Could it be possible to get the full maillog by email
Stephdl at de-labrusse.fr
For sure, just sent.
Got it really appreciated, I think I found why
@wbilger could you update more the timeout
clamav reload needs 20 seconds to reload its DB, I can see that your timeout occurred between the
Feb 3 11:40:03 lrtserv-data clamd: Reading databases from /var/lib/clamav .... Feb 3 11:40:22 lrtserv-data clamd: Database correctly reloaded (6905865 signatures)
in my idea for your server, we need a timeout around 20 seconds, but your server seems fast…what about a tiny one
You asked about whitelist, I see in your log that the IP 127.0.0.1 has matched the map
Matched map: FROM_SUBDOMAINS_WHITELIST so it should work and has been accepted
could you show us what definition of clamav do you use, does the legacy signatures are off or on
So, do I changed timeout to 20s, or a tiny one. I did change to 20s and will report back tomorrow, as I am still have timeouts on some emails (most without even any attachments) with task_timeout = 15s
I have made no changes to the default install.
In the ClamAV settings, “ClamAV official signatures” is checked, and “Third-party signatrues rating” is set to Low.
cc @giacomo could you advice on clamav settings
Just uncheck it, the reload will be much much faster (it’s the new default).
Ok, thanks. So this could be why I have timeouts on some messages? Would I maybe not need to change task_timeout from 8s to higher then?
Also, should Third-party signatures rating be set to Low?
This is one of the causes.
Low is fine
I asked to upstream, need to wait after, the quick fix now is to increase the timeout to 25s.
In fact when rspamd cannot contact clamd, it fails with a symbol but never by a timeout, however with rspamc it is different, if clamav is not able to be reachable, then the task_timout ends the transaction.
I have maybe a better idea, we introduced with rspamd2 a value which is not from upstream
# Emit soft reject when timeout takes place soft_reject_on_timeout = true;
the default is
could you go back to the default timeout
8s and set to
think to restart the rspamd
validated on my server, rspamc wait that the end of clamav reloading
I just made this change, thanks, this sounds good.
I will report that I have been at task_timeout = 8s most of the day today, since the suggested unchecking of “ClamAV official signatures” as suggested, and received no timeouts. So, I think that had something to do with it I believe. Not sure if for debugging purposes I shoud re-check that box, but if that is the new default I would not want it checked anyway.
what is the results with
task_timout = 8s;
soft_reject_on_timeout = false;
Was going to update at the end of the day, but it’s only an hour away now.
No timeouts, I have had ZERO soft rejects since I made the change.
Please note that I also unchecked “ClamAV official signatures” from ClamAV settings as suggested yesterday morning and never received any after that before changing soft_reject_on_timeout, so not sure what had the most affect. If you would like me to run a day with ClamAV official signatures back on I can do that if you want, if it gives yo more info.
Either way, it’s working great now.
Yes please try to enable them again!
I bet you’ll get back the soft rejects and the discarded messages
Ok, I’ll update tomorrow.
Do you have any news?
Meanwhile, there is a bug fix to test.
Ensure there are no local modification to the rspamd configuration. Then you could install it with
yum --enablerepo=nethserver-testing update nethserver-mail\*
More information here: