[GELÖST] 4.7.1 Tempfail - internal scan engine error. bei Dateianhängen

Debian macht sich hervorragend als Web- und Mailserver. Schau auch in den " Tipps und Tricks"-Bereich.
Antworten
Mpenzi
Beiträge: 65
Registriert: 26.07.2023 09:49:02

[GELÖST] 4.7.1 Tempfail - internal scan engine error. bei Dateianhängen

Beitrag von Mpenzi » 10.08.2023 19:31:28

Hallo,

ebenfalls nach einem Dist-Upgrade zu Debian 12 kann der Postfix-Server keine Attaments mehr versenden:

Code: Alles auswählen

2023-08-10T19:19:01.026389+02:00 mx postfix/submission/smtpd[1843]: 064F5620038: client=mx.example.com[192.168.1.71], sasl_method=PLAIN, sasl_username=systemmails@example.com
2023-08-10T19:19:01.031466+02:00 mx postfix/cleanup[1956]: 064F5620038: message-id=<20e843c415252b005f57bfad2930026f@example.com>
2023-08-10T19:19:01.223964+02:00 mx postfix/cleanup[1956]: 064F5620038: milter-reject: END-OF-MESSAGE from mx.example.com[192.168.1.71]: 4.7.1 Tempfail - internal scan engine error. (support-id 064F5620038); from=<systemmails@example.com> to=<info@example.com> proto=ESMTP helo=<mail.example.com>
Dazu gehört diese main.cf

Code: Alles auswählen

append_dot_mydomain = no
biff = no
bounce_queue_lifetime = 1h
compatibility_level = 2
confirm_delay_cleared = yes
delay_warning_time = 60
disable_vrfy_command = yes
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
local_recipient_maps = $virtual_mailbox_maps
mailbox_size_limit = 0
maximal_backoff_time = 15m
maximal_queue_lifetime = 1h
message_size_limit = 52428800
milter_default_action = tempfail
milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}
milter_protocol = 6
minimal_backoff_time = 5m
mua_client_restrictions = permit_mynetworks permit_sasl_authenticated reject
mua_relay_restrictions = reject_non_fqdn_recipient
reject_unknown_recipient_domain permit_mynetworks
permit_sasl_authenticated reject
mua_sender_restrictions = permit_mynetworks reject_non_fqdn_sender
reject_sender_login_mismatch permit_sasl_authenticated reject
mydestination = mx.example.tld, localhost.example.tld, localhost
myhostname = mx.example.tld
mynetworks = 127.0.0.0/8 192.168.1.0/24 192.119.24.0/24
[::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
non_smtpd_milters = inet:localhost:11332
plaintext_reject_code = 550
postscreen_access_list = permit_mynetworks cidr:/etc/postfix/postscreen_access
postscreen_bare_newline_enable = no
postscreen_blacklist_action = drop
postscreen_cache_cleanup_interval = 24h
postscreen_cache_map = proxy:btree:$data_directory/postscreen_cache
postscreen_dnsbl_action = enforce
postscreen_dnsbl_sites = b.barracudacentral.org=127.0.0.2*7
dnsbl.inps.de=127.0.0.2*7 bl.mailspike.net=127.0.0.2*5
bl.mailspike.net=127.0.0.[10;11;12]*4 dnsbl.sorbs.net=127.0.0.10*8
dnsbl.sorbs.net=127.0.0.5*6 dnsbl.sorbs.net=127.0.0.7*3
dnsbl.sorbs.net=127.0.0.8*2 dnsbl.sorbs.net=127.0.0.6*2
dnsbl.sorbs.net=127.0.0.9*2 zen.spamhaus.org=127.0.0.[4..7]*6
zen.spamhaus.org=127.0.0.3*4 zen.spamhaus.org=127.0.0.2*3
hostkarma.junkemailfilter.com=127.0.0.2*3
hostkarma.junkemailfilter.com=127.0.0.4*1
hostkarma.junkemailfilter.com=127.0.1.2*1
wl.mailspike.net=127.0.0.[18;19;20]*-2
hostkarma.junkemailfilter.com=127.0.0.1*-2
postscreen_dnsbl_threshold = 8
postscreen_dnsbl_ttl = 5m
postscreen_greet_action = enforce
postscreen_greet_banner = $smtpd_banner
postscreen_greet_ttl = 2d
postscreen_greet_wait = 3s
postscreen_non_smtp_command_enable = no
postscreen_pipelining_enable = no
proxy_read_maps =
proxy:mysql:/etc/postfix/sql/mysql_virtual_sender_acl.cf,
proxy:mysql:/etc/postfix/sql/mysql_tls_enforce_out_policy.cf,
proxy:mysql:/etc/postfix/sql/mysql_tls_enforce_in_policy.cf,
proxy:mysql:/etc/postfix/sql/sender-login-maps.cf,
$local_recipient_maps $mydestination $virtual_alias_maps
$virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains
$relay_recipient_maps $relay_domains $mynetworks
$smtpd_sender_login_maps
queue_run_delay = 5m
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
relay_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_mxdomain_maps.cf
relay_recipient_maps =
proxy:mysql:/etc/postfix/sql/mysql_relay_recipient_maps.cf
smtp_dns_support_level = dnssec
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_ciphers = medium
smtp_tls_loglevel = 1
smtp_tls_policy_maps = mysql:/etc/postfix/sql/tls-policy.cf
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_security_level = dane
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname
smtpd_client_restrictions = permit_mynetworks check_client_access
hash:/etc/postfix/without_ptr reject_unknown_client_hostname
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_error_sleep_time = 10s
smtpd_hard_error_limit = ${stress?1}${stress:5}
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks
reject_invalid_helo_hostname reject_non_fqdn_helo_hostname
reject_unknown_helo_hostname
smtpd_milters = inet:localhost:11332
smtpd_recipient_restrictions = permit_sasl_authenticated,
permit_mynetworks, reject_invalid_helo_hostname,
reject_unknown_reverse_client_hostname, reject_unauth_destination
smtpd_relay_restrictions = reject_non_fqdn_recipient
reject_unknown_recipient_domain permit_mynetworks
reject_unauth_destination
smtpd_sender_login_maps =
proxy:mysql:/etc/postfix/sql/mysql_virtual_sender_acl.cf
smtpd_soft_error_limit = 3
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/letsencrypt/live/mx.example.tld/fullchain.pem
smtpd_tls_ciphers = medium
smtpd_tls_dh1024_param_file = /etc/ssl/mail/dhparams_2048.pem
smtpd_tls_dh512_param_file = /etc/ssl/mail/dhparams_512.pem
smtpd_tls_exclude_ciphers = ECDHE-RSA-RC4-SHA, RC4, aNULL
smtpd_tls_key_file = /etc/letsencrypt/live/mx.example.tld/privkey.pem
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_exclude_ciphers = ECDHE-RSA-RC4-SHA, RC4, aNULL
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
tls_medium_cipherlist = EECDH+AESGCM:EDH+AESGCM
tls_preempt_cipherlist = yes
tls_ssl_options = NO_COMPRESSION
virtual_alias_maps =
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf,
proxy:mysql:/etc/postfix/sql/mysql_virtual_spamalias_maps.cf
virtual_gid_maps = static:5000
virtual_mailbox_domains =
proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_mailbox_maps =
proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 104
virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_uid_maps = static:5000
Der Milter auf Port 11332 ist erreichbar:

