Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

In Progress [CPANEL-28012] Incomplete ClamAV Plugin Uninstall

Discussion in 'E-mail Discussion' started by gramzon, Jun 12, 2019.

Tags:
  1. gramzon

    gramzon Member

    Joined:
    Dec 4, 2017
    Messages:
    13
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Croatia
    cPanel Access Level:
    Root Administrator
    After uninstalling ClamAV plugin my Exim logs are flooded with messages like this:
    Code:
    malware acl condition: clamd /var/clamd : unable to connect to UNIX socket (/var/clamd): No such file or directory
    
    I tried to comment out the av_scanner line from /etc/exim.conf but then a different message started filling the logs:
    Code:
    malware acl condition: sophie /var/run/sophie : unable to connect to UNIX socket (/var/run/sophie)
    
    I can not find any option under Exim Configuration Manager that disables scanning
     
  2. gramzon

    gramzon Member

    Joined:
    Dec 4, 2017
    Messages:
    13
    Likes Received:
    2
    Trophy Points:
    3
    Location:
    Croatia
    cPanel Access Level:
    Root Administrator
    I was making changes to Exim routers and transport today via "Exim Configuration Manager" under advanced settings (setting up ESET mail scanner), and after saving changes the message no longer appears in the logs.
    Maybe the problem was that I restarted Exim with systemctl after commenting out av_scanner line from /etc/exim.conf, and not via the interface. I also noticed that now the line av_scanner is no longer present in the conf file (not even as a comment)
    On a side note, each incoming email shows up twice in "Mail Delivery Reports" since activating ESET mail scanner. Is this normal behavior?
     
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,528
    Likes Received:
    2,180
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @gramzon,

    Thanks for the additional information. I was able to reproduce the issue

    Internal case CPANEL-28012 is now open to address an issue where uninstalling the ClamAV plugin does not result in the removal of the "av_scanner = clamd:/var/clamd" line from /etc/exim.conf until the next time the Exim configuration file is built. This can lead to the following error seen in /var/log/exim_mainlog:

    The temporary workaround is to manually execute the following command immediately following the ClamAV uninstallation:

    Code:
    /scripts/buildeximconf
    I'll monitor the case and update this thread with more information on it's status as it becomes available.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice