Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Amavis and the suspended delivery issue

On Tuesday night we got hit with the status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]: Connection refused issue. Thanks to the great info here as well as Alex's excellent tutorials I was able to get things running again and updated amavisd-new, clamav, and spamassassin in the process.

I still need to tweak my amavisd.conf settings to get things running as well as they were before.

A concern I have is that in the SMTP log I get this message: (!!)WARN: all primary virus scanners failed, considering backups

The message still seems to get processed... so is this warning something that needs to be addressed? The only other issue I am seeing right now that concerns me is that I am getting nothing written to /var/log/amavis.log but that could just be that I have missed something in the conf file

The last entries to amavis.log are presumably when the service went down:
Jun 26 20:40:10 ferrari-moe.com /usr/bin/amavisd[19508]: (19508-10) ESMTP> 250 2.6.0 Ok, id=19508-10, from MTA: 250 Ok: queued as 4B5851071AD8
Jun 26 20:40:10 ferrari-moe.com /usr/bin/amavisd[19508]: (19508-10) idle_proc, 6: was busy, 2072.0 ms, total idle 1442.274 s, busy 22.742 s
Jun 26 20:40:10 ferrari-moe.com /usr/bin/amavisd[19508]: (19508-10) idle_proc, 5: was idle, 0.1 ms, total idle 1442.274 s, busy 22.742 s
Jun 26 20:40:10 ferrari-moe.com /usr/bin/amavisd[19508]: (19508-10) prolong_timer after reading SMTP command: remaining time = 0 s
Jun 26 20:40:10 ferrari-moe.com /usr/bin/amavisd[19508]: (19508-10) ESMTP< QUIT\r\n
Jun 26 20:40:10 ferrari-moe.com /usr/bin/amavisd[19508]: (19508-10) ESMTP> 221 2.0.0 [127.0.0.1] amavisd-new closing transmission channel
Jun 26 20:40:10 ferrari-moe.com /usr/bin/amavisd[19508]: (19508-10) post process_requesthook: timer stopped
Jun 26 20:40:10 ferrari-moe.com /usr/bin/amavisd[19508]: (19508-10) idle_proc, bye: was busy, 0.7 ms, total idle 1442.274 s, busy 22.743 s
Jun 26 20:40:10 ferrari-moe.com /usr/bin/amavisd[19508]: (19508-10) load: 2 %, total idle 1442.274 s, busy 22.743 s
Jun 26 20:40:10 ferrari-moe.com /usr/bin/amavisd[19508]: (19508-10) child finishhook: invoking DESTROY methods
Jun 26 20:40:10 ferrari-moe.com /usr/bin/amavisd[19508]: (19508-10) Amavis::In::SMTP::DESTROY called
Jun 26 20:40:10 ferrari-moe.com /usr/bin/amavisd[19508]: (19508-10) SMTP shutdown: empty tempdir is being removed: /var/amavis/amavis-20070626T201545-19508
Jun 26 20:40:10 ferrari-moe.com /usr/bin/amavisd[19508]: (19508-10) rmdir_recursively: /var/amavis/amavis-20070626T201545-19508, excl=
Jun 26 20:40:10 ferrari-moe.com /usr/bin/amavisd[19508]: (19508-10) rmdir_recursively: /var/amavis/amavis-20070626T201545-19508/parts, excl=0
Jun 26 20:40:10 ferrari-moe.com /usr/bin/amavisd[19508]: (19508-10) at the END handler: invoking DESTROY methods
Jun 26 20:40:10 ferrari-moe.com /usr/bin/amavisd[20154]: BerkeleyDB not available, using memory-based local cache
Jun 26 20:41:53 ferrari-moe.com /usr/bin/amavisd[25040]: Net::Server: 2007/06/26-20:41:53 Server closing!
Jun 26 20:41:53 ferrari-moe.com /usr/bin/amavisd[20154]: child finishhook: invoking DESTROY methods
Jun 26 20:41:53 ferrari-moe.com /usr/bin/amavisd[19531]: (19531-06) child finishhook: invoking DESTROY methods
Jun 26 20:41:53 ferrari-moe.com /usr/bin/amavisd[19531]: (19531-06) Amavis::In::SMTP::DESTROY called
Jun 26 20:41:53 ferrari-moe.com /usr/bin/amavisd[19531]: (19531-06) SMTP shutdown: empty tempdir is being removed: /var/amavis/amavis-20070626T202121-19531
Jun 26 20:41:53 ferrari-moe.com /usr/bin/amavisd[19531]: (19531-06) rmdir_recursively: /var/amavis/amavis-20070626T202121-19531, excl=
Jun 26 20:41:53 ferrari-moe.com /usr/bin/amavisd[20154]: at the END handler: invoking DESTROY methods
Jun 26 20:41:53 ferrari-moe.com /usr/bin/amavisd[25040]: at the END handler: invoking DESTROY methods
Jun 26 20:41:53 ferrari-moe.com /usr/bin/amavisd[19531]: (19531-06) rmdir_recursively: /var/amavis/amavis-20070626T202121-19531/parts, excl=0
Jun 26 20:41:53 ferrari-moe.com /usr/bin/amavisd[19531]: (19531-06) at the END handler: invoking DESTROY methods


by the way, we were on 10.4.9 before the mail service went down and took the opportunity to update to 10.4.10 since we were restarting anyway

PowerBook G4 1.67, Mac OS X (10.4.10), Intel MacPro

Posted on Jun 28, 2007 9:52 AM

Reply
5 replies

Jun 28, 2007 11:06 AM in response to Austin Sloat

I still need to tweak my amavisd.conf settings to get
things running as well as they were before.

A concern I have is that in the SMTP log I get this
message: (!!)WARN: all primary virus scanners
failed, considering backups


No concern, this is normal. Apple's default configuration doesn't use clamd (which would be amavisd's primary scanner), but clamscan (which amavisd picks up as its secondary).

Having said that, since you did update ClamAV as well, you could start using clamd, which is far more efficent and faster than clamscan. Instructions are given in my ClamAV tutorial.

The only other issue I am seeing right now that
concerns me is that I am getting nothing written to
/var/log/amavis.log but that could just be that I
have missed something in the conf file


Again, no concern here. Recent versions of amavisd default to writing into the syslog facility rather than their own. Unless you have a specific need for logging separately into amavis.log, I would keep it as is. (Having all in mail.log makes it easier to run stats should you decide so some day).

To revert to amavis.log, edit amavisd.conf and change:
$DO_SYSLOG = 1;
to
$DO_SYSLOG = 0;

also add:
$LOGFILE = "/var/log/amavis.log"


HTH,
Alex

Jun 28, 2007 11:45 AM in response to Austin Sloat

Thank Alex. I thought I had completed all the steps
in your tutorial. I will review it again though.


Chapter 5. - Additional features

By
the way, I confirmed that I cannot ping
zen.spamhaus.org from my server. The DNS servers we
use must be blocking them.


Not being able to ping doesn't mean a server is not reachable. Echoes from a ping are often blocked at the firewall.
If you see it working in your mail.log you are fine.
Besides, why should your DNS servers block them?

Amavis and the suspended delivery issue

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.