Code: Alles auswählen

root@mx ~ # telnet localhost 11332
Trying ::1...
Connected to localhost.
Escape character is '^]'.
^C
Connection closed by foreign host.

Code: Alles auswählen

root@mx ~ # netstat -tulpen | fgrep 11332
tcp        0      0 127.0.0.1:11332         0.0.0.0:*               LISTEN      111        25686      787/rspamd: main pr 
tcp6       0      0 ::1:11332               :::*                    LISTEN      111        25687      787/rspamd: main pr
Allerdings ist rspamd auf 3310 nicht erreichbar:

Code: Alles auswählen

root@mx ~ # netstat -tulpen | fgrep clamd
obwohl der Service gestartet ist.

Code: Alles auswählen

root@mx ~ # systemctl status clamav-daemon.service 
● clamav-daemon.service - Clam AntiVirus userspace daemon
     Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; preset: enabled)
    Drop-In: /etc/systemd/system/clamav-daemon.service.d
             └─extend.conf
     Active: active (running) since Thu 2023-08-10 19:12:38 CEST; 8min ago
TriggeredBy: ● clamav-daemon.socket
       Docs: man:clamd(8)
             man:clamd.conf(5)
             https://docs.clamav.net/
    Process: 613 ExecStartPre=/bin/mkdir -p /run/clamav (code=exited, status=0/SUCCESS)
    Process: 624 ExecStartPre=/bin/chown clamav /run/clamav (code=exited, status=0/SUCCESS)
   Main PID: 628 (clamd)
      Tasks: 2 (limit: 9481)
     Memory: 1.7G
        CPU: 22.166s
     CGroup: /system.slice/clamav-daemon.service
             └─628 /usr/sbin/clamd --foreground=true

Aug 10 19:13:00 mx clamd[628]: Thu Aug 10 19:13:00 2023 -> Portable Executable support enabled.
Aug 10 19:13:00 mx clamd[628]: Thu Aug 10 19:13:00 2023 -> ELF support enabled.
Aug 10 19:13:00 mx clamd[628]: Thu Aug 10 19:13:00 2023 -> Mail files support enabled.
Aug 10 19:13:00 mx clamd[628]: Thu Aug 10 19:13:00 2023 -> OLE2 support enabled.
Aug 10 19:13:00 mx clamd[628]: Thu Aug 10 19:13:00 2023 -> PDF support enabled.
Aug 10 19:13:00 mx clamd[628]: Thu Aug 10 19:13:00 2023 -> SWF support enabled.
Aug 10 19:13:00 mx clamd[628]: Thu Aug 10 19:13:00 2023 -> HTML support enabled.
Aug 10 19:13:00 mx clamd[628]: Thu Aug 10 19:13:00 2023 -> XMLDOCS support enabled.
Aug 10 19:13:00 mx clamd[628]: Thu Aug 10 19:13:00 2023 -> HWP3 support enabled.
Aug 10 19:13:00 mx clamd[628]: Thu Aug 10 19:13:00 2023 -> Self checking every 3600 seconds.
Ich habe das an einer anderen Maschine auch schon gehabt. Dort hat ein mehrmaliges Durchstarten der rspamd- und clam-Services geholfen. Hier ist das aber wirkungslos.

Jetzt bräuchte einen neuen Denkansatz.
Viele Grüße
MPenzi
Zuletzt geändert von Mpenzi am 11.08.2023 16:29:03, insgesamt 1-mal geändert.
Nach oben
Benutzeravatar
oln
Beiträge: 487
Registriert: 05.01.2021 09:41:24

Re: 4.7.1 Tempfail - internal scan engine error. bei Dateianhängen

Beitrag von oln » 11.08.2023 07:39:09

Moin,
ich weiß nicht was du da für eine verkorkste Konfiguration fährst. Ich hab hier zwei Postfix zu laufen und keiner hat Zicken gemacht nach dem Upgrade.
Mpenzi hat geschrieben: ↑ zum Beitrag ↑
10.08.2023 19:31:28

