- Woody
exim-tls 3.35-3
courier imap (und -ssl) 1.4.3-2.1
courier pop (und -ssl) 0.37.3-3.1
kernel 2.4.19-SMP
Maildir support
amavis-exim (aus testing)
f-prot
Wenn ich Amavis starte, passiert folgendes:
Exim übergibt eingehende Post an Amavis; Amavis übergibt an f-prot; f-prot bleibt hängen.
Die Systemlast steigt auf 2.xx und bleibt dort; 2 f-prot-Prozesse schlucken 99% der CPU-Zeit (das ist ein Dual-Athlon-System!).
Auszug aus "top":
Code: Alles auswählen
13:12:09 up 6 days, 4:49, 3 users, load average: 2.00, 2.00, 2.00
66 processes: 63 sleeping, 3 running, 0 zombie, 0 stopped
CPU states: 40.5% user, 59.5% system, 0.0% nice, 0.0% idle
Mem: 1033024K total, 979820K used, 53204K free, 105240K buffers
Swap: 1052248K total, 292K used, 1051956K free, 757328K cached
PID USER PRI NI SIZE RSS SHARE STAT %CPU %MEM TIME COMMAND
11669 amavis 20 0 1212 1212 416 R 99.7 0.1 1203m f-prot
11680 amavis 19 0 1252 1252 380 R 99.7 0.1 1203m f-prot
13410 root 9 0 1928 1900 1624 S 0.1 0.1 0:00 sshd
13418 root 10 0 964 964 748 R 0.1 0.0 0:21 top
1 root 8 0 480 452 420 S 0.0 0.0 0:01 init
2 root 9 0 0 0 0 SW 0.0 0.0 0:00 keventd
3 root 19 19 0 0 0 SWN 0.0 0.0 0:00 ksoftirqd_CPU0
4 root 19 19 0 0 0 SWN 0.0 0.0 0:00 ksoftirqd_CPU1
5 root 9 0 0 0 0 SW 0.0 0.0 0:01 kswapd
Code: Alles auswählen
Oct 10 13:17:34 dmail amavisd[13948]: starting. amavisd new-20020517 Tue Aug 20 13:37:12 EST 2002
Oct 10 13:17:34 dmail amavisd[13949]: Process Backgrounded
Oct 10 13:17:34 dmail amavisd[13949]: 2002/10/10-13:17:34 Amavis (type Net::Server::PreForkSimple) starting! pid(13949)
Oct 10 13:17:34 dmail amavisd[13949]: Binding to UNIX socket file /var/run/amavis/amavisd.sock using SOCK_STREAM
Oct 10 13:17:34 dmail amavisd[13949]: Binding to TCP port 10024 on host 127.0.0.1
Oct 10 13:17:34 dmail amavisd[13949]: Setting gid to "65534 65534"
Oct 10 13:17:34 dmail amavisd[13949]: Setting uid to "102"
Oct 10 13:18:07 dmail amavisd[13950]: (XXN6oUD7) AM.CL /var/lib/amavis/amavis-XXN6oUD7: <erwin@xyz.at> -> <erwin@dmail.xyz.at>
Oct 10 13:18:07 dmail amavisd[13950]: (XXN6oUD7) Checking: <erwin@xyz.at> -> <erwin@dmail.xyz.at>
Oct 10 13:18:08 dmail amavisd[13950]: (XXN6oUD7) spam_scan: No, hits=0.0 tests=, <erwin@xyz.at>
Oct 10 13:18:08 dmail amavisd[13950]: (XXN6oUD7) fwd via pipe: <erwin@xyz.at> -> <erwin@dmail.xyz.at>
Oct 10 13:18:08 dmail amavisd[13950]: (XXN6oUD7) mail checking ended: DELIVERED
Code: Alles auswählen
2002-10-10 13:18:07 17zbKR-0003d2-00 <= erwin@xyz.at H=mail.yxz.at [193.170.154.36] P=esmtp S=731 id=Pine.LNX.4.33.0210101319200.1002-100000@argos.xyz.at
2002-10-10 13:18:08 17zbKS-0003dA-00 <= erwin@xyz.at U=amavis P=scanned-ok S=1017 id=Pine.LNX.4.33.0210101319200.1002-100000@argos.xyz.at
2002-10-10 13:18:08 17zbKR-0003d2-00 => erwin <erwin@dmail.xyz.at> D=amavis_director T=amavis
2002-10-10 13:18:08 17zbKR-0003d2-00 Completed
2002-10-10 13:18:08 17zbKS-0003dA-00 => erwin <erwin@dmail.xyz.at> D=localuser T=local_delivery
2002-10-10 13:18:08 17zbKS-0003dA-00 Completed
Wenn ich mir aber den Eicar testvirus schicke schaut das so aus:
/var/lib/amavis/amavis.log:
Code: Alles auswählen
Oct 10 13:29:27 dmail amavisd[13951]: (XXsane1c) AM.CL /var/lib/amavis/amavis-XXsane1c: <erwin@xyz.at> -> <erwin@dmail.xyz.at>
Oct 10 13:29:27 dmail amavisd[13951]: (XXsane1c) Checking: <erwin@xyz.at> -> <erwin@dmail.xyz.at>
und /var/log/exim/mainlog :
Code: Alles auswählen
2002-10-10 13:29:22 17zbVJ-0003dV-00 <= erwin@zsi.at H=mail.xyz.at [193.170.154.36] P=esmtp S=1494 id=Pine.LNX.4.33.0210101329570.1002-101000@argos.xyz.at
Änderungen, die ich an Conf-Files vorgenommen habe:
/etc/exim/exim.conf:
Maildir-Support;
sowie Cut'n Paste aus .../doc/amavis-exim/README.exim.old
/etc/amavisd.conf :
Code: Alles auswählen
(...)
# FRISK F-Prot
$fprot = "/usr/local/bin/f-prot -disinf";
(...)
#
# Part II - Logging
#
# Create debugging output - yes: log to stderr; no: log to syslog/file
$DEBUG = "no"; # uncomment to override the default in amavisd
# yes - syslog, no - file logging
$DO_SYSLOG = "no";
# Directory to put log entries (if not using syslog)
$LOGDIR = "/var/lib/amavis";
$LOGFILE = "amavis.log";
(...)Erwin