ClamAV - Reset Defs DB

Revision as of 15:52, 26 June 2008 by Dwmtractor (talk | contribs) (Added additional symptoms of this problem)
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Sometimes ClamAV will download a virus update, and the MD5 will be wrong. If it is, then ClamAV usually goes down, and the system suspends delivery.


Symptoms: You'll know this is the case if you go to the /var/log/zimbra.log and you see that ClamAV isn't running, postfix/qmgr errors out at 'delivery temporarily suspended', messages like 'malformed database' in /opt/zimbra/log/clamd.log, and by checking zmclamdctl status.

Other symptoms are, if you stop & restart Zimbra services (zmcontrol stop and zmcontrol start), antivirus may fail to start with the errors (among others): 

WARNING: Your ClamAV installation is OUTDATED!

and 

clamd failed to start

(the above text is part of a MUCH longer set of errors; despite what the Clam errors say, you DON'T necessarily have to update your whole ClamAV)

To fix this, you can delete the defs and try again: 

su - zimbra
mkdir /tmp/clamdb
mv /opt/zimbra/clamav/db/* /tmp/clamdb
zmprov ms `zmhostname` +zimbraServiceEnabled antivirus
/opt/zimbra/clamav/bin/freshclam --config-file=/opt/zimbra/conf/freshclam.conf 
zmantivirusctl stop
zmantivirusctl start

zmantivirusctl incorporates (or zmclamdctl/zmamavidsctl/zmmtaconfigctl)

In ZCS 5.0.3+ we moved to a data directory to keep separate from application data, replace the above with: 

/opt/zimbra/data/clamav/db

Verify by running: 

/opt/zimbra/clamav/bin/clamscan -d /opt/zimbra/data/clamav/db/
Retrieved from "http://wiki.zimbra.com/index.php?title=ClamAV_-_Reset_Defs_DB&oldid=8953"
Jump to: navigation, search