Code: Alles auswählen

2023-08-10T19:19:01.026389+02:00 mx postfix/submission/smtpd[1843]: 064F5620038: client=mx.example.com[192.168.1.71], sasl_method=PLAIN, sasl_username=systemmails@example.com
2023-08-10T19:19:01.031466+02:00 mx postfix/cleanup[1956]: 064F5620038: message-id=<20e843c415252b005f57bfad2930026f@example.com>
2023-08-10T19:19:01.223964+02:00 mx postfix/cleanup[1956]: 064F5620038: milter-reject: END-OF-MESSAGE from mx.example.com[192.168.1.71]: 4.7.1 Tempfail - internal scan engine error. (support-id 064F5620038); from=<systemmails@example.com> to=<info@example.com> proto=ESMTP helo=<mail.example.com>
Also es steht doch da. Deine scanengine ist nicht da.
Mpenzi hat geschrieben: ↑ zum Beitrag ↑
10.08.2023 19:31:28

Code: Alles auswählen

root@mx ~ # netstat -tulpen | fgrep 11332
tcp        0      0 127.0.0.1:11332         0.0.0.0:*               LISTEN      111        25686      787/rspamd: main pr 
tcp6       0      0 ::1:11332               :::*                    LISTEN      111        25687      787/rspamd: main pr
Allerdings ist rspamd auf 3310 nicht erreichbar:
Häh? rdspam läuft doch auf 11332. Steht doch in deiner Ausgabe.
Mpenzi hat geschrieben: ↑ zum Beitrag ↑
10.08.2023 19:31:28

Code: Alles auswählen

root@mx ~ # netstat -tulpen | fgrep clamd
obwohl der Service gestartet ist.
Dann lass doch mal das grep weg und scroll dich durch.
Läuft clamsmtp?

Deine master.cf wäre noch interessant.
Gruß Ole
AbuseIPDB
Nach oben
Mpenzi
Beiträge: 65
Registriert: 26.07.2023 09:49:02

Re: 4.7.1 Tempfail - internal scan engine error. bei Dateianhängen

Beitrag von Mpenzi » 11.08.2023 08:43:04

Guten Morgen Ole,
den Thomas Leister wird deine Bewertung sicher freuen.
oln hat geschrieben: ↑ zum Beitrag ↑
11.08.2023 07:39:09
 Moin,
ich weiß nicht was du da für eine verkorkste Konfiguration fährst. Ich hab hier zwei Postfix zu laufen und keiner hat Zicken gemacht nach dem Upgrade.
Ich habe das Teil 2021 hiernach https://thomas-leister.de/mailserver-debian-buster/ aufgesetzt. Und das lief bisher auch sehr gut.
oln hat geschrieben: ↑ zum Beitrag ↑
11.08.2023 07:39:09
Mpenzi hat geschrieben: ↑ zum Beitrag ↑
10.08.2023 19:31:28

Code: Alles auswählen

2023-08-10T19:19:01.026389+02:00 mx postfix/submission/smtpd[1843]: 064F5620038: client=mx.example.com[192.168.1.71], sasl_method=PLAIN, sasl_username=systemmails@example.com
2023-08-10T19:19:01.031466+02:00 mx postfix/cleanup[1956]: 064F5620038: message-id=<20e843c415252b005f57bfad2930026f@example.com>
2023-08-10T19:19:01.223964+02:00 mx postfix/cleanup[1956]: 064F5620038: milter-reject: END-OF-MESSAGE from mx.example.com[192.168.1.71]: 4.7.1 Tempfail - internal scan engine error. (support-id 064F5620038); from=<systemmails@example.com> to=<info@example.com> proto=ESMTP helo=<mail.example.com>
Also es steht doch da. Deine scanengine ist nicht da.
Richtig, aber da steht auch, dass der Milter einen Fehler liefert. Deswegen checke ich zuerst, ob dieser erreichbar ist. Mit dem Ergebnis ja.
Mpenzi hat geschrieben: ↑ zum Beitrag ↑
10.08.2023 19:31:28

Code: Alles auswählen

root@mx ~ # netstat -tulpen | fgrep 11332
tcp        0      0 127.0.0.1:11332         0.0.0.0:*               LISTEN      111        25686      787/rspamd: main pr 
tcp6       0      0 ::1:11332               :::*                    LISTEN      111        25687      787/rspamd: main pr
Allerdings ist rspamd auf 3310 nicht erreichbar:
oln hat geschrieben: ↑ zum Beitrag ↑
11.08.2023 07:39:09
 Häh? rdspam läuft doch auf 11332. Steht doch in deiner Ausgabe.
Der läuft ja auch. Das ist ein Schreibfehler von mir, richtiger wäre "Allerdings ist clamd auf 3310 nicht erreichbar" gewesen. Das Ergebnis müsste das hier ergeben:

Code: Alles auswählen

netstat -tulpen | fgrep clamd
tcp        0      0 127.0.0.1:3310          0.0.0.0:*               LISTEN      112        8777331    921186/clamd
oln hat geschrieben: ↑ zum Beitrag ↑
11.08.2023 07:39:09
 Dann lass doch mal das grep weg und scroll dich durch.

