRA~2\SMARTE~1\SMARTE~1\Service\Clam\share\clamav
Wed Nov  8 01:54:38 2023 -> Not loading PUA signatures.
Wed Nov  8 01:54:38 2023 -> Bytecode: Security mode set to "TrustSigned"
Normally there should be more log lines like:
Wed Nov  1 17:43:50 2023 -> Loaded 8779343 signatures.
Wed Nov  1 17:43:55 2023 -> TCP: Bound to [127.0.0.1]:3310
Wed Nov  1 17:43:55 2023 -> TCP: Setting connection queue length to 30
Wed Nov  1 17:43:55 2023 -> Limits: Global time limit set to 120000 milliseconds.
Wed Nov  1 17:43:55 2023 -> Limits: Global size limit set to 419430400 bytes.
Wed Nov  1 17:43:55 2023 -> Limits: File size limit set to 104857600 bytes.
Wed Nov  1 17:43:55 2023 -> Limits: Recursion level limit set to 17.
Wed Nov  1 17:43:55 2023 -> Limits: Files limit set to 10000.
Wed Nov  1 17:43:55 2023 -> Limits: MaxEmbeddedPE limit set to 41943040 bytes.
Wed Nov  1 17:43:55 2023 -> Limits: MaxHTMLNormalize limit set to 41943040 bytes.
Wed Nov  1 17:43:55 2023 -> Limits: MaxHTMLNoTags limit set to 8388608 bytes.
Wed Nov  1 17:43:55 2023 -> Limits: MaxScriptNormalize limit set to 20971520 bytes.
Wed Nov  1 17:43:55 2023 -> Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Wed Nov  1 17:43:55 2023 -> Limits: MaxPartitions limit set to 50.
Wed Nov  1 17:43:55 2023 -> Limits: MaxIconsPE limit set to 100.
Wed Nov  1 17:43:55 2023 -> Limits: MaxRecHWP3 limit set to 16.
Wed Nov  1 17:43:55 2023 -> Limits: PCREMatchLimit limit set to 100000.
Wed Nov  1 17:43:55 2023 -> Limits: PCRERecMatchLimit limit set to 2000.
Wed Nov  1 17:43:55 2023 -> Limits: PCREMaxFileSize limit set to 104857600.
Wed Nov  1 17:43:55 2023 -> Archive support enabled.
Wed Nov  1 17:43:55 2023 -> AlertExceedsMax heuristic detection disabled.
Wed Nov  1 17:43:55 2023 -> Heuristic alerts enabled.
Wed Nov  1 17:43:55 2023 -> Portable Executable support enabled.
Wed Nov  1 17:43:55 2023 -> ELF support enabled.
Wed Nov  1 17:43:55 2023 -> Mail files support enabled.
Wed Nov  1 17:43:55 2023 -> OLE2 support enabled.
Wed Nov  1 17:43:55 2023 -> PDF support enabled.
Wed Nov  1 17:43:55 2023 -> SWF support enabled.
Wed Nov  1 17:43:55 2023 -> HTML support enabled.
Wed Nov  1 17:43:55 2023 -> XMLDOCS support enabled.
Wed Nov  1 17:43:55 2023 -> HWP3 support enabled.
Wed Nov  1 17:43:55 2023 -> Self checking every 1800 seconds.
Wed Nov  1 18:14:47 2023 -> SelfCheck: Database status OK.
So it looks like SmarterMail is trying to start ClamAV but ClamAV can't open the signature database files and doesn't parse the config file regarding the settings. What's going wrong here?  How can I fix this issue?

Kind Regards.

4 Replies

Reply to Thread
0
Stefan Mössner Replied
11/8/2023 at 12:40 AM
This thread solved my issue: ClamAV stopped working - SmarterTools.

In short: The default 8.3 notation of the paths in the config files of clamd und freshclam should be replaced by the full path with "".
0
Tony Scholz Replied
11/8/2023 at 2:09 PM
Employee Post
Hello, 

If replacing the SHORT names for the paths does not resolve your issue you can also try to start the process manually to see if there are any errors reported from the command line. 

You can run this 
"C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\bin64\clamd.exe" -c "C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\etc\clamd.conf" --debug

Thank you
Tony Scholz System/Network Administrator SmarterTools Inc. www.smartertools.com
0
Stefan Mössner Replied
11/14/2023 at 12:33 PM
The issue isn't solved. After a restart of the server because of Windows updates the issue with ClamAV is coming back again! I saved the CONF files the last time so I restored them after I saw that the issue started again.But this doesn't help this time! The ClamAV process is starting again and again but is stopping some times later.

"C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\bin64\clamd.exe" -c "C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\etc\clamd.conf" --debug
This doesn't help. There aren't any further details in the log file or in the command line window:

C:\WINDOWS\system32>"C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\bin64\clamd.exe" -c "C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\etc\clamd.conf" --debug
WARNING: Ignoring deprecated option AllowSupplementaryGroups at C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\etc\clamd.conf:20
WARNING: Ignoring deprecated option MailFollowURLs at C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\etc\clamd.conf:25
What's more strange to get ClamAV running again: I first had to deactivate the scan of mails with ClamAV in SmarterMail. So the clamd process started without issues. Then I reactivated the scan of mails with ClamAV in SmarterMail and the clamd process is still running without issues.
0
Stefan Mössner Replied
11/20/2023 at 10:49 PM
Is here someone else who has the same issue? Is there any solution?
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Upgrading SmarterMail (Domain Conversion)SmarterMail > Installation and Configuration
Configure URL Rewriting for Autodiscover on LinuxSmarterMail > Server Configuration and Management
Messages from Trusted Senders are going to my Junk folderSmarterMail > Troubleshooting
Set Up a MAPI Account in Outlook 2016 and Above for WindowsSmarterMail > Desktop and Mobile Synchronization
ClamAV 3310 Errors in Delivery LogsSmarterMail > Troubleshooting