Problems with Kopano/Postfix/Spam/Antivir

Hi@all,

As far as I know Kopano uses the UCS services (Postfix, Spam, Antivir). So it should not be a Kopano specific problem …

I have reinstalled Gerstern a VM (on which only Kopano is running) as UCS member. The VM existed before on another virtualization host (same hostname, same MAC). I backed up all data there, shut down the VM and reinstalled it on the new KVM host.

Then I installed the Kopano packages (core, webapp) and imported the data.

I entered the support key and updated all packages.

At the end the following adjustments were made:

ucr set mail/localmailboxsizelimit=0
ucr set apache2/force_https=yes
ucr set kopano/cfg/ical/icals_enable=yes
ucr set kopano/cfg/server/server_listen=:236
ucr set kopano/repo/username='serial'
ucr set mail/relayauth=yes
ucr set mail/relayhost=[FQH des externen Relay]
ucr set mail/messagesizelimit=40960000

Finally Postfix configured for the external relay:

/etc/postfix/smtp_auth
[FQH des externen Relay] [Benutzer]:[Passwort]

postmap /etc/postfix/smtp_auth

Reboot the VM

In this state I cannot send mails via Webapp. In the logfile:

Jun 18 18:40:55 saturn kopano-server[1736]: Error while connecting to search on "file:///var/run/kopano/search.sock"
Jun 18 18:40:55 saturn kopano-server[1736]: Error while connecting to search on "file:///var/run/kopano/search.sock"
Jun 18 18:41:18 saturn postfix/qmgr[14416]: 3EBEF5640: from=<sepp@meier.de>, size=2349, nrcpt=1 (queue active)
Jun 18 18:41:18 saturn postfix/smtp[17374]: warning: database /etc/postfix/tls_policy.db is older than source file /etc/postfix/tls_policy
Jun 18 18:41:18 saturn postfix/smtp[17374]: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
Jun 18 18:41:18 saturn postfix/smtp[17374]: 3EBEF5640: to=<sepp@meier.de>, relay=none, delay=456, delays=456/0.02/0/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)

Then I have found here in the forum various contributions that it is connected with the spam or the virus filter.

If I switch this off:

ucr set mail/antivir=no
systemctl restart postfix

I can easily send mails. How can I solve the problem so that I can turn on the antivirus again?

with best
Sven

Hi @pixel,

the issue is likely unrelated to your migration (or Kopano in general). I’d check what is printed in the mail log, when you restart Amavis.

Yeah, I thought so. Just wanted to give some background on what I was doing.

