Preliminary Checks
Affected Component(s)
Rspamd antivirus scanning
What happened and when does this occur?
When an email is recieved I see the error:
ClamAV: failed to scan, maximum retransmits exceed
In the rspamd web ui, on the history page, in the errors section.
What did you expect to happen?
I don't expect to see that error, or I expect to see an error with Clamav somewhere.
How do we replicate the issue?
- Enable rspamd and clamav using
ENABLE_RSPAMD and ENABLE_CLAMAV in the environment vars.
- Receive an email
...
DMS version
v12.1.0
What operating system is DMS running on?
Linux
Which operating system version?
Ubuntu 20.04
What instruction set architecture is DMS running on?
AMD64 / x86_64
What container orchestration tool are you using?
Docker
compose.yaml
# I run via ansible but syntax is very similar to compose
- name: Start mail container
become: true
docker_container:
name: mail
image: ghcr.io/docker-mailserver/docker-mailserver:12
hostname: "{{ mail_hostname }}"
domainname: "{{ mail_domainname }}"
state: started
restart: true
restart_policy: unless-stopped
volumes:
- "{{ service_root }}/mail/mail/:/var/mail/"
- "{{ service_root }}/mail/mail-state/:/var/mail-state/"
- "{{ service_root }}/mail/mail-logs/:/var/log/mail/"
- "{{ service_root }}/mail/mail-config/:/tmp/docker-mailserver/"
# - "{{ service_root }}/mail/mail-config/dovecot/fts-xapian-plugin.conf:/etc/dovecot/conf.d/10-plugin.conf:ro"
- /etc/letsencrypt:/etc/letsencrypt
ports:
- "25:25"
- "143:143"
- "465:465"
- "587:587"
- "993:993"
- "995:995"
- "4190:4190"
- "11334:11334"
cpus: 1
capabilities:
- NET_ADMIN
- SYS_PTRACE
env: "{{ default_mail_env_yaml | combine(mail_env_yaml) }}"
container_default_behavior: no_defaultsRelevant log output
Startup logs on debug:
UG ] Logwatch reports disabled.
[ DEBUG ] Consolidating all state onto /var/mail-state
[ DEBUG ] Checking /var/mail permissions
[ DEBUG ] Removing files and directories from older versions
[ DEBUG ] Exporting environment variables now (creating '/etc/dms-settings')
[ DEBUG ] Setting up configuration checksum file
[ DEBUG ] Printing environment variables. Make sure no sensitive data is copied.
ACCOUNT_PROVISIONER='FILE'
AMAVIS_LOGLEVEL='0'
CLAMAV_MESSAGE_SIZE_LIMIT='25M'
DEFAULT_RELAY_HOST=''
DOVECOT_INET_PROTOCOLS='all'
DOVECOT_MAILBOX_FORMAT='maildir'
DOVECOT_TLS='no'
ENABLE_AMAVIS='0'
ENABLE_CLAMAV='1'
ENABLE_DNSBL='0'
ENABLE_FAIL2BAN='1'
ENABLE_FETCHMAIL='1'
ENABLE_MANAGESIEVE='1'
ENABLE_OPENDKIM='0'
ENABLE_OPENDMARC='0'
ENABLE_POLICYD_SPF='0'
ENABLE_POP3='0'
ENABLE_POSTGREY='0'
ENABLE_QUOTAS='0'
ENABLE_RSPAMD='1'
ENABLE_RSPAMD_REDIS='1'
ENABLE_SASLAUTHD='0'
ENABLE_SPAMASSASSIN='0'
ENABLE_SPAMASSASSIN_KAM='0'
ENABLE_SRS='0'
ENABLE_UPDATE_CHECK='1'
FAIL2BAN_BLOCKTYPE='drop'
FETCHMAIL_PARALLEL='0'
FETCHMAIL_POLL='60'
LOGROTATE_INTERVAL='weekly'
LOGWATCH_INTERVAL='none'
LOGWATCH_RECIPIENT='[email protected]'
LOGWATCH_SENDER='[email protected]'
LOG_LEVEL='debug'
MOVE_SPAM_TO_JUNK='1'
NETWORK_INTERFACE='eth0'
ONE_DIR='1'
OVERRIDE_HOSTNAME=''
PERMIT_DOCKER='network'
PFLOGSUMM_RECIPIENT='[email protected]'
PFLOGSUMM_SENDER='[email protected]'
PFLOGSUMM_TRIGGER='none'
POSTFIX_DAGENT=''
POSTFIX_INET_PROTOCOLS='all'
POSTFIX_MAILBOX_SIZE_LIMIT='0'
POSTFIX_MESSAGE_SIZE_LIMIT='102400000'
POSTFIX_REJECT_UNKNOWN_CLIENT_HOSTNAME='0'
POSTGREY_AUTO_WHITELIST_CLIENTS='5'
POSTGREY_DELAY='300'
POSTGREY_MAX_AGE='35'
POSTGREY_TEXT='Delayed by Postgrey'
POSTMASTER_ADDRESS='[email protected]'
POSTSCREEN_ACTION='enforce'
RELAY_HOST=''
REPORT_RECIPIENT='[email protected]'
REPORT_SENDER='[email protected]'
RSPAMD_GREYLISTING='0'
RSPAMD_HFILTER='1'
RSPAMD_HFILTER_HOSTNAME_UNKNOWN_SCORE='6'
RSPAMD_LEARN='1'
SA_KILL='6.31'
SA_SPAM_SUBJECT='***SPAM*****'
SA_TAG2='6.31'
SA_TAG='2.0'
SMTP_ONLY='0'
SPAMASSASSIN_SPAM_TO_INBOX='1'
SPOOF_PROTECTION='0'
SRS_DOMAINNAME='mydomain.tld'
SRS_EXCLUDE_DOMAINS=''
SRS_SECRET=''
SRS_SENDER_CLASSES='envelope_sender'
SSL_TYPE='letsencrypt'
SUPERVISOR_LOGLEVEL='warn'
