Back to Community Threads
2
SmarterMail build 8979: Again issues with ClamAV
Problem reported by Stefan Mössner - 8/2/2024 at 8:35 AM
Submitted
Hi all,

with build 8972 the issues with ClamAV were solved but with build 8979 they came back. This issue is already described in this thread: ClamD Errors with (June-15) Build - SmarterTools.

It would be very nice if this issue will be solved again.

Thank you.

9 Replies

Reply to Thread
1
Oliver Replied
8/2/2024 at 8:43 AM
One post on the subject would have been enough. 
If we all post our problems several times now, there will be total chaos here.
0
Matt Petty Replied
8/2/2024 at 8:45 AM
Employee Post
Yea shotgunning your clamav issue across the active threads isn't gonna help but make all the other threads harder to read and now way more confusing because we now have threads where you and others said was fixed and now its not fixed for you and who knows how much people will read all these different posts to understand the timeline of events.

Some log snippets or behavior that your seeing would be nice to have. Is this the same issue your seeing as before? We haven't touched clamav in a week since that fix, we got confirmation that its working again for windows and its been working on linux.
Matt Petty Senior Software Developer SmarterTools Inc. www.smartertools.com
0
Stefan Mössner Replied
8/2/2024 at 10:12 AM
I want tro keep it visible for SmarterTools. I don't know if they will have a close look to this issue.
And it's not only my issue!
It's exact the same issue as with the earlier builds. So have a look to the logs snippets of the linked thread and you see what's going on.
You dindn't change ClamAV but you changed the SmarterMail build. So maybe you didn't use the code base of build 8972 to make the new build. With the previous releases 8971 and earlier there was an issue with ClamAV and maybe you used the code base of one of these earlier releases.
0
Tim Uzzanti Replied
8/2/2024 at 10:23 AM
Employee Post
We worked with a couple customers who installed a custom build and they verified it resolved their issue.  Maybe yours is different, please work with support to provide the information requested so we can provide you a custom build and verify it is resolved.  
Tim Uzzanti CEO SmarterTools Inc. www.smartertools.com
0
Stefan Mössner Replied
8/2/2024 at 1:14 PM
I have the free version running so there's no support.

With build 8972 was the issue solved that started for me with build 8965.

This is the log of ClamAV after updating to build 8979:

