Package: exim4-daemon-heavy Version: 4.69-9 Severity: normal
I'm getting errors in my /var/log/exim4/paniclog: 2009-05-28 20:15:17 1M9m0T-00059K-21 malware acl condition: clamd: connection to 172.20.2.91, port 1189 failed (Connection refused) 2009-05-28 20:18:42 1M9m3l-0005GE-PF malware acl condition: clamd: connection to 172.20.2.91, port 1114 failed (Connection refused) 2009-05-28 20:19:25 1M9m4T-0005GL-94 malware acl condition: clamd: connection to 172.20.2.91, port 1520 failed (Connection refused) 2009-05-28 20:20:09 1M9m5B-0005GQ-4V malware acl condition: clamd: connection to 172.20.2.91, port 1533 failed (Connection refused) 2009-05-28 20:20:37 1M9m5c-0005GV-Vu malware acl condition: clamd: connection to 172.20.2.91, port 1574 failed (Connection refused) 2009-05-28 20:24:40 1M9m9Y-0005Ga-L0 malware acl condition: clamd: connection to 172.20.2.91, port 1703 failed (Connection refused) 2009-05-28 20:26:15 1M9mB5-0005Gf-Bk malware acl condition: clamd: connection to 172.20.2.91, port 1426 failed (Connection refused) 2009-05-28 20:28:03 1M9mCl-0005Gk-9s malware acl condition: clamd: connection to 172.20.2.91, port 1221 failed (Connection refused) 2009-05-28 20:29:40 1M9mEN-0005Gp-Q4 malware acl condition: clamd: connection to 172.20.2.91, port 1966 failed (Connection refused) 2009-05-28 20:31:42 1M9mGJ-0005Gu-NB malware acl condition: clamd: connection to 172.20.2.91, port 1697 failed (Connection refused) Notice that the port varies, for some reason. What I think is relevant about my configuration is: (on the exim4 server) /etc/exim4/conf.d/main/01_exim4-config_listmacrosdefs-local: CHECK_DATA_LOCAL_ACL_FILE = CONFDIR/conf.d/local/acl_check_data /etc/exim4/conf.d/main/02_exim4-config_options-local: av_scanner = clamd:ichi 3310 /etc/exim4/conf.d/acl/40_exim4-config_check_data: .ifdef CHECK_DATA_LOCAL_ACL_FILE .include CHECK_DATA_LOCAL_ACL_FILE .endif /etc/exim4/conf.d/local/acl_check_data: deny add_header = X-Virus-Scanned: cla...@iguanasuicide.net message = This message was detected as possible malware ($malware_name). malware = */defer_ok /etc/hosts: 172.20.2.91 ichi.iguanasuicide.net ichi I looked at the package source, specifically malware.c and I didn't see anything immediately wrong. I also didn't notice any Debian patches to the file, so I suppose it could be an upstream issue, but I'm not sure. Please, let me know if I can provide any assistance in resolving the bug. - Package-specific info: Exim version 4.69 #1 built 30-Sep-2008 18:55:37 Copyright (c) University of Cambridge 2006 Berkeley DB: Berkeley DB 4.6.21: (September 27, 2007) Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc GnuTLS move_frozen_messages Content_Scanning Old_Demime Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql sqlite Authenticators: cram_md5 cyrus_sasl dovecot plaintext spa Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp Fixed never_users: 0 Size of off_t: 8 Configuration file is /var/lib/exim4/config.autogenerated # /etc/exim4/update-exim4.conf.conf # # Edit this file and /etc/mailname by hand and execute update-exim4.conf # yourself or use 'dpkg-reconfigure exim4-config' # # Please note that this is _not_ a dpkg-conffile and that automatic changes # to this file might happen. The code handling this will honor your local # changes, so this is usually fine, but will break local schemes that mess # around with multiple versions of the file. # # update-exim4.conf uses this file to determine variable values to replace # the DEBCONFsomethingDEBCONF strings in the configuration template files. # # Most settings found in here do have corresponding questions in the # Debconf configuration, but not all of them. # # This is a Debian specific file dc_eximconfig_configtype='internet' dc_other_hostnames='iguanasuicide.net;iguanasuicide.org;iguanasuicide.com' dc_local_interfaces='' dc_readhost='' dc_relay_domains='' dc_minimaldns='false' dc_relay_nets='172.20.0.0/16' dc_smarthost='' CFILEMODE='644' dc_use_split_config='true' dc_hide_mailname='' dc_mailname_in_oh='true' dc_localdelivery='dovecot_lda' mailname:iguanasuicide.net -- System Information: Debian Release: 5.0.1 APT prefers stable APT policy: (900, 'stable'), (700, 'testing'), (500, 'unstable'), (300, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.24-19-xen (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages exim4-daemon-heavy depends on: ii debconf [debconf-2.0] 1.5.24 Debian configuration management sy ii exim4-base 4.69-9 support files for all Exim MTA (v4 ii libc6 2.7-18 GNU C Library: Shared libraries ii libdb4.6 4.6.21-11 Berkeley v4.6 Database Libraries [ ii libgnutls26 2.4.2-6+lenny1 the GNU TLS library - runtime libr ii libldap-2.4-2 2.4.11-1 OpenLDAP libraries ii libmysqlclient15off 5.0.51a-24+lenny1 MySQL database client library ii libpam0g 1.0.1-5+lenny1 Pluggable Authentication Modules l ii libpcre3 7.6-2.1 Perl 5 Compatible Regular Expressi ii libperl5.10 5.10.0-19 Shared Perl library ii libpq5 8.3.7-0lenny1 PostgreSQL C client library ii libsasl2-2 2.1.22.dfsg1-23 Cyrus SASL - authentication abstra ii libsqlite3-0 3.5.9-6 SQLite 3 shared library exim4-daemon-heavy recommends no packages. exim4-daemon-heavy suggests no packages. -- debconf information: exim4-daemon-heavy/drec: -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