Code: Alles auswählen

Proto Recv-Q Send-Q Local Address           Foreign Address         State       Benutzer   Inode      PID/Program name    
tcp        0      0 0.0.0.0:587             0.0.0.0:*               LISTEN      0          1320451    60321/master        
tcp        0      0 0.0.0.0:993             0.0.0.0:*               LISTEN      0          1318361    60329/dovecot       
tcp        0      0 0.0.0.0:995             0.0.0.0:*               LISTEN      0          1318326    60329/dovecot       
tcp        0      0 0.0.0.0:143             0.0.0.0:*               LISTEN      0          1318360    60329/dovecot       
tcp        0      0 127.0.0.1:6379          0.0.0.0:*               LISTEN      113        14511      689/redis-server 12 
tcp        0      0 0.0.0.0:4190            0.0.0.0:*               LISTEN      0          1318309    60329/dovecot       
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      0          1652       1/init              
tcp        0      0 0.0.0.0:110             0.0.0.0:*               LISTEN      0          1318325    60329/dovecot       
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      0          1320436    60321/master        
tcp        0      0 0.0.0.0:465             0.0.0.0:*               LISTEN      0          1320445    60321/master        
tcp        0      0 127.0.0.1:11334         0.0.0.0:*               LISTEN      111        1318521    60327/rspamd: main  
tcp        0      0 127.0.0.1:11332         0.0.0.0:*               LISTEN      111        1318515    60327/rspamd: main  
tcp        0      0 127.0.0.1:11333         0.0.0.0:*               LISTEN      111        1318527    60327/rspamd: main  
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      107        16254      830/mariadbd        
tcp        0      0 0.0.0.0:52071           0.0.0.0:*               LISTEN      0          665        701/sshd: /usr/sbin 
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      0          24498      710/unbound         
tcp6       0      0 :::587                  :::*                    LISTEN      0          1320452    60321/master        
tcp6       0      0 :::80                   :::*                    LISTEN      0          17357      1101/apache2        
tcp6       0      0 :::111                  :::*                    LISTEN      0          22469      1/init              
tcp6       0      0 :::25                   :::*                    LISTEN      0          1320437    60321/master        
tcp6       0      0 :::465                  :::*                    LISTEN      0          1320446    60321/master        
tcp6       0      0 :::443                  :::*                    LISTEN      0          17361      1101/apache2        
tcp6       0      0 ::1:53                  :::*                    LISTEN      0          24496      710/unbound         
tcp6       0      0 :::5665                 :::*                    LISTEN      128        20085      1072/icinga2        
tcp6       0      0 ::1:11332               :::*                    LISTEN      111        1318516    60327/rspamd: main  
tcp6       0      0 ::1:11333               :::*                    LISTEN      111        1318528    60327/rspamd: main  
tcp6       0      0 ::1:11334               :::*                    LISTEN      111        1318522    60327/rspamd: main  
tcp6       0      0 :::52071                :::*                    LISTEN      0          667        701/sshd: /usr/sbin 
tcp6       0      0 ::1:6379                :::*                    LISTEN      113        14512      689/redis-server 12 
udp        0      0 127.0.0.1:53            0.0.0.0:*                           0          24497      710/unbound         
udp        0      0 0.0.0.0:111             0.0.0.0:*                           0          10604      1/init              
udp6       0      0 ::1:53                  :::*                                0          24495      710/unbound         
udp6       0      0 :::111                  :::*                                0          18686      1/init
Wie bereits erwähnt clamd läuft nicht. Und ich suche den Grund dafür.

oln hat geschrieben: ↑ zum Beitrag ↑
11.08.2023 07:39:09
 Läuft clamsmtp?
Das ist überhaupt nicht installiert. Wie gesagt, ich hatte mich seinerzeit von dem verkorksten Thomas-Leistner-Howto leiten lassen, das ich keineswegs für verkorkst halte - im Gegenteil. Denn da hat sich wirklich jemand Arbeit gemacht. Und hier wird clamsmtp gar nicht aufgeführt.
oln hat geschrieben: ↑ zum Beitrag ↑
11.08.2023 07:39:09
 Deine master.cf wäre noch interessant.
Klar, die poste ich selbstverständlich auch.