Fri Aug  2 17:19:28 2024 -> +++ Started at Fri Aug  2 17:19:28 2024
Fri Aug  2 17:19:28 2024 -> Received 0 file descriptor(s) from systemd.
Fri Aug  2 17:19:28 2024 -> clamd daemon 1.3.1 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Fri Aug  2 17:19:28 2024 -> Log file size limited to 1048576 bytes.
Fri Aug  2 17:19:28 2024 -> Reading databases from C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav
Fri Aug  2 17:19:28 2024 -> Not loading PUA signatures.
Fri Aug  2 17:19:28 2024 -> Bytecode: Security mode set to "TrustSigned".
Fri Aug  2 17:20:04 2024 -> +++ Started at Fri Aug  2 17:20:04 2024
Fri Aug  2 17:20:04 2024 -> Received 0 file descriptor(s) from systemd.
Fri Aug  2 17:20:04 2024 -> clamd daemon 1.3.1 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Fri Aug  2 17:20:04 2024 -> Log file size limited to 1048576 bytes.
Fri Aug  2 17:20:04 2024 -> Reading databases from C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav
Fri Aug  2 17:20:04 2024 -> Not loading PUA signatures.
Fri Aug  2 17:20:04 2024 -> Bytecode: Security mode set to "TrustSigned".
Fri Aug  2 17:20:31 2024 -> Loaded 8696843 signatures.
Fri Aug  2 17:20:35 2024 -> +++ Started at Fri Aug  2 17:20:35 2024
Fri Aug  2 17:20:35 2024 -> Received 0 file descriptor(s) from systemd.
Fri Aug  2 17:20:35 2024 -> clamd daemon 1.3.1 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Fri Aug  2 17:20:35 2024 -> Log file size limited to 1048576 bytes.
Fri Aug  2 17:20:35 2024 -> Reading databases from C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav
Fri Aug  2 17:20:35 2024 -> Not loading PUA signatures.
Fri Aug  2 17:20:35 2024 -> Bytecode: Security mode set to "TrustSigned".
Fri Aug  2 17:21:05 2024 -> +++ Started at Fri Aug  2 17:21:05 2024
Fri Aug  2 17:21:05 2024 -> Received 0 file descriptor(s) from systemd.
Fri Aug  2 17:21:05 2024 -> clamd daemon 1.3.1 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Fri Aug  2 17:21:05 2024 -> Log file size limited to 1048576 bytes.
Fri Aug  2 17:21:05 2024 -> Reading databases from C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav
Fri Aug  2 17:21:05 2024 -> Not loading PUA signatures.
Fri Aug  2 17:21:05 2024 -> Bytecode: Security mode set to "TrustSigned".
Fri Aug  2 17:21:35 2024 -> +++ Started at Fri Aug  2 17:21:35 2024
Fri Aug  2 17:21:35 2024 -> Received 0 file descriptor(s) from systemd.
Fri Aug  2 17:21:35 2024 -> clamd daemon 1.3.1 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Fri Aug  2 17:21:35 2024 -> Log file size limited to 1048576 bytes.
Fri Aug  2 17:21:35 2024 -> Reading databases from C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav
Fri Aug  2 17:21:35 2024 -> Not loading PUA signatures.
Fri Aug  2 17:21:35 2024 -> Bytecode: Security mode set to "TrustSigned".
Fri Aug  2 17:22:06 2024 -> +++ Started at Fri Aug  2 17:22:06 2024
Fri Aug  2 17:22:06 2024 -> Received 0 file descriptor(s) from systemd.
Fri Aug  2 17:22:06 2024 -> clamd daemon 1.3.1 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Fri Aug  2 17:22:06 2024 -> Log file size limited to 1048576 bytes.
Fri Aug  2 17:22:06 2024 -> Reading databases from C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav
Fri Aug  2 17:22:06 2024 -> Not loading PUA signatures.
Fri Aug  2 17:22:06 2024 -> Bytecode: Security mode set to "TrustSigned".
