Re: untote f-prots über amavis

To: Werner Detter <wd@ilum.org>, debian mailinglist <debian-user-german@lists.debian.org>
Subject: Re: untote f-prots über amavis
From: André Bischof <frisco@bischof.homelinux.net>
Date: Wed, 12 Oct 2005 12:50:23 +0200
Message-id: <[🔎] 434CEA6F.1080407@bischof.homelinux.net>
In-reply-to: <434CB58F.5030008@ilum.org>
References: <[🔎] 434BC31D.2050606@bischof.homelinux.net> <434CB58F.5030008@ilum.org>

Hallo Werner, hallo Liste,

Werner Detter schrieb:
...

Hi Andre,
ganz spontan würd ich dir dazu raten, amavis mal im Debug-Modus auf derKommandozeilezu starten (/usr/sbin/amavisd-new debug).

s.u. den Debug-Output, mittlerweile habe ich auch gefunden, das amavisein eigenes Logfile in /var/log hat.

Beide Virenscanner, f-prot primär, clamscan sekundär werden ohneProbleme erkannt (Output im letzten Viertel), das war aber auch vorherso. Man sieht auch, dass 2 Children gebildet werden, bis hierhin nichtsVerdächtiges.

Nach längerem Warten taucht dann aber erst ein, dann zweif-prot-Prozesse auf:


15430 amavis    19   0  2404 1080  916 R 23.7  0.1   3:04.21 f-prot
17456 amavis    25   0  2404 1080  916 R 23.7  0.1   0:31.26 f-prot

der Debug-Output verlängert sich um einige Einträge, dann kommt:

Oct 12 12:40:44 linux amavisd-new[15408]: (15408-01) Checking:<mysql-de-return-994-a.bischof=gmx.net@lists.mysql.com> -><frisco@localhost>Oct 12 12:40:44 linux amavisd-new[15408]: (15408-01) lookup_acl:key="frisco@localhost", no matchOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) lookup_acl:key="frisco@localhost", no matchOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) Extracting mimecomponentsOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) Issued a new filename: part-00001Oct 12 12:40:44 linux amavisd-new[15408]: (15408-01) mime_decode:Content-type: text/plain, name:Oct 12 12:40:44 linux amavisd-new[15408]: (15408-01) Charging 944 bytesto remaining quota 1448500 (out of 1448500, (0%)) - by mime_decodeOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) prolong_timer aftermime_decode-1: remaining time = 300 sOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) Checking for bannedMIME types and namesOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) check_for_banned -mime-type: text/plainOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) lookup_RE:key="text/plain", no matchOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) lookup_acl:key="frisco@localhost", no matchOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) decode_parts:level=1, #parts=1 : part-00001Oct 12 12:40:44 linux amavisd-new[15408]: (15408-01) run_command:[17455] /usr/bin/file/var/lib/amavis/amavis-20051012T124044-15408/parts/part-00001 </dev/nullOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) File-type ofpart-00001: ISO-8859 text; (.txt)Oct 12 12:40:44 linux amavisd-new[15408]: (15408-01) lookup_acl:key="frisco@localhost", no matchOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) Checking for banned(contents-based) file types, 1 partsOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) check_for_banned(part-00001) - file type: .txtOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) lookup_RE:key=".txt", no matchOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) check_for_banned(part-00001) - file type: ISO-8859 textOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) lookup_RE:key="ISO-8859 text", no matchOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) decompose_part:part-00001 - atomicOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) prolong_timer afterdecoding: remaining time = 300 sOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) lookup_RE:key="MAIL", no matchOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) Using FRISK F-ProtAntivirus: /usr/bin/f-prot -dumb -archive -packed/var/lib/amavis/amavis-20051012T124044-15408/partsOct 12 12:40:44 linux amavisd-new[15408]: (15408-01) run_command:[17456] /usr/bin/f-prot -dumb -archive -packed/var/lib/amavis/amavis-20051012T124044-15408/parts </dev/null 2>&1

hier entstehen die beiden f-prot-Prozesse (s.a. obige letzten beidenZeilen), der Aufruf an sich ist aber doch unproblematisch, oder?

Immer noch keine Ahnung, was da schief läuft :( Jedenfalls verschwindendie Prozesse nicht und verbrauchen ganz schön viel Leistung, merkwürdig.Der Load steigt dabei auf ~3.5, und das bei einem AMD64 3200 mit 1 GB RAM.


Weitere Tipps?

Wenn dir das keine weiterenHinweise gibt,
ggf. mal die einzelnen Prozesse von amavis tracen (->strace).

du meinst "strace -e open /usr/sbin/amavis" oder was meinst du mit "dieeinzelnen Prozesse"?


Viele Grüße
André

root@linux:/etc/amavis# /usr/sbin/amavisd-new -c/etc/amavis/amavisd.conf_f-prot-aktiv debugOct 12 12:26:08 linux amavisd-new[15406]: starting. amavisd-new atlinux amavisd-new-20030616-p10, Unicode awareOct 12 12:26:08 linux amavisd-new[15406]: Perl version5.008007