Code: Alles auswählen

append_dot_mydomain = no
biff = no
bounce_queue_lifetime = 1h
compatibility_level = 2
confirm_delay_cleared = yes
delay_warning_time = 60
disable_vrfy_command = yes
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
local_recipient_maps = $virtual_mailbox_maps
mailbox_size_limit = 0
maximal_backoff_time = 15m
maximal_queue_lifetime = 1h
message_size_limit = 52428800
milter_default_action = tempfail
milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}
milter_protocol = 6
minimal_backoff_time = 5m
mua_client_restrictions = permit_mynetworks permit_sasl_authenticated reject
mua_relay_restrictions = reject_non_fqdn_recipient
reject_unknown_recipient_domain permit_mynetworks
permit_sasl_authenticated reject
mua_sender_restrictions = permit_mynetworks reject_non_fqdn_sender
reject_sender_login_mismatch permit_sasl_authenticated reject
mydestination = mx.example.tld, localhost.example.tld, localhost
myhostname = mx.example.tld
mynetworks = 127.0.0.0/8 192.168.1.0/24 192.119.24.0/24
[::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
non_smtpd_milters = inet:localhost:11332
plaintext_reject_code = 550
postscreen_access_list = permit_mynetworks cidr:/etc/postfix/postscreen_access
postscreen_bare_newline_enable = no
postscreen_blacklist_action = drop
postscreen_cache_cleanup_interval = 24h
postscreen_cache_map = proxy:btree:$data_directory/postscreen_cache
postscreen_dnsbl_action = enforce
postscreen_dnsbl_sites = b.barracudacentral.org=127.0.0.2*7
dnsbl.inps.de=127.0.0.2*7 bl.mailspike.net=127.0.0.2*5
bl.mailspike.net=127.0.0.[10;11;12]*4 dnsbl.sorbs.net=127.0.0.10*8
dnsbl.sorbs.net=127.0.0.5*6 dnsbl.sorbs.net=127.0.0.7*3
dnsbl.sorbs.net=127.0.0.8*2 dnsbl.sorbs.net=127.0.0.6*2
dnsbl.sorbs.net=127.0.0.9*2 zen.spamhaus.org=127.0.0.[4..7]*6
zen.spamhaus.org=127.0.0.3*4 zen.spamhaus.org=127.0.0.2*3
hostkarma.junkemailfilter.com=127.0.0.2*3
hostkarma.junkemailfilter.com=127.0.0.4*1
hostkarma.junkemailfilter.com=127.0.1.2*1
wl.mailspike.net=127.0.0.[18;19;20]*-2
hostkarma.junkemailfilter.com=127.0.0.1*-2
postscreen_dnsbl_threshold = 8
postscreen_dnsbl_ttl = 5m
postscreen_greet_action = enforce
postscreen_greet_banner = $smtpd_banner
postscreen_greet_ttl = 2d
postscreen_greet_wait = 3s
postscreen_non_smtp_command_enable = no
postscreen_pipelining_enable = no
proxy_read_maps =
proxy:mysql:/etc/postfix/sql/mysql_virtual_sender_acl.cf,
proxy:mysql:/etc/postfix/sql/mysql_tls_enforce_out_policy.cf,
proxy:mysql:/etc/postfix/sql/mysql_tls_enforce_in_policy.cf,
proxy:mysql:/etc/postfix/sql/sender-login-maps.cf,
$local_recipient_maps $mydestination $virtual_alias_maps
$virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains
$relay_recipient_maps $relay_domains $mynetworks
$smtpd_sender_login_maps
queue_run_delay = 5m
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
relay_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_mxdomain_maps.cf
relay_recipient_maps =
proxy:mysql:/etc/postfix/sql/mysql_relay_recipient_maps.cf
smtp_dns_support_level = dnssec
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_ciphers = medium
smtp_tls_loglevel = 1
smtp_tls_policy_maps = mysql:/etc/postfix/sql/tls-policy.cf
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_security_level = dane
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname
smtpd_client_restrictions = permit_mynetworks check_client_access
hash:/etc/postfix/without_ptr reject_unknown_client_hostname
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_error_sleep_time = 10s
smtpd_hard_error_limit = ${stress?1}${stress:5}
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks
reject_invalid_helo_hostname reject_non_fqdn_helo_hostname
reject_unknown_helo_hostname
smtpd_milters = inet:localhost:11332
smtpd_recipient_restrictions = permit_sasl_authenticated,
permit_mynetworks, reject_invalid_helo_hostname,
reject_unknown_reverse_client_hostname, reject_unauth_destination
smtpd_relay_restrictions = reject_non_fqdn_recipient
reject_unknown_recipient_domain permit_mynetworks
reject_unauth_destination
smtpd_sender_login_maps =
proxy:mysql:/etc/postfix/sql/mysql_virtual_sender_acl.cf
smtpd_soft_error_limit = 3
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/letsencrypt/live/mx.example.tld/fullchain.pem
smtpd_tls_ciphers = medium
smtpd_tls_dh1024_param_file = /etc/ssl/mail/dhparams_2048.pem
smtpd_tls_dh512_param_file = /etc/ssl/mail/dhparams_512.pem
smtpd_tls_exclude_ciphers = ECDHE-RSA-RC4-SHA, RC4, aNULL
smtpd_tls_key_file = /etc/letsencrypt/live/mx.example.tld/privkey.pem
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_exclude_ciphers = ECDHE-RSA-RC4-SHA, RC4, aNULL
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
tls_medium_cipherlist = EECDH+AESGCM:EDH+AESGCM
tls_preempt_cipherlist = yes
tls_ssl_options = NO_COMPRESSION
virtual_alias_maps =
proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf,
proxy:mysql:/etc/postfix/sql/mysql_virtual_spamalias_maps.cf
virtual_gid_maps = static:5000
virtual_mailbox_domains =
proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
virtual_mailbox_maps =
proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 104
virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_uid_maps = static:5000
Ich bin eben von vorneherein davon ausgegangen, dass das Problem irgendwo beim Starten des Clamd liegt, weniger bei der Postfix-Config, den die hatte sich beim Dist-Upgrade nicht verändert. Allerdings der Service startet fehlerfrei im Systemd. Nur wirkt sich das nicht richtig aus, in dem der clamd tatsächlich auf Port 3310 auch auftaucht.

Jedenfalls vielen Dank für dein Feedback!

MPenzi
Nach oben
Benutzeravatar
oln
Beiträge: 487
Registriert: 05.01.2021 09:41:24

Re: 4.7.1 Tempfail - internal scan engine error. bei Dateianhängen

Beitrag von oln » 11.08.2023 11:52:35

Also die Anleitung ist schon gut. Aber ich finde da nichts zu clamav. Nach welcher Anleitung hast du das erstellt?
Gruß Ole
AbuseIPDB
Nach oben
Mpenzi
Beiträge: 65
Registriert: 26.07.2023 09:49:02

Re: 4.7.1 Tempfail - internal scan engine error. bei Dateianhängen

Beitrag von Mpenzi » 11.08.2023 12:01:36

Also ich bin der Meinung, das Problem liegt hier weniger in der Mailserver-Konfiguration, denn die hat seit zwei Jahren sich bewährt, als in irgendetwas, das den Clamd stört. Ich habe die gleiche Konfiguration noch auf einem anderen Debian 12 Postfix-Server. Da trat dasselbe auf, allerdings läuft nach einigen Neustarts des Services der Clamd und lauscht auf Port 3310.