Fri Aug  2 17:22:36 2024 -> +++ Started at Fri Aug  2 17:22:36 2024
Fri Aug  2 17:22:36 2024 -> Received 0 file descriptor(s) from systemd.
Fri Aug  2 17:22:36 2024 -> clamd daemon 1.3.1 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Fri Aug  2 17:22:36 2024 -> Log file size limited to 1048576 bytes.
Fri Aug  2 17:22:36 2024 -> Reading databases from C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav
Fri Aug  2 17:22:36 2024 -> Not loading PUA signatures.
Fri Aug  2 17:22:36 2024 -> Bytecode: Security mode set to "TrustSigned".
Fri Aug  2 17:23:07 2024 -> +++ Started at Fri Aug  2 17:23:07 2024
Fri Aug  2 17:23:07 2024 -> Received 0 file descriptor(s) from systemd.
Fri Aug  2 17:23:07 2024 -> clamd daemon 1.3.1 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Fri Aug  2 17:23:07 2024 -> Log file size limited to 1048576 bytes.
Fri Aug  2 17:23:07 2024 -> Reading databases from C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav
Fri Aug  2 17:23:07 2024 -> Not loading PUA signatures.
Fri Aug  2 17:23:07 2024 -> Bytecode: Security mode set to "TrustSigned".
Fri Aug  2 17:23:37 2024 -> +++ Started at Fri Aug  2 17:23:37 2024
Fri Aug  2 17:23:37 2024 -> Received 0 file descriptor(s) from systemd.
Fri Aug  2 17:23:37 2024 -> clamd daemon 1.3.1 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Fri Aug  2 17:23:37 2024 -> Log file size limited to 1048576 bytes.
Fri Aug  2 17:23:37 2024 -> Reading databases from C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav
Fri Aug  2 17:23:37 2024 -> Not loading PUA signatures.
Fri Aug  2 17:23:37 2024 -> Bytecode: Security mode set to "TrustSigned".
Fri Aug  2 17:24:08 2024 -> +++ Started at Fri Aug  2 17:24:08 2024
Fri Aug  2 17:24:08 2024 -> Received 0 file descriptor(s) from systemd.
Fri Aug  2 17:24:08 2024 -> clamd daemon 1.3.1 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Fri Aug  2 17:24:08 2024 -> Log file size limited to 1048576 bytes.
Fri Aug  2 17:24:08 2024 -> Reading databases from C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav
Fri Aug  2 17:24:08 2024 -> Not loading PUA signatures.
Fri Aug  2 17:24:08 2024 -> Bytecode: Security mode set to "TrustSigned".
Fri Aug  2 17:24:38 2024 -> +++ Started at Fri Aug  2 17:24:38 2024
Fri Aug  2 17:24:38 2024 -> Received 0 file descriptor(s) from systemd.
Fri Aug  2 17:24:38 2024 -> clamd daemon 1.3.1 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Fri Aug  2 17:24:38 2024 -> Log file size limited to 1048576 bytes.
Fri Aug  2 17:24:38 2024 -> Reading databases from C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav
Fri Aug  2 17:24:38 2024 -> Not loading PUA signatures.
Fri Aug  2 17:24:38 2024 -> Bytecode: Security mode set to "TrustSigned".
Fri Aug  2 17:25:09 2024 -> +++ Started at Fri Aug  2 17:25:09 2024
Fri Aug  2 17:25:09 2024 -> Received 0 file descriptor(s) from systemd.
Fri Aug  2 17:25:09 2024 -> clamd daemon 1.3.1 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Fri Aug  2 17:25:09 2024 -> Log file size limited to 1048576 bytes.
Fri Aug  2 17:25:09 2024 -> Reading databases from C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav
Fri Aug  2 17:25:09 2024 -> Not loading PUA signatures.
Fri Aug  2 17:25:09 2024 -> Bytecode: Security mode set to "TrustSigned".
Fri Aug  2 17:25:40 2024 -> +++ Started at Fri Aug  2 17:25:40 2024
