Unable to connect to ClamAV service after restart of the appliance server.

  • 7025068
  • 06-Apr-2021
  • 07-Apr-2021

Environment

GWAVA (Secure Messaging Gateway) 7

Situation

In any of your policies you have configured also a ClamAV Filter.
However, after restart of the appliance server, this service is not running correctly and in the scanner log files you often see a complaint like:

[140631819273984] 2021-04-06 13:50:41 (clam) Unable to connect to ClamAv service.

If you want to fix this problem, use webadmin console -> Module Management -< Modules Status and start / stop smg-scanner service.
Or from a command line:

systemctl <stop/start> clamd.service

Alternatively you can find out a ProcessID:

pidof smg-scanner

and kill it by "kill -9 <pid>". The SMTP service will detect the scanner is down and restarts it.

You can also add ClamAV service in the system services within VA admin console and set it to Autostart after reboot but that does not help.
The way to add it, if not listed is by editing /etc/opt/novell/base/system-services.xml. First rather make a copy of it and then and new section like:

    </service>
        <service>
        <name>ClamAv</name>
        <description>ClamAv Antivirus Engine</description>
        <chkconfig-service>clamd</chkconfig-service>
        <ui-hidden>false</ui-hidden>
    </service>

Save the changes and then re-visit or refresh System Services list in VA Admin console.

This problem has been reported to GWAVA engineering.

In general there is no advantage of using ClamAV scanner over regular AV scanner that connects to the BitDefender site. Both scanners can do the same work. The ClamAV is, however, more resource intense compared to other, regular AV. There is no need to have both, ClamAV and regular AV scanner within the same policy. It could negatively affect a  performance of SMG which can be more visible in more busy mail systems. That is why it is switched OFF by default if you used any newer appliance ova build (7.0.0.21 or newer). Shall you want to use it, it needs to be listed in VA admin console under System Services -> enabled and with autostart. Then it can be used in any policy if needed. 

Status

Top Issue