Ich versuche systematisch vorzugehen:

Code: Alles auswählen

systemctl status clamav-daemon.service 
● clamav-daemon.service - Clam AntiVirus userspace daemon
     Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; preset: enabled)
    Drop-In: /etc/systemd/system/clamav-daemon.service.d
             └─extend.conf
     Active: active (running) since Fri 2023-08-11 10:13:54 CEST; 1h 35min ago
TriggeredBy: ● clamav-daemon.socket
       Docs: man:clamd(8)
             man:clamd.conf(5)
             https://docs.clamav.net/
    Process: 6854 ExecStartPre=/bin/mkdir -p /run/clamav (code=exited, status=0/SUCCESS)
    Process: 6855 ExecStartPre=/bin/chown clamav /run/clamav (code=exited, status=0/SUCCESS)
   Main PID: 6856 (clamd)
      Tasks: 2 (limit: 9481)
     Memory: 976.7M
        CPU: 20.374s
     CGroup: /system.slice/clamav-daemon.service
             └─6856 /usr/sbin/clamd --foreground=true

Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> ELF support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Mail files support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> OLE2 support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> PDF support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> SWF support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> HTML support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> XMLDOCS support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> HWP3 support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Self checking every 3600 seconds.
Aug 11 11:14:15 mx clamd[6856]: Fri Aug 11 11:14:15 2023 -> SelfCheck: Database status OK.
Der clamav-daemon.service läuft augenscheinlich. Und eine Prozess-ID hat er ebenfalls:

Code: Alles auswählen

pidof clamd
6856

Code: Alles auswählen

journalctl _PID=6856 --since today
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: Global time limit set to 120000 milliseconds.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: Global size limit set to 104857600 bytes.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: File size limit set to 26214400 bytes.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: Recursion level limit set to 16.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: Files limit set to 10000.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: MaxHTMLNormalize limit set to 10485760 bytes.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: MaxScriptNormalize limit set to 5242880 bytes.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: MaxPartitions limit set to 50.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: MaxIconsPE limit set to 100.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: MaxRecHWP3 limit set to 16.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: PCREMatchLimit limit set to 10000.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: PCRERecMatchLimit limit set to 5000.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: PCREMaxFileSize limit set to 26214400.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Archive support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> AlertExceedsMax heuristic detection disabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Heuristic alerts enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Portable Executable support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> ELF support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Mail files support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> OLE2 support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> PDF support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> SWF support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> HTML support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> XMLDOCS support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> HWP3 support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Self checking every 3600 seconds.
Aug 11 11:14:15 mx clamd[6856]: Fri Aug 11 11:14:15 2023 -> SelfCheck: Database status OK.
zeigt, dass zumindest etwas macht.
Und habe ich hier noch

