8 ответов в этой теме

[osipovsv]

Во время выполнения скрипта /usr/local/drweb/update.pl письмо попадает в карантин. В логах появляется следующая запись:

Mar 17 16&#58;00&#58;44 titan sm-mta&#91;30943&#93;&#58; p2HD0gwe030943&#58; from=<xxx1@abc.ru>, size=2928, class=0, nrcpts=1, msgid=<002201cbe4a3$54722500$8c67a8c0>, proto=ESMTP, daemon=IPv4, relay=
	  Mar 17 16&#58;00&#58;44 titan sp-milter&#91;12239&#93;&#58; For message p2HD0gwe030943 from  will return ACCEPT, SKIP mailfrom&#58; <xxx1@abc.ru>, rcpto&#58; <xxx2@abc.ru>
	  Mar 17 16&#58;00&#58;44 titan drweb-milter&#58; &#91;0x8131d00&#93; milter INFO 0000313F/p2HD0gwe030943 success save mail to /var/drweb/msgs/in/F/0000313F/
	  Mar 17 16&#58;00&#58;44 titan drweb-maild&#58; &#91;0x845d700&#93; maild INFO 0000313F/p2HD0gwe030943 Attach msg to plugin drweb...
	  Mar 17 16&#58;00&#58;44 titan drweb-maild&#58; &#91;0x845d700&#93; drweb.ipc ERROR 0000313F/p2HD0gwe030943 send 230 bytes to connection &#40;fd->14, local->local&#58;, server->local&#58;/var/drweb/run/.daemon&#41; failed&#58; Broken pipe
	  Mar 17 16&#58;00&#58;44 titan drweb-maild&#58; &#91;0x845d700&#93; drweb.ipc ERROR 0000313F/p2HD0gwe030943 error for address&#40;es&#41; &#91;local&#58;/var/drweb/run/.daemon&#93;&#58; Socket&#58;&#58;Send&#58; &#91;32&#93; Broken pipe
	  Mar 17 16&#58;00&#58;44 titan drweb-maild&#58; &#91;0x845d700&#93; drweb WARN 0000313F/p2HD0gwe030943 Failed to send request to pid&#58;/var/drweb/run/drwebd.pid server
	  Mar 17 16&#58;00&#58;44 titan drweb-maild&#58; &#91;0x845d700&#93; drweb ERROR 0000313F/p2HD0gwe030943 processing msg error &#58;&#91;Can&#96;t transfer request to any drwebd server&#93; -> use ProcessingErrors
	  Mar 17 16&#58;00&#58;44 titan drweb-maild&#58; &#91;0x845d700&#93; maild INFO 0000313F/p2HD0gwe030943 quarantine&#58; success save msg to /var/drweb/infected/def/drweb/F/0000313F.0.maild.JFAloJ
	  Mar 17 16&#58;00&#58;44 titan drweb-maild&#58; &#91;0x845d700&#93; maild INFO 0000313F/p2HD0gwe030943 send notification error for msg /var/drweb/msgs/in/F/0000313F ...
	  Mar 17 16&#58;00&#58;46 titan drweb-maild&#58; &#91;0x845d700&#93; drweb INFO 0000313F/p2HD0gwe030943 processing error for 313f, apply&#58; &#91;reject, quarantine, notify&#93;
	  Mar 17 16&#58;00&#58;46 titan drweb-maild&#58; &#91;0x845d700&#93; maild INFO 0000313F/p2HD0gwe030943 plugin drweb block msg; time=2269 ms
	  Mar 17 16&#58;00&#58;46 titan drweb-maild&#58; &#91;0x845d700&#93; maild INFO 0000313F/p2HD0gwe030943 msg is rejected
	  Mar 17 16&#58;00&#58;46 titan drweb-milter&#58; &#91;0x8131d00&#93; milter INFO 0000313F/p2HD0gwe030943 drweb-maild return reject action. score=0
	  Mar 17 16&#58;00&#58;46 titan drweb-milter&#58; &#91;0x8131d00&#93; milter INFO 0000313F/p2HD0gwe030943 processing message &#91;from&#58; <xxx1@abc.ru>; to&#58;<xxx2@abc.ru>&#93; is over
	  Mar 17 16&#58;00&#58;46 titan sm-mta&#91;30943&#93;&#58; p2HD0gwe030943&#58; Milter&#58; data, reject=554 5.7.1 Command rejected
	  Mar 17 16&#58;00&#58;46 titan sm-mta&#91;30943&#93;&#58; p2HD0gwe030943&#58; to=<xxx2@abc.ru>, delay=00&#58;00&#58;04, pri=32928, stat=Command rejected