root@saturn:~# service amavis restart
...
Jun 19 14:14:44 saturn systemd[1]: Starting LSB: Starts amavisd-new mailfilter...
Jun 19 14:14:45 saturn amavis[24577]: starting. /usr/sbin/amavisd-new at saturn.stedry.local amavisd-new-2.10.1 (20141025), Unicode aware, LC_ALL="C", LANG="de_DE.UTF-8"
Jun 19 14:14:45 saturn amavis[24612]: Net::Server: Group Not Defined.  Defaulting to EGID '125 125'
Jun 19 14:14:45 saturn amavis[24612]: Net::Server: User Not Defined.  Defaulting to EUID '119'
Jun 19 14:14:45 saturn amavis[24612]: Module Amavis::Conf        2.404
Jun 19 14:14:45 saturn amavis[24612]: Module Archive::Zip        1.59
Jun 19 14:14:45 saturn amavis[24612]: Module BerkeleyDB          0.55
Jun 19 14:14:45 saturn amavis[24612]: Module Compress::Raw::Zlib 2.069
Jun 19 14:14:45 saturn amavis[24612]: Module Compress::Zlib      2.069001
Jun 19 14:14:45 saturn amavis[24612]: Module Crypt::OpenSSL::RSA 0.28
Jun 19 14:14:45 saturn amavis[24612]: Module DB_File             1.835
Jun 19 14:14:45 saturn amavis[24612]: Module Digest::MD5         2.54
Jun 19 14:14:45 saturn amavis[24566]: Starting amavisd: amavisd-new.
Jun 19 14:14:45 saturn systemd[1]: Started LSB: Starts amavisd-new mailfilter.
Jun 19 14:14:45 saturn amavis[24612]: Module Digest::SHA         5.95_01
Jun 19 14:14:45 saturn amavis[24612]: Module Encode              2.80_01
Jun 19 14:14:45 saturn amavis[24612]: Module File::Temp          0.2304
Jun 19 14:14:45 saturn amavis[24612]: Module IO::Socket::INET6   2.72
Jun 19 14:14:45 saturn amavis[24612]: Module IO::Socket::IP      0.37
Jun 19 14:14:45 saturn amavis[24612]: Module MIME::Entity        5.508
Jun 19 14:14:45 saturn amavis[24612]: Module MIME::Parser        5.508
Jun 19 14:14:45 saturn amavis[24612]: Module MIME::Tools         5.508
Jun 19 14:14:45 saturn amavis[24612]: Module Mail::DKIM::Verifier 0.4
Jun 19 14:14:45 saturn amavis[24612]: Module Mail::Header        2.18
Jun 19 14:14:45 saturn amavis[24612]: Module Mail::Internet      2.18
Jun 19 14:14:45 saturn amavis[24612]: Module Mail::SPF           v2.009
Jun 19 14:14:45 saturn amavis[24612]: Module Mail::SpamAssassin  3.004002
Jun 19 14:14:45 saturn amavis[24612]: Module Net::DNS            1.07
Jun 19 14:14:45 saturn amavis[24612]: Module Net::LibIDN         0.12
Jun 19 14:14:45 saturn amavis[24612]: Module Net::Server         2.008
Jun 19 14:14:45 saturn amavis[24612]: Module NetAddr::IP         4.079
Jun 19 14:14:45 saturn amavis[24612]: Module Scalar::Util        1.4202
Jun 19 14:14:45 saturn amavis[24612]: Module Socket              2.020_03
Jun 19 14:14:45 saturn amavis[24612]: Module Socket6             0.27
Jun 19 14:14:45 saturn amavis[24612]: Module Time::HiRes         1.9733
Jun 19 14:14:45 saturn amavis[24612]: Module URI                 1.71
Jun 19 14:14:45 saturn amavis[24612]: Module Unix::Syslog        1.1
Jun 19 14:14:45 saturn amavis[24612]: Amavis::ZMQ code     NOT loaded
Jun 19 14:14:45 saturn amavis[24612]: Amavis::DB code      loaded
Jun 19 14:14:45 saturn amavis[24612]: SQL base code        NOT loaded
Jun 19 14:14:45 saturn amavis[24612]: SQL::Log code        NOT loaded
Jun 19 14:14:45 saturn amavis[24612]: SQL::Quarantine      NOT loaded
Jun 19 14:14:45 saturn amavis[24612]: Lookup::SQL code     NOT loaded
Jun 19 14:14:45 saturn amavis[24612]: Lookup::LDAP code    NOT loaded
Jun 19 14:14:45 saturn amavis[24612]: AM.PDP-in proto code loaded
Jun 19 14:14:45 saturn amavis[24612]: SMTP-in proto code   loaded
Jun 19 14:14:45 saturn amavis[24612]: Courier proto code   NOT loaded
Jun 19 14:14:45 saturn amavis[24612]: SMTP-out proto code  loaded
Jun 19 14:14:45 saturn amavis[24612]: Pipe-out proto code  NOT loaded
Jun 19 14:14:45 saturn amavis[24612]: BSMTP-out proto code NOT loaded
Jun 19 14:14:45 saturn amavis[24612]: Local-out proto code loaded
Jun 19 14:14:45 saturn amavis[24612]: OS_Fingerprint code  NOT loaded
Jun 19 14:14:45 saturn amavis[24612]: ANTI-VIRUS code      loaded
Jun 19 14:14:45 saturn amavis[24612]: ANTI-SPAM code       loaded
Jun 19 14:14:45 saturn amavis[24612]: ANTI-SPAM-EXT code   NOT loaded
Jun 19 14:14:45 saturn amavis[24612]: ANTI-SPAM-C code     NOT loaded
Jun 19 14:14:45 saturn amavis[24612]: ANTI-SPAM-SA code    loaded
Jun 19 14:14:45 saturn amavis[24612]: Unpackers code       loaded
Jun 19 14:14:45 saturn amavis[24612]: DKIM code            NOT loaded
Jun 19 14:14:45 saturn amavis[24612]: Tools code           NOT loaded
Jun 19 14:14:45 saturn amavis[24612]: Found $file            at /usr/bin/file
Jun 19 14:14:45 saturn amavis[24612]: Found $altermime       at /usr/bin/altermime
Jun 19 14:14:45 saturn amavis[24612]: Internal decoder for .mail
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .F, tried: unfreeze, freeze -d, melt, fcat
Jun 19 14:14:45 saturn amavis[24612]: Found decoder for    .Z    at /bin/uncompress
Jun 19 14:14:45 saturn amavis[24612]: Found decoder for    .gz   at /bin/gzip -d