Oct 12 12:26:08 linux amavisd-new[15406]: Module Amavis::Conf        1.15
Oct 12 12:26:08 linux amavisd-new[15406]: Module Archive::Tar        1.26
Oct 12 12:26:08 linux amavisd-new[15406]: Module Archive::Zip        1.14
Oct 12 12:26:08 linux amavisd-new[15406]: Module Compress::Zlib      1.34
Oct 12 12:26:08 linux amavisd-new[15406]: Module Convert::TNEF       0.17
Oct 12 12:26:08 linux amavisd-new[15406]: Module Convert::UUlib      1.051
Oct 12 12:26:08 linux amavisd-new[15406]: Module DB_File             1.811
Oct 12 12:26:08 linux amavisd-new[15406]: Module MIME::Entity        5.417
Oct 12 12:26:08 linux amavisd-new[15406]: Module MIME::Parser        5.417
Oct 12 12:26:08 linux amavisd-new[15406]: Module MIME::Tools         5.417
Oct 12 12:26:08 linux amavisd-new[15406]: Module Mail::Header        1.62
Oct 12 12:26:08 linux amavisd-new[15406]: Module Mail::Internet      1.62

Oct 12 12:26:08 linux amavisd-new[15406]: Module Mail::SpamAssassin3.000004

Oct 12 12:26:08 linux amavisd-new[15406]: Module Net::Cmd            2.26
Oct 12 12:26:08 linux amavisd-new[15406]: Module Net::SMTP           2.29
Oct 12 12:26:08 linux amavisd-new[15406]: Module Net::Server         0.87
Oct 12 12:26:08 linux amavisd-new[15406]: Module Time::HiRes         1.66
Oct 12 12:26:08 linux amavisd-new[15406]: Module Unix::Syslog        0.100

Oct 12 12:26:08 linux amavisd-new[15406]: Found myself:/usr/sbin/amavisd-new -c /etc/amavis/amavisd.conf_f-prot-aktiv

Oct 12 12:26:08 linux amavisd-new[15406]: Lookup::SQL code       NOT loaded
Oct 12 12:26:08 linux amavisd-new[15406]: Lookup::LDAP code      NOT loaded
Oct 12 12:26:08 linux amavisd-new[15406]: AMCL-in protocol code  NOT loaded
Oct 12 12:26:08 linux amavisd-new[15406]: SMTP-in protocol code  loaded
Oct 12 12:26:08 linux amavisd-new[15406]: ANTI-VIRUS code        loaded
Oct 12 12:26:08 linux amavisd-new[15406]: ANTI-SPAM  code        loaded

Oct 12 12:26:08 linux amavisd-new[15406]: Net::Server:2005/10/12-12:26:08 Amavis (type Net::Server::PreForkSimple) starting!pid(15406)Oct 12 12:26:08 linux amavisd-new[15406]: Net::Server: Binding to TCPport 10024 on host 127.0.0.1Oct 12 12:26:08 linux amavisd-new[15406]: Net::Server: Setting gid to"116 116"

Oct 12 12:26:08 linux amavisd-new[15406]: Net::Server: Setting uid to "115"

Oct 12 12:26:08 linux amavisd-new[15406]: Net::Server: Setting upserialization via flock

Oct 12 12:26:08 linux amavisd-new[15406]: Found $file       at /usr/bin/file
Oct 12 12:26:08 linux amavisd-new[15406]: Found $arc        at /usr/bin/arc
Oct 12 12:26:08 linux amavisd-new[15406]: Found $gzip       at /bin/gzip

Oct 12 12:26:08 linux amavisd-new[15406]: Found $bzip2 at/usr/bin/bzip2

Oct 12 12:26:08 linux amavisd-new[15406]: Found $lzop       at /usr/bin/lzop
Oct 12 12:26:08 linux amavisd-new[15406]: Found $lha        at /usr/bin/lha
Oct 12 12:26:08 linux amavisd-new[15406]: Found $unarj      at /usr/bin/arj

Oct 12 12:26:08 linux amavisd-new[15406]: Found $uncompress at/bin/uncompress

Oct 12 12:26:08 linux amavisd-new[15406]: No $unfreeze,     not using it
Oct 12 12:26:08 linux amavisd-new[15406]: Found $unrar      at /usr/bin/rar
Oct 12 12:26:08 linux amavisd-new[15406]: Found $zoo        at /usr/bin/zoo
Oct 12 12:26:08 linux amavisd-new[15406]: Found $cpio       at /bin/cpio

Oct 12 12:26:08 linux amavisd-new[15406]: Found primary av scanner FRISKF-Prot Antivirus at /usr/bin/f-protOct 12 12:26:08 linux amavisd-new[15406]: Found secondary av scannerClam Antivirus - clamscan at /usr/bin/clamscanOct 12 12:26:08 linux amavisd-new[15406]: SpamControl: initializingMail::SpamAssassin

Oct 12 12:26:08 linux amavisd-new[15406]: SpamControl: done

Oct 12 12:26:08 linux amavisd-new[15406]: Net::Server: Beginning prefork(2 processes)

Oct 12 12:26:08 linux amavisd-new[15406]: Net::Server: Starting "2" children

Oct 12 12:26:08 linux amavisd-new[15407]: Net::Server: Child Preforked(15407)Oct 12 12:26:08 linux amavisd-new[15408]: Net::Server: Child Preforked(15408)Oct 12 12:26:08 linux amavisd-new[15406]: Net::Server: Parent ready forchildren.

Reply to:

Follow-Ups:
- Re: untote f-prots über amavis
  - From: André Bischof <frisco@bischof.homelinux.net>

References:
- untote f-prots über amavis
  - From: André Bischof <frisco@bischof.homelinux.net>

Prev by Date: Re: aktuelle netinstall cd
Next by Date: Re: Frage zu fallback_relay (Postfix)
Previous by thread: untote f-prots über amavis
Next by thread: Re: untote f-prots über amavis
Index(es):
- Date
- Thread