Логи drwebd

Mar 17 16:00:44 titan drwebd: SIGHUP received, reloading...
Mar 17 16:00:44 titan drwebd: Dr.Web (R) daemon for FreeBSD v6.0.1.2
Mar 17 16:00:44 titan drwebd: Copyright (c) Igor Daniloff, 1992-2011
Mar 17 16:00:44 titan drwebd: Doctor Web, Moscow, Russia
Mar 17 16:00:44 titan drwebd: Support service: http://support.drweb.com
Mar 17 16:00:44 titan drwebd: To purchase: http://buy.drweb.com
Mar 17 16&#58;00&#58;44 titan drwebd&#58; Shell version&#58; 6.0.0.10060 <API&#58;2.2>
Mar 17 16&#58;00&#58;44 titan drwebd&#58; Engine version&#58; 5.0.2.3300 <API&#58;2.2>
Mar 17 16&#58;00&#58;44 titan drwebd&#58; Loading /var/drweb/bases/drwtoday.vdb - Ok, virus records&#58; 457
Mar 17 16&#58;00&#58;44 titan drwebd&#58; Loading /var/drweb/bases/drwdaily.vdb - Ok, virus records&#58; 3377
Mar 17 16&#58;00&#58;44 titan drwebd&#58; Loading /var/drweb/bases/drw50068.vdb - Ok, virus records&#58; 7472
....
Mar 17 16&#58;00&#58;53 titan drwebd&#58; Loading /var/drweb/bases/drwrisky.vdb - Ok, virus records&#58; 6197
Mar 17 16&#58;00&#58;53 titan drwebd&#58; Loading /var/drweb/bases/drwnasty.vdb - Ok, virus records&#58; 28348
Mar 17 16&#58;00&#58;53 titan drwebd&#58; Total virus records&#58; 1940207
Mar 17 16&#58;00&#58;53 titan drwebd&#58; Key file&#58; /usr/local/etc/drweb/drweb32_proba.key - loaded.
Mar 17 16&#58;00&#58;53 titan drwebd&#58; License key number&#58; 0013622586
Mar 17 16&#58;00&#58;53 titan drwebd&#58; License key activates&#58; 2011-03-10
Mar 17 16&#58;00&#58;53 titan drwebd&#58; License key expires&#58; 2011-04-10
Mar 17 16&#58;00&#58;53 titan drwebd&#58; License for Internet gateways&#58; None
Mar 17 16&#58;00&#58;53 titan drwebd&#58; License for file-servers&#58; Unlimited
Mar 17 16&#58;00&#58;53 titan drwebd&#58; License for mail-servers&#58; 100 e-mail addresses.

Как изменить поведение milter`а, чтобы письмо пропускал в случае перезапуска демона drwebd?

FreeBSD 7.1, Sendmail 8.14.3, Drweb 6.0.1

[Anton Ivanov]

1) у Вас стоит самый свежий MailD? в последнем обновлении в drwebd правилась эта ошибка.

2) что бы гарантированно не было блокировки писем в этом случае надо поставить ProcessingErrors в pass в plugin_drweb.conf

[osipovsv]

1. Ставил из мета-портов с вашего сайта. Вывод head Makefile следующий

# New ports collection makefile for:   drweb-maild-meta
# Date created:				 15 December 2010
# Whom&#58;						 Boris Savelev <b.savelev@drweb.com>
#

PORTNAME=	   drweb-maild-meta
PORTVERSION=	6.0.1.0
CATEGORIES=	 security

MAINTAINER=	 b.savelev@drweb.com

2. Поменял значение понаблюдаю. Спасибо...

[Anton Ivanov]

а что выводит
/opt/drweb/drwebd --version
?

