Scalix Forums

Hello,
I recently had the problem where freshclam updated the virus files for clamav. However when clamd saw the updated database, it tried to reload using the new database, but the database was corrupt. So clamd couldn't start again.

This meant that when the Service Router tried to process messages, it couldn't scan the message with clamd, and the messages got sent to the Corrupt Message (error) queue.

This is Scalix 11.0.2.23, clamav 0.90.1, Fedora Core 5

I am a complete novice to Scalix, (learning lots, but much more to learn yet!), and everything has been setup by following the documentation, so I believe this would be a fairly standard setup.
It's only been in for a week, and my testing system has been going for 3 weeks. Both systems got the same bad clamav update and experienced the same problem. I am concerned that this may happen again.

My question is: Is there any way that I can configure Scalix to ignore this error from clamd, and keep on processing messages ? Possibly with some type of timeout/error counter and then fall back to a 'no virus scanning' mode, relying then on the virus scanners on each pc.

I realise that Scalix is doing exactly what it is being told to do, so maybe I should just get rid of ClamAV.

Any thoughts anyone ?

Thanks,
Col

The ClamAV people have messed up a couple of times, but it hasn't been too bad and given that it's free the product quality is extremely high. Surely, you can go to Mcaffee or trendmicro if you need a product without this risk.

From a Scalix perspective, I do think we MUST behave like we behave. Most of our installations wouldnt really want to take the risk of getting email that has not been virus scanned into their systems. Therefore, if virus scanning, which is considered vital, does not work, we stop transporting messages, but queue them up for later resending.

you can certainly script around that, i.e. build a cron script that detects the situation and then moves away the ALL-ROUTES.VIR file to disable virus scanning. Not sure if it is advisable to do so. I would rather use something like ommaint that detects the general situation and notifies me for manual resolution as quickly as possible.

Florian.

Thanks florian,
I agree that Scalix should behave this way by default. I thought it may be handy to have a fall back mode that could be enabled. There are times when the customer won't be able to get hold of me for a week or so, and they don't have the skills or the confidence to try and fix something like this.
I wasn't aware that ommaint could inform me of a problem like this. I had thought that since the Service Router wasn't processing messages, I couldn't be notified. I will look into its use more.

It seems then that I was just unlucky to have a clamav problem so soon after installation.

Still learning/reading lots about Scalix......and thanks to you and the other Scalix people / general community, starting to get my head around how it all works (I think)

Cheers,
Col