[Pkg-clamav-devel] Bug#543309: local socket clamav-milter.ctl unsafe - milter set to error state

Mark Rushing mark at orbislumen.net
Mon Aug 24 06:34:09 UTC 2009


Package: clamav-milter
Version: 0.95.2+dfsg-1~volatile1
Severity: grave
Justification: renders package unusable


clamav-milter installs an m4 macro in /etc/mail/m4/clamav-milter.m4

The installation documentation says to include this macro in your sendmail.mc file.

Doing so will result in clamav-milter not working, with errors for each incoming email, as follows:

Milter (clamav): local socket name /var/run/clamav/clamav-milter.ctl unsafe
Milter (clamav): to error state

This happens because the clamav-milter.m4 macro has the following line:

INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav/clamav-milter.ctl, F=, T=S:4m;R:4m')dnl

That line points to a non-existent socket. The actual socket name is, instead, 'milter.ctl'.

The bug is fixed by changing the clamav-milter.m4 line to read instead:

INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav/milter.ctl, F=, T=S:4m;R:4m')dnl

Sorry, I've been meaning to report this for a long time - just getting tired of always having to correct it... ;)

Mark

-- Package-specific info:
--- configuration ---
Checking configuration files in /etc/clamav

Config file: clamd.conf
-----------------------
LogFile = "/var/log/clamav/clamav.log"
LogFileUnlock disabled
LogFileMaxSize disabled
LogTime = "yes"
LogClean disabled
LogSyslog disabled
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
PidFile = "/var/run/clamav/clamd.pid"
TemporaryDirectory disabled
DatabaseDirectory = "/var/lib/clamav"
LocalSocket = "/var/run/clamav/clamd.ctl"
FixStaleSocket = "yes"
TCPSocket disabled
TCPAddr disabled
MaxConnectionQueueLength = "15"
StreamMaxLength = "10485760"
StreamMinPort = "1024"
StreamMaxPort = "2048"
MaxThreads = "12"
ReadTimeout = "180"
CommandReadTimeout = "5"
SendBufTimeout = "200"
MaxQueue = "100"
IdleTimeout = "30"
ExcludePath disabled
MaxDirectoryRecursion = "15"
FollowDirectorySymlinks disabled
FollowFileSymlinks disabled
SelfCheck = "3600"
VirusEvent disabled
ExitOnOOM disabled
Foreground disabled
Debug disabled
LeaveTemporaryFiles disabled
User = "clamav"
AllowSupplementaryGroups = "yes"
DetectPUA disabled
ExcludePUA disabled
IncludePUA disabled
AlgorithmicDetection = "yes"
ScanPE = "yes"
ScanELF = "yes"
DetectBrokenExecutables disabled
ScanMail = "yes"
MailFollowURLs disabled
ScanPartialMessages disabled
PhishingSignatures = "yes"
PhishingScanURLs = "yes"
PhishingAlwaysBlockCloak disabled
PhishingAlwaysBlockSSLMismatch disabled
HeuristicScanPrecedence disabled
StructuredDataDetection disabled
StructuredMinCreditCardCount = "3"
StructuredMinSSNCount = "3"
StructuredSSNFormatNormal = "yes"
StructuredSSNFormatStripped disabled
ScanHTML = "yes"
ScanOLE2 = "yes"
ScanPDF = "yes"
ScanArchive = "yes"
ArchiveBlockEncrypted disabled
MaxScanSize = "104857600"
MaxFileSize = "26214400"
MaxRecursion = "16"
MaxFiles = "10000"
ClamukoScanOnAccess disabled
ClamukoScanOnOpen disabled
ClamukoScanOnClose disabled
ClamukoScanOnExec disabled
ClamukoIncludePath disabled
ClamukoExcludePath disabled
ClamukoMaxFileSize = "5242880"
DevACOnly disabled
DevACDepth disabled

Config file: freshclam.conf
---------------------------
LogFileMaxSize disabled
LogTime disabled
LogSyslog disabled
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
PidFile = "/var/run/clamav/freshclam.pid"
DatabaseDirectory = "/var/lib/clamav/"
Foreground disabled
Debug disabled
AllowSupplementaryGroups disabled
UpdateLogFile = "/var/log/clamav/freshclam.log"
DatabaseOwner = "clamav"
Checks = "24"
DNSDatabaseInfo = "current.cvd.clamav.net"
DatabaseMirror = "db.local.clamav.net", "database.clamav.net", "db.us.clamav.net"
MaxAttempts = "5"
ScriptedUpdates = "yes"
CompressLocalDatabase disabled
HTTPProxyServer disabled
HTTPProxyPort disabled
HTTPProxyUsername disabled
HTTPProxyPassword disabled
HTTPUserAgent disabled
NotifyClamd = "/etc/clamav/clamd.conf"
OnUpdateExecute disabled
OnErrorExecute disabled
OnOutdatedExecute disabled
LocalIPAddress disabled
ConnectTimeout = "30"
ReceiveTimeout = "30"
SubmitDetectionStats disabled
DetectionStatsCountry disabled
SafeBrowsing disabled