Code: Alles auswählen

journalctl --since today -u clamav-daemon.service --no-pager
Aug 11 00:13:00 mx clamd[628]: Fri Aug 11 00:13:00 2023 -> SelfCheck: Database status OK.
Aug 11 01:13:01 mx clamd[628]: Fri Aug 11 01:13:01 2023 -> SelfCheck: Database status OK.
Aug 11 02:13:01 mx clamd[628]: Fri Aug 11 02:13:01 2023 -> SelfCheck: Database status OK.
Aug 11 03:13:01 mx clamd[628]: Fri Aug 11 03:13:01 2023 -> SelfCheck: Database status OK.
Aug 11 04:13:01 mx clamd[628]: Fri Aug 11 04:13:01 2023 -> SelfCheck: Database status OK.
Aug 11 05:13:01 mx clamd[628]: Fri Aug 11 05:13:01 2023 -> SelfCheck: Database status OK.
Aug 11 06:13:01 mx clamd[628]: Fri Aug 11 06:13:01 2023 -> SelfCheck: Database status OK.
Aug 11 07:13:01 mx clamd[628]: Fri Aug 11 07:13:01 2023 -> SelfCheck: Database status OK.
Aug 11 08:13:01 mx clamd[628]: Fri Aug 11 08:13:01 2023 -> SelfCheck: Database status OK.
Aug 11 09:13:01 mx clamd[628]: Fri Aug 11 09:13:01 2023 -> SelfCheck: Database status OK.
Aug 11 09:17:38 mx systemd[1]: Stopping clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 09:19:08 mx systemd[1]: clamav-daemon.service: State 'stop-sigterm' timed out. Killing.
Aug 11 09:19:08 mx systemd[1]: clamav-daemon.service: Killing process 628 (clamd) with signal SIGKILL.
Aug 11 09:19:08 mx systemd[1]: clamav-daemon.service: Main process exited, code=killed, status=9/KILL
Aug 11 09:19:08 mx systemd[1]: clamav-daemon.service: Failed with result 'timeout'.
Aug 11 09:19:08 mx systemd[1]: Stopped clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 09:19:08 mx systemd[1]: clamav-daemon.service: Consumed 23.233s CPU time.
-- Boot 845adb1ddddd449c99b7c8b3ba7e8b0f --
Aug 11 09:19:40 mx systemd[1]: Starting clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 09:19:40 mx systemd[1]: Started clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Limits: Global time limit set to 120000 milliseconds.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Limits: Global size limit set to 104857600 bytes.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Limits: File size limit set to 26214400 bytes.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Limits: Recursion level limit set to 16.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Limits: Files limit set to 10000.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Limits: MaxHTMLNormalize limit set to 10485760 bytes.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Limits: MaxScriptNormalize limit set to 5242880 bytes.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Limits: MaxPartitions limit set to 50.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Limits: MaxIconsPE limit set to 100.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Limits: MaxRecHWP3 limit set to 16.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Limits: PCREMatchLimit limit set to 10000.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Limits: PCRERecMatchLimit limit set to 5000.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Limits: PCREMaxFileSize limit set to 26214400.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Archive support enabled.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> AlertExceedsMax heuristic detection disabled.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Heuristic alerts enabled.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Portable Executable support enabled.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> ELF support enabled.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Mail files support enabled.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> OLE2 support enabled.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> PDF support enabled.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> SWF support enabled.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> HTML support enabled.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> XMLDOCS support enabled.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> HWP3 support enabled.
Aug 11 09:20:06 mx clamd[608]: Fri Aug 11 09:20:06 2023 -> Self checking every 3600 seconds.
Aug 11 09:22:16 mx systemd[1]: Stopping clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 09:22:19 mx clamd[608]: Fri Aug 11 09:22:19 2023 -> --- Stopped at Fri Aug 11 09:22:19 2023
Aug 11 09:22:19 mx systemd[1]: clamav-daemon.service: Deactivated successfully.
Aug 11 09:22:19 mx systemd[1]: Stopped clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 09:22:19 mx systemd[1]: clamav-daemon.service: Consumed 25.374s CPU time.
Aug 11 09:23:53 mx systemd[1]: Starting clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 09:23:53 mx systemd[1]: Started clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Limits: Global time limit set to 120000 milliseconds.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Limits: Global size limit set to 104857600 bytes.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Limits: File size limit set to 26214400 bytes.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Limits: Recursion level limit set to 16.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Limits: Files limit set to 10000.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Limits: MaxHTMLNormalize limit set to 10485760 bytes.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Limits: MaxScriptNormalize limit set to 5242880 bytes.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Limits: MaxPartitions limit set to 50.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Limits: MaxIconsPE limit set to 100.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Limits: MaxRecHWP3 limit set to 16.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Limits: PCREMatchLimit limit set to 10000.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Limits: PCRERecMatchLimit limit set to 5000.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Limits: PCREMaxFileSize limit set to 26214400.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Archive support enabled.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> AlertExceedsMax heuristic detection disabled.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Heuristic alerts enabled.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Portable Executable support enabled.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> ELF support enabled.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Mail files support enabled.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> OLE2 support enabled.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> PDF support enabled.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> SWF support enabled.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> HTML support enabled.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> XMLDOCS support enabled.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> HWP3 support enabled.
Aug 11 09:24:15 mx clamd[1801]: Fri Aug 11 09:24:15 2023 -> Self checking every 3600 seconds.
Aug 11 09:49:23 mx systemd[1]: Stopping clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 09:49:26 mx clamd[1801]: Fri Aug 11 09:49:26 2023 -> --- Stopped at Fri Aug 11 09:49:26 2023
Aug 11 09:49:26 mx systemd[1]: clamav-daemon.service: Deactivated successfully.
Aug 11 09:49:26 mx systemd[1]: Stopped clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 09:49:26 mx systemd[1]: clamav-daemon.service: Consumed 24.335s CPU time.
Aug 11 09:49:26 mx systemd[1]: Starting clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 09:49:26 mx systemd[1]: Started clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Limits: Global time limit set to 120000 milliseconds.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Limits: Global size limit set to 104857600 bytes.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Limits: File size limit set to 26214400 bytes.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Limits: Recursion level limit set to 16.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Limits: Files limit set to 10000.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Limits: MaxHTMLNormalize limit set to 10485760 bytes.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Limits: MaxScriptNormalize limit set to 5242880 bytes.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Limits: MaxPartitions limit set to 50.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Limits: MaxIconsPE limit set to 100.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Limits: MaxRecHWP3 limit set to 16.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Limits: PCREMatchLimit limit set to 10000.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Limits: PCRERecMatchLimit limit set to 5000.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Limits: PCREMaxFileSize limit set to 26214400.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Archive support enabled.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> AlertExceedsMax heuristic detection disabled.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Heuristic alerts enabled.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Portable Executable support enabled.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> ELF support enabled.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Mail files support enabled.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> OLE2 support enabled.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> PDF support enabled.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> SWF support enabled.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> HTML support enabled.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> XMLDOCS support enabled.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> HWP3 support enabled.
Aug 11 09:49:50 mx clamd[4299]: Fri Aug 11 09:49:47 2023 -> Self checking every 3600 seconds.
Aug 11 10:13:37 mx systemd[1]: Stopping clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 10:13:39 mx clamd[4299]: Fri Aug 11 10:13:39 2023 -> --- Stopped at Fri Aug 11 10:13:39 2023
Aug 11 10:13:39 mx systemd[1]: clamav-daemon.service: Deactivated successfully.
Aug 11 10:13:39 mx systemd[1]: Stopped clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 10:13:39 mx systemd[1]: clamav-daemon.service: Consumed 23.467s CPU time.
Aug 11 10:13:39 mx systemd[1]: Starting clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 10:13:39 mx systemd[1]: Started clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 10:13:49 mx systemd[1]: Stopping clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 10:13:49 mx systemd[1]: clamav-daemon.service: Deactivated successfully.
Aug 11 10:13:49 mx systemd[1]: Stopped clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 10:13:49 mx systemd[1]: clamav-daemon.service: Consumed 8.649s CPU time.
Aug 11 10:13:49 mx systemd[1]: Starting clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 10:13:49 mx systemd[1]: Started clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 10:13:50 mx systemd[1]: Stopping clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 10:13:50 mx systemd[1]: clamav-daemon.service: Deactivated successfully.
Aug 11 10:13:50 mx systemd[1]: Stopped clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 10:13:50 mx systemd[1]: clamav-daemon.service: Consumed 1.306s CPU time.
Aug 11 10:13:50 mx systemd[1]: Starting clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 10:13:50 mx systemd[1]: Started clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 10:13:51 mx systemd[1]: Stopping clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 10:13:51 mx systemd[1]: clamav-daemon.service: Deactivated successfully.
Aug 11 10:13:51 mx systemd[1]: Stopped clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 10:13:51 mx systemd[1]: Starting clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 10:13:51 mx systemd[1]: Started clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 10:13:52 mx systemd[1]: Stopping clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 10:13:52 mx systemd[1]: clamav-daemon.service: Deactivated successfully.
Aug 11 10:13:52 mx systemd[1]: Stopped clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 10:13:52 mx systemd[1]: Starting clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 10:13:52 mx systemd[1]: Started clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 10:13:53 mx systemd[1]: Stopping clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 10:13:53 mx systemd[1]: clamav-daemon.service: Deactivated successfully.
Aug 11 10:13:53 mx systemd[1]: Stopped clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 10:13:53 mx systemd[1]: Starting clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 10:13:53 mx systemd[1]: Started clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 10:13:54 mx systemd[1]: Stopping clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 10:13:54 mx systemd[1]: clamav-daemon.service: Deactivated successfully.
Aug 11 10:13:54 mx systemd[1]: Stopped clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 10:13:54 mx systemd[1]: clamav-daemon.service: Consumed 1.158s CPU time.
Aug 11 10:13:54 mx systemd[1]: Starting clamav-daemon.service - Clam AntiVirus userspace daemon...
Aug 11 10:13:54 mx systemd[1]: Started clamav-daemon.service - Clam AntiVirus userspace daemon.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: Global time limit set to 120000 milliseconds.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: Global size limit set to 104857600 bytes.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: File size limit set to 26214400 bytes.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: Recursion level limit set to 16.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: Files limit set to 10000.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: MaxHTMLNormalize limit set to 10485760 bytes.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: MaxScriptNormalize limit set to 5242880 bytes.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: MaxPartitions limit set to 50.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: MaxIconsPE limit set to 100.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: MaxRecHWP3 limit set to 16.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: PCREMatchLimit limit set to 10000.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: PCRERecMatchLimit limit set to 5000.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Limits: PCREMaxFileSize limit set to 26214400.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Archive support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> AlertExceedsMax heuristic detection disabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Heuristic alerts enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Portable Executable support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> ELF support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Mail files support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> OLE2 support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> PDF support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> SWF support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> HTML support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> XMLDOCS support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> HWP3 support enabled.
Aug 11 10:14:15 mx clamd[6856]: Fri Aug 11 10:14:15 2023 -> Self checking every 3600 seconds.
Aug 11 11:14:15 mx clamd[6856]: Fri Aug 11 11:14:15 2023 -> SelfCheck: Database status OK.
Meiner Ansicht nach, ist da alles fine. Mir fehlt ehrlich gesagt gerade die Idee, wie man sichtbar macht, was die Systemd-Scripte schrittweise machen. Denn an irgendeiner Stelle klappt das nicht mit dem Connecten des Dienstes clamd an den Port 3310.

