ClamAV - Reset Defs DB: Difference between revisions
m (missing a d in zmamavisdctl but zmantivirusctl has it as well) |
Dwmtractor (talk | contribs) (Added additional symptoms of this problem) |
||
Line 6: | Line 6: | ||
You'll know this is the case if you go to the /var/log/zimbra.log and you see that ClamAV isn't running, postfix/qmgr errors out at 'delivery temporarily suspended', messages like 'malformed database' in /opt/zimbra/log/clamd.log, and by checking zmclamdctl status. | You'll know this is the case if you go to the /var/log/zimbra.log and you see that ClamAV isn't running, postfix/qmgr errors out at 'delivery temporarily suspended', messages like 'malformed database' in /opt/zimbra/log/clamd.log, and by checking zmclamdctl status. | ||
Other symptoms are, if you stop & restart Zimbra services (zmcontrol stop and zmcontrol start), antivirus may fail to start with the errors (among others): | |||
WARNING: Your ClamAV installation is OUTDATED! | |||
and | |||
clamd failed to start | |||
(the above text is part of a MUCH longer set of errors; despite what the Clam errors say, you DON'T necessarily have to update your whole ClamAV) | |||
To fix this, you can delete the defs and try again: | To fix this, you can delete the defs and try again: |
Revision as of 15:52, 26 June 2008
Sometimes ClamAV will download a virus update, and the MD5 will be wrong. If it is, then ClamAV usually goes down, and the system suspends delivery.
Symptoms:
You'll know this is the case if you go to the /var/log/zimbra.log and you see that ClamAV isn't running, postfix/qmgr errors out at 'delivery temporarily suspended', messages like 'malformed database' in /opt/zimbra/log/clamd.log, and by checking zmclamdctl status.
Other symptoms are, if you stop & restart Zimbra services (zmcontrol stop and zmcontrol start), antivirus may fail to start with the errors (among others):
WARNING: Your ClamAV installation is OUTDATED!
and
clamd failed to start
(the above text is part of a MUCH longer set of errors; despite what the Clam errors say, you DON'T necessarily have to update your whole ClamAV)
To fix this, you can delete the defs and try again:
su - zimbra mkdir /tmp/clamdb mv /opt/zimbra/clamav/db/* /tmp/clamdb zmprov ms `zmhostname` +zimbraServiceEnabled antivirus /opt/zimbra/clamav/bin/freshclam --config-file=/opt/zimbra/conf/freshclam.conf zmantivirusctl stop zmantivirusctl start
zmantivirusctl incorporates (or zmclamdctl/zmamavidsctl/zmmtaconfigctl)
In ZCS 5.0.3+ we moved to a data directory to keep separate from application data, replace the above with:
/opt/zimbra/data/clamav/db
Verify by running:
/opt/zimbra/clamav/bin/clamscan -d /opt/zimbra/data/clamav/db/