1 |
Firstly, have you ensured that the queue handler is specifed appropriately |
2 |
in your /etc/tcp.smtp file? Here are two example lines. The first allows |
3 |
relaying from a 10.0.0.0/8 subnet and skips any RBL checks (i.e. |
4 |
don´t run |
5 |
spamassassin for our internal users). The second disallows relaying for |
6 |
eveyone else and in both cases qmail-scanner wil be used as the delivery |
7 |
agent. |
8 |
|
9 |
10.0.0.:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" |
10 |
:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl" |
11 |
|
12 |
It's also a good idea to let localhost do anything: |
13 |
|
14 |
127.0.0.1:allow,RELAYCLIENT="",RBLSMTPD="" |
15 |
|
16 |
Naturally, if any changes are made you need to follow the step for building |
17 |
tcp.smtp.cdb as mentioned in the top of that file. |
18 |
|
19 |
> Ok found the qmail-scanner log in |
20 |
> |
21 |
> /var/spool/qmailscan |
22 |
> |
23 |
> Seems like clamv is puking? |
24 |
> |
25 |
> LibClamAV Error: readdb(): Malformed pattern line 7381 (file |
26 |
> /var/spool/qmailscan/mail10872837774267801/clamav-ded551c6cbafecef/viruses.db). |
27 |
> LibClamAV Error: cli_calloc(): Can't allocate memory (8 bytes). |
28 |
|
29 |
The guide suggests that resource limitations imposed by tcpserver´s |
30 |
softlimit might be to blame. Have you tried raising the softlimit in |
31 |
/var/qmail/control/conf-common and restarting /etc/init.d/svscan? I believe |
32 |
the default setting is somewhat inadequate for "real-world" mailservers. |
33 |
|
34 |
Another thing is that the clamav daemon (by default) runs as the clamav |
35 |
user. You might want to check that it has suitable write permissions under |
36 |
the above-mentioned directory (it's been a while since I used qmail, so |
37 |
I can't recall the precise way in which qmail-scanner employs external |
38 |
scanners off-hand). |
39 |
|
40 |
Beware of you choose to use any "glue" programs which mide override |
41 |
the environment - see the warning about Vpopmail in the qmail-scanner FAQ |
42 |
here for instance: http://qmail-scanner.sourceforge.net/FAQ.php. |
43 |
|
44 |
Also, Spamassassin isn't that strong in its default configuration (IMHO). |
45 |
I prefer to set a level around the 5 mark (watch for false positives though) |
46 |
and enable the rbl_checks (including razor2) becuase it makes a big |
47 |
difference. That might not be a wise option for a large scale deployment |
48 |
though because of the potential overhead of such queries. |
49 |
|
50 |
HTH, |
51 |
|
52 |
--Kerin Francis Millar |