Перейти к содержимому


Фото
- - - - -

Far Far Too Many Junk Messages From Drweb


  • Please log in to reply
4 ответов в этой теме

#1 JeremyP

JeremyP

    Newbie

  • Members
  • 2 Сообщений:

Отправлено 28 Февраль 2011 - 21:40

How can I tell DrWeb to shut up and stop sending me emails all the time and stop clogging up my syslog with pointless messages?

Specifically, I repeatedly get emails saying that the DrWeb server is having problems etc and frankly I don't care about this because there is nothing I can do about it. Instead therefore I waste time deleting messages which I don't read and were there ever to be a message that actually needs reading I wouldn't read it.

I have set "LogLevel = Quiet" in drweb32.ini which has reduced it to just one or two emails a day (was getting even more until I did that!), but it is still very annoying.

Secondly, DrWeb spams "/var/log/messages" and fills it up with pointless messages saying it is protecting various emails. All this means is I now can't see any other useful messages that may be in their because of all the annoying and useless messages from DrWeb.

Again I have set "SyslogPriority = Error" but still it won't stop spamming me.

Anyone got any suggestions?

Or do I need to just not use DrWeb?

#2 CARON67

CARON67

    Newbie

  • Posters
  • 40 Сообщений:

Отправлено 01 Март 2011 - 10:27

Again I have set "SyslogPriority = Error" but still it won't stop spamming me

Sorry JeremyP , I have one little question for you but that connection you use ?

Many thanks

Kind regards



#3 Anton Ivanov

Anton Ivanov

    Advanced Member

  • Posters
  • 842 Сообщений:

Отправлено 01 Март 2011 - 11:14

1. about e-mails from dr.web update process: it was sended by cron. check
man cron:

cron then wakes up every minute, examining all stored crontabs, checking each command to see if it should be run in the current minute. When executing commands, any output is mailed to the owner of the crontab (or to the
user named in the MAILTO environment variable in the crontab, if such exists). The children copies of cron running these processes have their name coerced to uppercase, as will be seen in the syslog and ps output.


so you can try set MAILTO to empty value or configure MTA to reject mail to address in MAILTO.

2. Please, show which messages you want to stop receiving in "/var/log/messages"

#4 JeremyP

JeremyP

    Newbie

  • Members
  • 2 Сообщений:

Отправлено 02 Март 2011 - 02:28

RE: cron, it is actually configured by Plesk but you're right I guess I can manually reconfigure it and hope Plesk doesn't undo my changes.

RE: /var/log/messages, the messages below come up EVERY HOUR meaning that in 42 hours I got 8500 lines of useless messages in the file, whereas none of them are of any use at all and therefore I want zero of them:


Feb 27 05:00:03 youangel drwebd.real: SIGHUP received, reloading...
Feb 27 05:00:03 youangel drwebd.real: Dr.Web ® daemon for Linux/Plesk Edition v5.0.0 (Jun 4 2009)
Feb 27 05:00:03 youangel drwebd.real: Copyright © Igor Daniloff, 1992-2009
Feb 27 05:00:03 youangel drwebd.real: Doctor Web, Moscow, Russia
Feb 27 05:00:03 youangel drwebd.real: Support service: http://support.drweb.com
Feb 27 05:00:03 youangel drwebd.real: To purchase: http://buy.drweb.com
Feb 27 05:00:03 youangel drwebd.real: Shell version: 5.0.0.10060 <API:2.2>
Feb 27 05:00:03 youangel drwebd.real: Engine version: 5.0.2.3300 <API:2.2>
Feb 27 05:00:03 youangel drwebd.real: Loading /var/drweb/bases/drwtoday.vdb - Ok, virus records: 440
... repeats for multiple files
Feb 27 05:00:11 youangel drwebd.real: Total virus records: 1914314
Feb 27 05:00:11 youangel drwebd.real: Key file: /opt/drweb/drweb32.key - Key file was not found! (No such file or directory)
Feb 27 05:00:11 youangel drwebd.real: A path to a valid license key file was not specified.
Feb 27 05:00:11 youangel drwebd.real: Daemon is enabled for protecting 15 e-mail`s:
Feb 27 05:00:11 youangel drwebd.real: user@domain.com
... repeats for multiple email addresses
Feb 27 05:00:11 youangel drwebd.real: Daemon is installed, active interfaces: /var/drweb/run/.daemon 127.0.0.1:3000

and then all of the above repeats every hour!

Clearly none of these are real errors and therefore none should be displayed because of "SyslogPriority = Error".

Note also that you will see I only have 15 emails configured at the moment. If I were to add more it would be even worse!!

#5 Anton Ivanov

Anton Ivanov

    Advanced Member

  • Posters
  • 842 Сообщений:

Отправлено 02 Март 2011 - 10:48

SyslogPriority just specify priority for syslog service - it's used only by syslog. to configure drwebd log you can use syslog service settings.
for example try to set
SyslogFacility = Local1

and in syslog configuration (filename changes on each system - on my os it's /etc/rsyslog.conf) you can specify that do with log with local1 facility. to just drop all log you can specify something like this:


local1.* ~ # discards everything.

for more information, please, check syslog documentation


Читают тему: 1

0 пользователей, 1 гостей, 0 скрытых