Fri Aug  2 17:25:40 2024 -> Received 0 file descriptor(s) from systemd.
Fri Aug  2 17:25:40 2024 -> clamd daemon 1.3.1 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Fri Aug  2 17:25:40 2024 -> Log file size limited to 1048576 bytes.
Fri Aug  2 17:25:40 2024 -> Reading databases from C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav
Fri Aug  2 17:25:40 2024 -> Not loading PUA signatures.
Fri Aug  2 17:25:40 2024 -> Bytecode: Security mode set to "TrustSigned".
Fri Aug  2 17:26:11 2024 -> +++ Started at Fri Aug  2 17:26:11 2024
Fri Aug  2 17:26:11 2024 -> Received 0 file descriptor(s) from systemd.
Fri Aug  2 17:26:11 2024 -> clamd daemon 1.3.1 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Fri Aug  2 17:26:11 2024 -> Log file size limited to 1048576 bytes.
Fri Aug  2 17:26:11 2024 -> Reading databases from C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav
Fri Aug  2 17:26:11 2024 -> Not loading PUA signatures.
Fri Aug  2 17:26:11 2024 -> Bytecode: Security mode set to "TrustSigned".
Fri Aug  2 17:26:41 2024 -> +++ Started at Fri Aug  2 17:26:41 2024
Fri Aug  2 17:26:41 2024 -> Received 0 file descriptor(s) from systemd.
Fri Aug  2 17:26:41 2024 -> clamd daemon 1.3.1 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Fri Aug  2 17:26:41 2024 -> Log file size limited to 1048576 bytes.
Fri Aug  2 17:26:41 2024 -> Reading databases from C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav
Fri Aug  2 17:26:41 2024 -> Not loading PUA signatures.
Fri Aug  2 17:26:41 2024 -> Bytecode: Security mode set to "TrustSigned".
Fri Aug  2 17:27:12 2024 -> +++ Started at Fri Aug  2 17:27:12 2024
Fri Aug  2 17:27:12 2024 -> Received 0 file descriptor(s) from systemd.
Fri Aug  2 17:27:12 2024 -> clamd daemon 1.3.1 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Fri Aug  2 17:27:12 2024 -> Log file size limited to 1048576 bytes.
Fri Aug  2 17:27:12 2024 -> Reading databases from C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav
Fri Aug  2 17:27:12 2024 -> Not loading PUA signatures.
Fri Aug  2 17:27:12 2024 -> Bytecode: Security mode set to "TrustSigned".
So it doesn't load correctly and is restarted again and again until I stopped ClamAV by the global SmarterMail administrator. 
1
Tim Uzzanti Replied
8/5/2024 at 7:22 AM
Employee Post
Nageswara, the exception shows a SmarterMail file is being accessed by another process.  That would be catastrophic for SmarterMail if another process is using the file and we can't access it or save it.  Please look to see if you have antivirus or another software product touching SmarterMail files.  That would explain why you end up with a file with no data... we can't write to it!
Tim Uzzanti CEO SmarterTools Inc. www.smartertools.com
0
Stefan Mössner Replied
8/5/2024 at 7:43 AM
And what has this to do with my initial post? I wrote about ClamAV issues and now we talk about files being accessed by another process...
0
Tim Uzzanti Replied
8/5/2024 at 7:57 AM
Employee Post
Stefan, his response has nothing to do with this topic but we have had customers posting in multiple threads to get attention and when we delete those extra posts, people then complain that we delete them.  In his case, he went into many topics and told people not to install SmarterMail when the issue he is having has nothing to do with SmarterMail itself. 

