[ZendTo] ClamAV fail

Pedrosi, Derek G. pedrosi at millercanfield.com
Wed Jul 25 17:04:08 BST 2018 

Suddenly, my drops are no longer being scanned by AV and users were unable to drop files.  No changes were made.
User see this...
Upload Error


The attempt to virus-scan your drop-off failed. Please notify the system administrator.




I've since disable AV scan from the preferences.php (it was 'clamdscan' => '/usr/bin/clamdscan --stdout --fdpass',) and now users can drop files.


The details...
>From ZendTo log...
2018-07-25 08:22:31 172.16.0.103 [XXXX]: Error: Virus scan of dropped-off files  /var/zendto/incoming/phpLfUrV9 /var/zendto/incoming/phpf6ExDv for USER failed with


>From the /var/log/clamav dir:
root at ZendTo5:/var/log/clamav# tail freshclam.log
Wed Jul 25 11:02:09 2018 -> --------------------------------------
Wed Jul 25 11:44:24 2018 -> Update process terminated
Wed Jul 25 11:44:25 2018 -> --------------------------------------
Wed Jul 25 11:44:25 2018 -> freshclam daemon 0.100.1 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Wed Jul 25 11:44:25 2018 -> ClamAV update process started at Wed Jul 25 11:44:25 2018
Wed Jul 25 11:44:25 2018 -> main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Wed Jul 25 11:44:25 2018 -> daily.cld is up to date (version: 24781, sigs: 2024541, f-level: 63, builder: neo)
Wed Jul 25 11:44:25 2018 -> bytecode.cld is up to date (version: 325, sigs: 90, f-level: 63, builder: neo)
Wed Jul 25 11:44:25 2018 -> --------------------------------------
root at ZendTo5:/var/log/clamav# tail clamav.log
Wed Jul 25 04:47:22 2018 -> SelfCheck: Database status OK.
Wed Jul 25 04:57:22 2018 -> SelfCheck: Database status OK.
Wed Jul 25 05:07:22 2018 -> SelfCheck: Database status OK.
Wed Jul 25 05:17:22 2018 -> SelfCheck: Database status OK.
Wed Jul 25 05:27:13 2018 -> Reading databases from /var/lib/clamav
Wed Jul 25 05:27:27 2018 -> Database correctly reloaded (6584590 signatures)
Wed Jul 25 05:37:27 2018 -> SelfCheck: Database status OK.
Wed Jul 25 05:47:27 2018 -> SelfCheck: Database status OK.
Wed Jul 25 05:57:27 2018 -> SelfCheck: Database status OK.
Wed Jul 25 06:05:55 2018 -> --- Stopped at Wed Jul 25 06:05:55 2018


Now, I can scan files manually via the command line...
clamscan --verbose  /var/log/
----------- SCAN SUMMARY -----------
Known viruses: 6584590
Engine version: 0.100.1
Scanned directories: 1
Scanned files: 43
Infected files: 0
Data scanned: 8.88 MB
Data read: 1.75 MB (ratio 5.07:1)
Time: 19.976 sec (0 m 19 s)



Anywhere else to look?

derek
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://jul.es/pipermail/zendto/attachments/20180725/927fc4fe/attachment-0001.html>

More information about the ZendTo mailing list