[osipovsv]

/usr/local/drweb/drwebd --version

Dr.Web (R) daemon for FreeBSD v6.0.1.2
  Copyright (c) Igor Daniloff, 1992-2011
  Doctor Web, Moscow, Russia
  Support service: http://support.drweb.com
  To purchase: http://buy.drweb.com
  Shell version&#58; 6.0.0.10060 <API&#58;2.2>
  Engine version&#58; 5.0.2.3300 <API&#58;2.2>

[Роман Владимирович]

таки не исправили этот баг в новой версии?

[userr]

таки не исправили этот баг в новой версии?

"Вы давно перестали бить свою жену по утрам"?

У Вас воспроизводится с учётом данных здесь советов?

Сообщение было изменено userr: 14 Апрель 2011 - 15:29

[Роман Владимирович]

таки не исправили этот баг в новой версии?

"Вы давно перестали бить свою жену по утрам"?

У Вас воспроизводится с учётом данных здесь советов?

Да воспроизводится. С обновлением у вас явно не все в порядке.

[Daemon-FF]

У меня тоже возникает подобная проблема после перехода на DrWeb 6.0. В логах вот так:

Aug  5 09&#58;43&#58;27 <local7.info> unix drwebd.real&#58; SIGHUP received, reloading...
Aug  5 09&#58;43&#58;27 <local7.info> unix drwebd.real&#58; Dr.Web &#40;R&#41; daemon for FreeBSD v6.0.1.3
Aug  5 09&#58;43&#58;27 <local7.info> unix drwebd.real&#58; Copyright &#40;c&#41; Igor Daniloff, 1992-2011
Aug  5 09&#58;43&#58;27 <local7.info> unix drwebd.real&#58; Doctor Web, Moscow, Russia
Aug  5 09&#58;43&#58;27 <local7.info> unix drwebd.real&#58; Support service&#58; http&#58;//support.drweb.com
Aug  5 09&#58;43&#58;27 <local7.info> unix drwebd.real&#58; To purchase&#58; http&#58;//buy.drweb.com
Aug  5 09&#58;43&#58;27 <local7.info> unix drwebd.real&#58; Shell version&#58; 6.0.0.10060 <API&#58;2.2>
Aug  5 09&#58;43&#58;27 <local7.info> unix drwebd.real&#58; Engine version&#58; 5.0.2.3300 <API&#58;2.2>
Aug  5 09&#58;43&#58;28 <local7.info> unix drwebd.real&#58; Loading /var/drweb/bases/drwtoday.vdb - Ok, virus records&#58; 4358
Aug  5 09&#58;43&#58;28 <local7.info> unix drwebd.real&#58; Loading /var/drweb/bases/drwdaily.vdb - Ok, virus records&#58; 11863
Aug  5 09&#58;43&#58;28 <local7.info> unix drwebd.real&#58; Loading /var/drweb/bases/drw50088.vdb - Ok, virus records&#58; 20563
Aug  5 09&#58;43&#58;28 <local7.info> unix drwebd.real&#58; Loading /var/drweb/bases/drw50087.vdb - Ok, virus records&#58; 29147
.....
Aug  5 09&#58;43&#58;34 <local7.info> unix drwebd.real&#58; Loading /var/drweb/bases/drw50052.vdb - Ok, virus records&#58; 14045
Aug  5 09&#58;43&#58;34 <local7.info> unix drwebd.real&#58; Loading /var/drweb/bases/drw50051.vdb - Ok, virus records&#58; 7028