Das ist alles, was mir bis hierher eingefallen ist.

Grüße
MPenzi
Nach oben
Mpenzi
Beiträge: 65
Registriert: 26.07.2023 09:49:02

Re: 4.7.1 Tempfail - internal scan engine error. bei Dateianhängen

Beitrag von Mpenzi » 11.08.2023 12:03:56

oln hat geschrieben: ↑ zum Beitrag ↑
11.08.2023 11:52:35
 Also die Anleitung ist schon gut. Aber ich finde da nichts zu clamav. Nach welcher Anleitung hast du das erstellt?
Ganz ehrlich, die suche ich auch gerade. Ich weiß nur noch, dass ich damals von Amavis-New zu Rspamd gewechselt bin, weil Letztere besser ist.
Nach oben
Mpenzi
Beiträge: 65
Registriert: 26.07.2023 09:49:02

Re: 4.7.1 Tempfail - internal scan engine error. bei Dateianhängen

Beitrag von Mpenzi » 11.08.2023 16:28:38

Ich habe jetzt exakt das hier ausprobiert:

Code: Alles auswählen

systemctl disable --now clamav-daemon.socket
systemctl enable --now clamav-daemon.service
mit diesen Ergebnissen

Code: Alles auswählen

systemctl status clamav-daemon.service 
● clamav-daemon.service - Clam AntiVirus userspace daemon
     Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; preset: enabled)
    Drop-In: /etc/systemd/system/clamav-daemon.service.d
             └─extend.conf
     Active: active (running) since Fri 2023-08-11 16:12:16 CEST; 14min ago
       Docs: man:clamd(8)
             man:clamd.conf(5)
             https://docs.clamav.net/
   Main PID: 40137 (clamd)
      Tasks: 14 (limit: 9481)
     Memory: 1.5G
        CPU: 11min 7.706s
     CGroup: /system.slice/clamav-daemon.service
             └─40137 /usr/sbin/clamd --foreground=true

Aug 11 16:12:52 mx clamd[40137]: Fri Aug 11 16:12:52 2023 -> Portable Executable support enabled.
Aug 11 16:12:52 mx clamd[40137]: Fri Aug 11 16:12:52 2023 -> ELF support enabled.
Aug 11 16:12:52 mx clamd[40137]: Fri Aug 11 16:12:52 2023 -> Mail files support enabled.
Aug 11 16:12:52 mx clamd[40137]: Fri Aug 11 16:12:52 2023 -> OLE2 support enabled.
Aug 11 16:12:52 mx clamd[40137]: Fri Aug 11 16:12:52 2023 -> PDF support enabled.
Aug 11 16:12:52 mx clamd[40137]: Fri Aug 11 16:12:52 2023 -> SWF support enabled.
Aug 11 16:12:52 mx clamd[40137]: Fri Aug 11 16:12:52 2023 -> HTML support enabled.
Aug 11 16:12:52 mx clamd[40137]: Fri Aug 11 16:12:52 2023 -> XMLDOCS support enabled.
Aug 11 16:12:52 mx clamd[40137]: Fri Aug 11 16:12:52 2023 -> HWP3 support enabled.
Aug 11 16:12:52 mx clamd[40137]: Fri Aug 11 16:12:52 2023 -> Self checking every 3600 seconds.

Code: Alles auswählen

 netstat -tulpen | fgrep clamd
tcp        0      0 127.0.0.1:3310          0.0.0.0:*               LISTEN      112        961700     40137/clamd


Allerdings den clamav-daemon.socket wieder zu aktivieren gibt gleich wieder Probleme.

Vielen Dank bis dahin.
MPenzi
Nach oben
Antworten

Zurück zu „Web- und Mailserver“