In your case, it seems that you modified the ClamAV files in that directory. We have no known issues with ClamAV and we would suggest you uninstall SmarterMail, delete your ClamAV folder and then re-install: C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam 
Tim Uzzanti CEO SmarterTools Inc. www.smartertools.com
0
Stefan Mössner Replied
8/5/2024 at 12:55 PM
I now uninstalled SmarterMail and deleted the Clam folder as you suggested. But now, ClamAV doesn't start:

Mon Aug  5 21:40:56 2024 -> +++ Started at Mon Aug  5 21:40:56 2024
Mon Aug  5 21:40:56 2024 -> Received 0 file descriptor(s) from systemd.
Mon Aug  5 21:40:56 2024 -> clamd daemon 1.3.1 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Mon Aug  5 21:40:56 2024 -> Log file size limited to 1048576 bytes.
Mon Aug  5 21:40:56 2024 -> Reading databases from C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav
Mon Aug  5 21:40:56 2024 -> Not loading PUA signatures.
Mon Aug  5 21:40:56 2024 -> Bytecode: Security mode set to "TrustSigned".
Mon Aug  5 21:40:56 2024 -> ERROR: Can't open file or directory
Then ClamAV was automatically restarted and is running for the moment:

Mon Aug  5 21:41:26 2024 -> +++ Started at Mon Aug  5 21:41:26 2024
Mon Aug  5 21:41:26 2024 -> Received 0 file descriptor(s) from systemd.
Mon Aug  5 21:41:26 2024 -> clamd daemon 1.3.1 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Mon Aug  5 21:41:26 2024 -> Log file size limited to 1048576 bytes.
Mon Aug  5 21:41:26 2024 -> Reading databases from C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav
Mon Aug  5 21:41:26 2024 -> Not loading PUA signatures.
Mon Aug  5 21:41:26 2024 -> Bytecode: Security mode set to "TrustSigned".
Mon Aug  5 21:41:26 2024 -> ERROR: Can't open file or directory
Mon Aug  5 21:42:48 2024 -> +++ Started at Mon Aug  5 21:42:48 2024
Mon Aug  5 21:42:48 2024 -> Received 0 file descriptor(s) from systemd.
Mon Aug  5 21:42:48 2024 -> clamd daemon 1.3.1 (OS: Windows, ARCH: AMD64, CPU: AMD64)
Mon Aug  5 21:42:48 2024 -> Log file size limited to 1048576 bytes.
Mon Aug  5 21:42:48 2024 -> Reading databases from C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\share\clamav
Mon Aug  5 21:42:48 2024 -> Not loading PUA signatures.
Mon Aug  5 21:42:48 2024 -> Bytecode: Security mode set to "TrustSigned".
Mon Aug  5 21:43:07 2024 -> Loaded 8696982 signatures.
Mon Aug  5 21:43:11 2024 -> TCP: Bound to [127.0.0.1]:3310
Mon Aug  5 21:43:11 2024 -> TCP: Setting connection queue length to 30
Mon Aug  5 21:43:11 2024 -> Limits: Global time limit set to 120000 milliseconds.
Mon Aug  5 21:43:11 2024 -> Limits: Global size limit set to 419430400 bytes.
Mon Aug  5 21:43:11 2024 -> Limits: File size limit set to 104857600 bytes.
Mon Aug  5 21:43:11 2024 -> Limits: Recursion level limit set to 17.
Mon Aug  5 21:43:11 2024 -> Limits: Files limit set to 10000.
Mon Aug  5 21:43:11 2024 -> Limits: MaxEmbeddedPE limit set to 41943040 bytes.
Mon Aug  5 21:43:11 2024 -> Limits: MaxHTMLNormalize limit set to 41943040 bytes.
Mon Aug  5 21:43:11 2024 -> Limits: MaxHTMLNoTags limit set to 8388608 bytes.
Mon Aug  5 21:43:11 2024 -> Limits: MaxScriptNormalize limit set to 20971520 bytes.
Mon Aug  5 21:43:11 2024 -> Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Mon Aug  5 21:43:11 2024 -> Limits: MaxPartitions limit set to 50.
Mon Aug  5 21:43:11 2024 -> Limits: MaxIconsPE limit set to 100.
Mon Aug  5 21:43:11 2024 -> Limits: MaxRecHWP3 limit set to 16.
Mon Aug  5 21:43:11 2024 -> Limits: PCREMatchLimit limit set to 100000.
Mon Aug  5 21:43:11 2024 -> Limits: PCRERecMatchLimit limit set to 2000.
Mon Aug  5 21:43:11 2024 -> Limits: PCREMaxFileSize limit set to 104857600.
Mon Aug  5 21:43:11 2024 -> Archive support enabled.
Mon Aug  5 21:43:11 2024 -> AlertExceedsMax heuristic detection disabled.
Mon Aug  5 21:43:11 2024 -> Heuristic alerts enabled.
Mon Aug  5 21:43:11 2024 -> Portable Executable support enabled.
Mon Aug  5 21:43:11 2024 -> ELF support enabled.
Mon Aug  5 21:43:11 2024 -> Mail files support enabled.
Mon Aug  5 21:43:11 2024 -> OLE2 support enabled.
Mon Aug  5 21:43:11 2024 -> PDF support enabled.
Mon Aug  5 21:43:11 2024 -> SWF support enabled.
Mon Aug  5 21:43:11 2024 -> HTML support enabled.
Mon Aug  5 21:43:11 2024 -> XMLDOCS support enabled.
Mon Aug  5 21:43:11 2024 -> HWP3 support enabled.
Mon Aug  5 21:43:11 2024 -> OneNote support enabled.
Mon Aug  5 21:43:11 2024 -> Self checking every 1800 seconds.
I haven't modified the ClamAV files. In the past I had to modify the path to the 8.3 format. But this was some time ago. What I can see is that the " in the conf file isn't needed in the paths any more.

I will see, if this will be a stable status.
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

ClamAV 3310 Errors in Delivery LogsSmarterMail > Troubleshooting
SmarterTools Licensing InformationGeneral Topics
Migrating SmarterMail to LinuxSmarterMail > Server Configuration and Management
Emergency 24x7 SupportGeneral Topics
Understanding SNI in SmarterMailSmarterMail > Server Configuration and Management