Jun 19 14:14:45 saturn amavis[24612]: Found decoder for    .bz2  at /bin/bzip2 -d
Jun 19 14:14:45 saturn amavis[24612]: Found decoder for    .xz   at /usr/bin/xz -dc
Jun 19 14:14:45 saturn amavis[24612]: Found decoder for    .lzma at /usr/bin/xz -dc --format=lzma
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .lrz, tried: lrzip -q -k -d -o -, lrzcat -q -k
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .lzo, tried: lzop -d
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .lz4, tried: lz4c -d
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .rpm, tried: rpm2cpio.pl, rpm2cpio
Jun 19 14:14:45 saturn amavis[24612]: Found decoder for    .cpio at /bin/pax
Jun 19 14:14:45 saturn amavis[24612]: Found decoder for    .tar  at /bin/pax
Jun 19 14:14:45 saturn amavis[24612]: Found decoder for    .deb  at /usr/bin/ar
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .rar, tried: rar, unrar
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .arj, tried: arj, unarj
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .arc, tried: nomarch, arc
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .zoo, tried: zoo
Jun 19 14:14:45 saturn amavis[24612]: Found decoder for    .doc  at /usr/bin/ripole
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .cab, tried: cabextract
Jun 19 14:14:45 saturn amavis[24612]: Internal decoder for .tnef
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .zip, tried: 7za, 7z
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .kmz, tried: 7za, 7z
Jun 19 14:14:45 saturn amavis[24612]: Internal decoder for .zip
Jun 19 14:14:45 saturn amavis[24612]: Internal decoder for .kmz
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .7z, tried: 7zr, 7za, 7z
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .jar, tried: 7z
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .arj, tried: 7z
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .rar, tried: 7z
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .swf, tried: 7z
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .lha, tried: 7z
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .iso, tried: 7z
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .cab, tried: 7z
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .rpm, tried: 7z
Jun 19 14:14:45 saturn amavis[24612]: No ext program for   .exe, tried: rar, unrar; lha; arj, unarj
Jun 19 14:14:45 saturn amavis[24612]: No decoder for       .7z
Jun 19 14:14:45 saturn amavis[24612]: No decoder for       .F
Jun 19 14:14:45 saturn amavis[24612]: No decoder for       .arc
Jun 19 14:14:45 saturn amavis[24612]: No decoder for       .arj
Jun 19 14:14:45 saturn amavis[24612]: No decoder for       .cab
Jun 19 14:14:45 saturn amavis[24612]: No decoder for       .exe
Jun 19 14:14:45 saturn amavis[24612]: No decoder for       .iso
Jun 19 14:14:45 saturn amavis[24612]: No decoder for       .jar
Jun 19 14:14:45 saturn amavis[24612]: No decoder for       .lha
Jun 19 14:14:45 saturn amavis[24612]: No decoder for       .lrz
Jun 19 14:14:45 saturn amavis[24612]: No decoder for       .lz4
Jun 19 14:14:45 saturn amavis[24612]: No decoder for       .lzo
Jun 19 14:14:45 saturn amavis[24612]: No decoder for       .rar
Jun 19 14:14:45 saturn amavis[24612]: No decoder for       .rpm
Jun 19 14:14:45 saturn amavis[24612]: No decoder for       .swf
Jun 19 14:14:45 saturn amavis[24612]: No decoder for       .zoo
Jun 19 14:14:45 saturn amavis[24612]: Using primary internal av scanner code for Clam Antivirus-clamd
Jun 19 14:14:45 saturn amavis[24612]: Deleting db files __db.001,__db.002,__db.003,snmp.db,nanny.db in /var/lib/amavis/db
Jun 19 14:14:45 saturn amavis[24612]: Creating db in /var/lib/amavis/db/; BerkeleyDB 0.55, libdb 5.3
Jun 19 14:14:45 saturn amavis[24612]: (!!)TROUBLE in pre_loop_hook: config: no rules were found!  Do you need to run 'sa-update'?
Jun 19 14:14:45 saturn amavis[24612]: (!)_DIE: Suicide () TROUBLE in pre_loop_hook: config: no rules were found!  Do you need to run 'sa-update'?

a (likely) explanation of the source of this problem is given in {fixed} Had an odd problem with UCS + Kopano (postfix/amavis.service/spamassassin.service.

Sorry, I forgot to write. Yeah, I tried that.

root@saturn:~# sa-update 
channel: no 'mirrors.updates.spamassassin.org' record found, channel failed

Internet connection works of course

Hi @pixel,

have you checked your network settings, especially the DNS servers and external DNS forwarder?

Had the same problem some time ago and setting the DNS forwarder helped me.

See also: Channel: no 'mirrors.updates.spamassassin.org' record found, channel failed

Regards
Martin

At the VM was:

DNS1 = IP From UCS Master
DNS2 = DNS from ADS (DNS server of the domain)

I switched this order and then it works. Strange is the internet, mail retrieval (everything via DNS names, not IP) worked all the time.

So done. Thanks a lot!