Aug  5 09&#58;43&#58;34 <local7.err> unix drweb-maild.real&#58; &#91;0xa52d200&#93; drweb.ipc ERROR 0000158F/p753h3fm036895 error for address&#40;es&#41; &#91;inet&#58;3000@127.0.0.1&#93;&#58; a waiting of Socket&#58;&#58;IsReady&#40;0x1&#41; for connection &#40;fd->6, local->inet&#58;127.0.0.1&#58;63576, server->inet&#58;3000@127.0.0.1&#41;&#58; timed out &#40;time out= 29 s 935 ms&#41;
Aug  5 09&#58;43&#58;34 <local7.err> unix drweb-maild.real&#58; &#91;0xa52d200&#93; drweb ERROR 0000158F/p753h3fm036895 processing msg error &#58;&#91;can&#96;t try to send request to next server&#58; timeout at 2011-08-05 09&#58;43&#58;34.73&#93; -> use ProcessingErrors
Aug  5 09&#58;43&#58;34 <local7.info> unix drweb-maild.real&#58; &#91;0xa52d200&#93; maild INFO 0000158F/p753h3fm036895 quarantine&#58; success save msg to /var/drweb/infected/def/drweb/F/0000158F.0.maild.NOpGDx
Aug  5 09&#58;43&#58;34 <local7.info> unix drweb-maild.real&#58; &#91;0xa52d200&#93; maild INFO 0000158F/p753h3fm036895 send notification error for msg /var/drweb/msgs/in/F/0000158F ...
Aug  5 09&#58;43&#58;34 <local7.info> unix drweb-notifier.real&#58; &#91;0x82a2800&#93; notifier INFO  start processing msg&#58; &#91;from&#58; <drweb@domain.ru>; to&#58;<drweb@domain.ru>&#93;
Aug  5 09&#58;43&#58;34 <local7.info> unix drweb-notifier.real&#58; &#91;0x82a2800&#93; notifier.parser INFO  select template admin&#58;error for instant
Aug  5 09&#58;43&#58;34 <local7.info> unix drweb-notifier.real&#58; &#91;0x82a2800&#93; notifier INFO  success save new msg &#91;from&#58; <DrWEB-MAIl-DAEMON@domain.ru>; to&#58;<drweb@domain.ru>; size=16432&#93; to disk. Send it...
Aug  5 09&#58;43&#58;34 <local7.info> unix drweb-sender.real&#58; &#91;0x81a4800&#93; sender INFO notifier.GMRRJw start processing msg...
Aug  5 09&#58;43&#58;34 <local7.info> unix drweb-sender.real&#58; &#91;0x81a4800&#93; sender.queue INFO notifier.GMRRJw put msg &#91;from&#58; <DrWEB-MAIl-DAEMON@domain.ru>; to&#58;<drweb@domain.ru>&#93; to queue for processing after 0 sec
Aug  5 09&#58;43&#58;34 <local7.info> unix drweb-notifier.real&#58; &#91;0x82a2800&#93; notifier INFO  success send request for send msg &#91;from&#58; <DrWEB-MAIl-DAEMON@domain.ru>; to&#58;<drweb@domain.ru>; size=16432&#93;
Aug  5 09&#58;43&#58;34 <local7.info> unix drweb-maild.real&#58; &#91;0xa52d200&#93; drweb INFO 0000158F/p753h3fm036895 processing error for 158f, apply&#58; &#91;reject, quarantine, notify&#93;
Aug  5 09&#58;43&#58;34 <local7.info> unix drweb-maild.real&#58; &#91;0xa52d200&#93; maild INFO 0000158F/p753h3fm036895 plugin drweb block msg; time=30159 ms
Aug  5 09&#58;43&#58;34 <local7.info> unix drweb-maild.real&#58; &#91;0xa52d200&#93; maild INFO 0000158F/p753h3fm036895 msg is rejected
Aug  5 09&#58;43&#58;34 <local7.info> unix drweb-sender.real&#58; &#91;0x81a4200&#93; sender INFO absrmloNi get msg &#91;from&#58; <DrWEB-MAIl-DAEMON@domain.ru>; to&#58;<drweb@domain.ru>&#93; from queue for processing...
Aug  5 09&#58;43&#58;34 <local7.info> unix drweb-milter.real&#58; &#91;0x817d400&#93; milter INFO 0000158F/p753h3fm036895 drweb-maild return reject action. score=0
Aug  5 09&#58;43&#58;34 <local7.info> unix drweb-milter.real&#58; &#91;0x817d400&#93; milter INFO 0000158F/p753h3fm036895 processing message &#91;from&#58; <drweb@domain.ru>; to&#58;<drweb@domain.ru>&#93; is over
Aug  5 09&#58;43&#58;34 <local7.info> unix drwebd.real&#58; Loading /var/drweb/bases/drw50050.vdb - Ok, virus records&#58; 8674
....

Дистрибутив скачивал с сайта примерно месяц назад. Что делать с этим?