TLS_LEVEL='intermediate'
TZ=''
UPDATE_CHECK_INTERVAL='1d'
VIRUSMAILS_DELETE_DELAY='7'
[ DEBUG ] Applying user patches
[ INF ] Starting daemons
[ DEBUG ] Starting cron
[ DEBUG ] Starting rsyslog
[ DEBUG ] Starting dovecot
[ DEBUG ] Starting update-check
[ DEBUG ] Starting rspamd-redis
[ DEBUG ] Starting rspamd
[ DEBUG ] Starting postfix
[ DEBUG ] Starting fail2ban
[ DEBUG ] Starting fetchmail
[ DEBUG ] Starting clamav
[ DEBUG ] Starting changedetector
[ INF ] mail.mydomain.tld is up and running
Log from recieving an email:
May 10 12:51:16 mail postfix/postscreen[1696]: CONNECT from [20.93.246.55]:48178 to [172.17.0.16]:25
May 10 12:51:16 mail postfix/postscreen[1696]: PASS OLD [20.93.246.55]:48178
May 10 12:51:17 mail postfix/smtpd[1697]: connect from mecsa.dcslab.eu[20.93.246.55]
May 10 12:51:17 mail postfix/smtpd[1697]: Anonymous TLS connection established from mecsa.dcslab.eu[20.93.246.55]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
May 10 12:51:17 mail postfix/smtpd[1697]: 2DACE9CFC6: client=mecsa.dcslab.eu[20.93.246.55]
May 10 12:51:17 mail postfix/cleanup[1705]: 2DACE9CFC6: message-id=<[email protected]>
May 10 12:51:17 mail postfix/qmgr[863]: 2DACE9CFC6: from=<[email protected]>, size=2030, nrcpt=1 (queue active)
May 10 12:51:17 mail postfix/smtpd[1697]: disconnect from mecsa.dcslab.eu[20.93.246.55] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
May 10 12:51:17 mail dovecot: lmtp(1708): Connect from local
May 10 12:51:17 mail dovecot: lmtp(rhys@mail)<1708><Nmn4N0WTW2SsBgAAn/CpQg>: sieve: msgid=<[email protected]>: stored mail into mailbox 'INBOX'
May 10 12:51:17 mail dovecot: lmtp(1708): Disconnect from local: Logged out (state=READY)
May 10 12:51:17 mail postfix/lmtp[1707]: 2DACE9CFC6: to=<rhys@mail>, orig_to=<[email protected]>, relay=mail.mydomain.tld[/var/run/dovecot/lmtp], delay=0.79, delays=0.73/0.02/0.01/0.02, dsn=2.0.0, status=sent (250 2.0.0 <rhys@mail> Nmn4N0WTW2SsBgAAn/CpQg Saved)
May 10 12:51:17 mail postfix/qmgr[863]: 2DACE9CFC6: removed
May 10 12:51:21 mail postfix/postscreen[1696]: CONNECT from [95.214.27.139]:63603 to [172.17.0.16]:25
May 10 12:51:21 mail postfix/postscreen[1696]: PREGREET 11 after 0.02 from [95.214.27.139]:63603: EHLO User\r\n
May 10 12:51:21 mail postfix/postscreen[1696]: DISCONNECT [95.214.27.139]:63603
Other relevant information
It looks like clamav is running:
❯ ps aux | grep clam
200 1698399 5.1 16.4 1546824 1310620 ? Sl 12:44 0:25 /usr/sbin/clamd -c /etc/clamav/clamd.conf
me 1702443 0.0 0.0 6432 2528 pts/0 R+ 12:52 0:00 grep --color=auto clam
But I don't see any errors anywhere else.
I actually don't know for sure if this worked for sure with spamassassin as I am not sure where the errors would surface there. I am unsure how to debug further.
Thank you for any help
What level of experience do you have with Docker and mail servers?
Improvements to this form?
No response
Preliminary Checks
Affected Component(s)
Rspamd antivirus scanning
What happened and when does this occur?
When an email is recieved I see the error:
In the rspamd web ui, on the history page, in the errors section.
What did you expect to happen?
I don't expect to see that error, or I expect to see an error with Clamav somewhere.
How do we replicate the issue?
ENABLE_RSPAMDandENABLE_CLAMAVin the environment vars....
DMS version
v12.1.0
What operating system is DMS running on?
Linux
Which operating system version?
Ubuntu 20.04
What instruction set architecture is DMS running on?
AMD64 / x86_64
What container orchestration tool are you using?
Docker
compose.yaml
Relevant log output
Log from recieving an email:
Other relevant information
It looks like clamav is running:
But I don't see any errors anywhere else.
I actually don't know for sure if this worked for sure with spamassassin as I am not sure where the errors would surface there. I am unsure how to debug further.
Thank you for any help
What level of experience do you have with Docker and mail servers?
Improvements to this form?
No response