Mail delivery problems related to ClamAV virus update (Jan 26 2018)

It seems the world awoke today to the surprise of a clamav virus definition file causing clamd to hit open file limits, effectively breaking the virus scanner, and breaking mail delivery for a lot of folks.
To address the issue on interworx servers, we’ve released a patched version of clamav that works around the problem, since an updated virus definitions file from clamav has not yet materialized.

The updated clamav packages have been released to the iworx-stable rpm release channel. To apply the update manually, run:

$ yum update clamav

Otherwise the update will be applied by interworx automatically as part of the daily maintenance cron.

For reference the discussion of the issue is ongoing on the clamav mailing list:

http://lists.clamav.net/pipermail/clamav-users/2018-January/005655.html

Paul

Pual Nice work with us

Hi

Good to see ClamAV updated to 99.3, including CVE patches

Kudos interworx

Many thanks

John

Is this ClamAV issue related to my new problem which began yesterday? Outside host names aren’t being resolved which means the license server can’t be reached meaning more trouble ahead.

The error when sending mail from a remote client (Thunderbird):

DNS temporary failure (#4.3.0).

Mail appears to send from Squirrelmail or Roundcube but messages are stuck in queue.

Yum update failing too.

I’m on ClamAV 99.3.

Help appreciated.

Hi Sysnop
I hope your well
I would check resolv.conf to make sure you have external dns listed (vi /etc/resolv.conf), if not add and save the following
nameserver 8.8.8.8
nameserver 8.8.4.4
you may need to restart network/server but I do not think so
whilst in ssh, can you test ping say google.com and does it work as expected
Your issue I do not believe is as a result of clamAV update to 99.3
Why yum update may fail I am not sure, perhpas need more info
Is your time on server correct, if not this needs correcting and what happens if you manually try to register with IW licence
service ntpd stop
ntpdate ntp.interworx.com
service ntpd start
/home/interworx/cron/license.pex
I hope that helps a little
Many thanks
John

Hi John,

The ClamAV issue must be bad timing just for an extra variable to throw me off. :eek: My problem wasn’t just mail transport, it’s DNS failure in general and it’s beginning to look like network problems on the ISP’s end.

Thanks!

Hi sysnop

Sounds like my type of luck

Good luck

Many thanks

John

Best of luck