Config file: clamav-milter.conf
-------------------------------
LogFile disabled
LogFileUnlock disabled
LogFileMaxSize = "1048576"
LogTime disabled
LogSyslog = "yes"
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
PidFile = "/var/run/clamav/clamav-milter.pid"
TemporaryDirectory = "/tmp"
FixStaleSocket = "yes"
MaxThreads = "10"
ReadTimeout = "180"
Foreground disabled
User = "clamav"
AllowSupplementaryGroups = "yes"
MaxFileSize = "26214400"
ClamdSocket = "unix:/var/run/clamav/clamd.ctl"
MilterSocket = "/var/run/clamav/milter.ctl"
LocalNet disabled
OnClean = "Accept"
OnInfected = "Quarantine"
OnFail = "Defer"
RejectMsg disabled
AddHeader = "Replace"
Chroot disabled
Whitelist disabled
SkipAuthenticated disabled
LogInfected = "Off"

Software settings
-----------------
Version: 0.95.2
Optional features supported: MEMPOOL IPv6 FRESHCLAM_DNS_FIX AUTOIT_EA06 BZIP2 
Database directory: /var/lib/clamav/
main.cld: version 51, sigs: 545035, built on Thu May 14 07:28:45 2009
daily.cld: version 9729, sigs: 66755, built on Sun Aug 23 14:10:46 2009

--- data dir ---
total 50068
-rw-r--r-- 1 clamav clamav  4121088 2009-08-23 14:25 daily.cld
-rw-r--r-- 1 clamav clamav 47079936 2009-05-14 08:25 main.cld
-rw------- 1 clamav clamav     1768 2009-08-23 23:25 mirrors.dat

-- System Information:
Debian Release: 5.0.2
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages clamav-milter depends on:
ii  adduser          3.110                   add and remove users and groups
ii  clamav-base      0.95.2+dfsg-1~volatile1 anti-virus utility for Unix - base
ii  clamav-freshclam 0.95.2+dfsg-1~volatile1 anti-virus utility for Unix - viru
ii  debconf [debconf 1.5.24                  Debian configuration management sy
ii  libc6            2.7-18                  GNU C Library: Shared libraries
ii  libmilter1.0.1   8.14.3-5                Sendmail Mail Filter API (Milter)
ii  logrotate        3.7.1-5                 Log rotation utility
ii  lsb-base         3.2-20                  Linux Standard Base 3.2 init scrip
ii  ucf              3.0016                  Update Configuration File: preserv
ii  zlib1g           1:1.2.3.3.dfsg-12       compression library - runtime

Versions of packages clamav-milter recommends:
ii  clamav-daemon    0.95.2+dfsg-1~volatile1 anti-virus utility for Unix - scan

Versions of packages clamav-milter suggests:
pn  clamav-docs                   <none>     (no description available)
pn  daemon                        <none>     (no description available)

-- debconf information:
  clamav-milter/LogFile: none
  clamav-milter/LogSyslog: true
  clamav-milter/MilterSocket: /var/run/clamav/milter.ctl
  clamav-milter/OnInfected: Quarantine
  clamav-milter/User: clamav
  clamav-milter/MaxFileSize: 25
  clamav-milter/LogInfected: Off
  clamav-milter/FixStaleSocket: true
  clamav-milter/LogFileUnlock: false
  clamav-milter/Chroot:
  clamav-milter/ReadTimeout: 180
  clamav-milter/OnClean: Accept
  clamav-milter/AddGroups:
  clamav-milter/LogFileMaxSize: 0
  clamav-milter/OnFail: Defer
  clamav-milter/LocalNet:
  clamav-milter/debconf: true
  clamav-milter/LogTime: true
  clamav-milter/RejectMsg:
  clamav-milter/TemporaryDirectory: /tmp
  clamav-milter/LogFacility: LOG_LOCAL6
  clamav-milter/ClamdSocket: unix:/var/run/clamav/clamd.ctl
  clamav-milter/PidFile: /var/run/clamav/clamav-milter.pid
  clamav-milter/Foreground: false
  clamav-milter/AddHeader: Replace
  clamav-milter/LogVerbose: false
  clamav-milter/Whitelist:





More information about the Pkg-clamav-devel mailing list