New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] Symbol or soft reject when clamd unix socket is down #2899
Comments
hi @vstakhov We wonder when the fix will be released, thank in advance |
In Rspamd 2.0. ETA ~2 months, might be more. |
For the record what do you plan to make, add a symbol when the Linux socket is down or reject softly the emails that we cannot scan ? The symbol should be the most common way I think, thank again for your inputs. |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
please don't close until rspamd 2.0 |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
need to check if V2 solves this issue...really thank you |
this seems to be fixed with rspamd v2.1 a big really thank you
|
set closed |
Prerequisites
Describe the bug
Nethserver (CentOS clone), uses when it is possible the Unix socket to communicate with the services rather a TCP socket. We have an issue when the Unix socket of Clamav is not existing anymore, Rspamd announces the failed status in maillog about the dead unix socket, but the Clamav lua script scanner does not add the symbol
CLAM_VIRUS_FAIL
.Steps to Reproduce
set clamd to create a unix socket in
/etc/clamd.d/rspamd.conf
LocalSocket /var/run/clamd@rspamd/clamav
Use clamd with a TCP socket in
/etc/rspamd/local.d/antivirus.conf
servers = "/var/run/clamd@rspamd/clamav";
[Second Step]
stop clamd manually
systemctl stop clamd@rspamd
[third step]
Send you an email with an attachment that it will be scanned, you have the full log transaction
The Clamav lua script is not called I suppose because Rspamd failed to connect to the unix socket of clamd
Expected behavior
When you use a TCP socket, Rspamd expects that the service could not be reachable, then if the Clamd service does not answer, the SYMBOL
CLAM_VIRUS_FAIL
is added (this symbol can be used to do a force_action after). But when Rspamd cannot connect to the Unix socket of Clamd, apart a maillog warning, nothing is done.We would like to make a soft reject of emails if Rspamd cannot contact Clamd, this is our security mail policy.
The simple workaround is to use now a TCP socket with Clamd, but we wonder if it is not an issue to fix, for example if Postfix cannot use the Unix socket of Rspamd, the policy is to soft reject all received emails.
Versions
CENTOS_7.6
RSPAMD 1.9.2-1
Additional Information
The text was updated successfully, but these errors were encountered: