Hi @wbilger
Could it be possible to get the full maillog by email
Stephdl at de-labrusse.fr
For sure, just sent.
Got it really appreciated, I think I found why
@wbilger could you update more the timeout
clamav reload needs 20 seconds to reload its DB, I can see that your timeout occurred between the
Feb 3 11:40:03 lrtserv-data clamd[3067]: Reading databases from /var/lib/clamav
....
Feb 3 11:40:22 lrtserv-data clamd[3067]: Database correctly reloaded (6905865 signatures)
in my idea for your server, we need a timeout around 20 seconds, but your server seems fast…what about a tiny one
You asked about whitelist, I see in your log that the IP 127.0.0.1 has matched the map Matched map: FROM_SUBDOMAINS_WHITELIST so it should work and has been accepted
could you show us what definition of clamav do you use, does the legacy signatures are off or on
So, do I changed timeout to 20s, or a tiny one. I did change to 20s and will report back tomorrow, as I am still have timeouts on some emails (most without even any attachments) with task_timeout = 15s
I have made no changes to the default install.
In the ClamAV settings, “ClamAV official signatures” is checked, and “Third-party signatrues rating” is set to Low.
Just uncheck it, the reload will be much much faster (it’s the new default).
Ok, thanks. So this could be why I have timeouts on some messages? Would I maybe not need to change task_timeout from 8s to higher then?
Also, should Third-party signatures rating be set to Low?
This is one of the causes.
It shouldn’t be, but I let answer @stephdl and @davidep on this.
Low is fine 
I asked to upstream, need to wait after, the quick fix now is to increase the timeout to 25s.
In fact when rspamd cannot contact clamd, it fails with a symbol but never by a timeout, however with rspamc it is different, if clamav is not able to be reachable, then the task_timout ends the transaction.
I have maybe a better idea, we introduced with rspamd2 a value which is not from upstream
in /etc/rspamd/rspamd.conf
# Emit soft reject when timeout takes place
soft_reject_on_timeout = true;
the default is false
could you go back to the default timeout 8s and set to false the soft_reject_on_timeout
think to restart the rspamd
validated on my server, rspamc wait that the end of clamav reloading
I just made this change, thanks, this sounds good.
I will report that I have been at task_timeout = 8s most of the day today, since the suggested unchecking of “ClamAV official signatures” as suggested, and received no timeouts. So, I think that had something to do with it I believe. Not sure if for debugging purposes I shoud re-check that box, but if that is the new default I would not want it checked anyway.
Was going to update at the end of the day, but it’s only an hour away now.
No timeouts, I have had ZERO soft rejects since I made the change.
Please note that I also unchecked “ClamAV official signatures” from ClamAV settings as suggested yesterday morning and never received any after that before changing soft_reject_on_timeout, so not sure what had the most affect. If you would like me to run a day with ClamAV official signatures back on I can do that if you want, if it gives yo more info.
Either way, it’s working great now.
1 Like
Yes please try to enable them again!
I bet you’ll get back the soft rejects and the discarded messages
1 Like
Ok, I’ll update tomorrow.
1 Like
Do you have any news?
Meanwhile, there is a bug fix to test.
Ensure there are no local modification to the rspamd configuration. Then you could install it with
yum --enablerepo=nethserver-testing update nethserver-mail\*
More information here:
POP3 connector discards mail during ClamAV reloads · Issue #6052 · NethServer/dev · GitHub