Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Administrators
Reload this Page Amavisd spiking and mta not responding

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 09-21-2010, 12:49 AM
Loyal Member
  
Posts: 82
Exclamation Amavisd spiking and mta not responding
I find this on my server.

scenario : Used to get frequent load spikes on server, and Amavisd is the top consumer. Sometimes mta hangs and postfix goes wild, message gets queued, eventually zmmtactl had to be restarted.
history : I am running 6.0.7, upgraded from 6.0.5
findings :

zmcontrol status shows all services running
antispam Running
antivirus Running
convertd Running
imapproxy Running
ldap Running
logger Running
mailbox Running
memcached Running
mta Running
snmp Running
spell Running
stats Running

Checked logs simultaneously when load spikes and i found this from clamd.log
-----------
-> /opt/zimbra/data/amavisd/tmp/amavis-20100921T094036-20936/parts/p002: Trojan.Agent-171592 FOUND
-> /opt/zimbra/data/amavisd/tmp/amavis-20100921T094036-20936/parts/p004: Trojan.Agent-171592 FOUND
-> /opt/zimbra/data/amavisd/tmp/amavis-20100921T093929-19186/parts/p002: Trojan.Downloader-97250 FOUND
-> /opt/zimbra/data/amavisd/tmp/amavis-20100921T094036-20936/parts/p002: Trojan.Downloader-97250 FOUND
----------

I further gave this and found amavisd, antivirus and mtaconfigctl not running .. ?? weird
Amavisd not working or what?
----
[root@server]# /opt/zimbra/bin/zmantivirusctl status
zmmtaconfigctl is not running
zmamavisdctl is not running
zmclamdctl is not running
[root@server ]#
----
or it shows only as zimbra user? su - zimbra?

I am begining to wonder if my installation was broken. Did i miss something? was amavisd and antivirus not installed? I had no info about it on zmsetup.log.
Last edited by mailman.33; 09-21-2010 at 01:15 AM..
Reply With Quote
  #2 (permalink)  
Old 09-21-2010, 12:56 AM
Loyal Member
  
Posts: 82
Default ??
Can anyone tell me how amavisd works ?
what measures should we take when clamd.log shows trojan found? How does amavisd prevent it?

or normally is that an alert after precautionary measure from amavisd?
Reply With Quote
  #3 (permalink)  
Old 09-21-2010, 02:13 AM
Loyal Member
  
Posts: 82
Default
gave a start to anitvirusctl and antivirus, mtaconfig, amavis and clamd were indeed running. seems i got messed with running as root user.

I guess its part of zimbra quarantine process that clamd.log says trojan found. it reads from the db and after looking into zimbra.log, i can see those mails were discarded. But still thinking what could cause amavis to hang.

* Confirmed, some mails with virus alerts, delivered to the account. Antivirus is missing something.
Last edited by mailman.33; 09-21-2010 at 04:15 AM..
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.