The sasi downloads the /var/pattern/sasi/asdb.antispam every 30 seconds and is unable to load/verify it. It generates 800GB/week. I have noticed it since a few months.
Error in var log is given below:
/var/log/sasi.log
2021-08-21.00:04:27 MESSAGE [9999] [ main.cpp:78] LASE Daemon STARTED
2021-08-21.00:04:27 MESSAGE [9999] [ main.cpp:80] LASE Daemon Version: 4.1.4
2021-08-21.00:04:28 MESSAGE [9999] [ engine.cpp:265] Existing signatures are invalid, fetching new signatures..
2021-08-21.00:04:32 MESSAGE [9999] [ precompile.cpp:580] Downloaded file /var/pattern/sasi/asdb.antispam is verified with checksum..
2021-08-21.00:04:32 ERROR [9999] [ laseserver.cpp:159] Could not fetch new signatures: Unable to load database :Database exception: Hyperscan Platform Validation Error : System Does Not Support SSSE3 Instruction Set , Hypersca
n can not run:/var/pattern/sasi/asdb.antispam Exiting..
The tcpdump shows that the traffic to the destination "2.21.143.76" is allowed and timestamps show that the file is being recreated/updated.
utm:/etc/sasi # ls -lart /var/pattern/sasi/
total 37588
drwxr-xr-x 2 root root 4096 Aug 16 12:26 .
drwxr-xr-x 21 root root 4096 Aug 21 06:26 ..
-rw-r--r-- 1 root root 108 Aug 21 08:37 asdb.antispam.csum
-rw-r--r-- 1 root root 38477824 Aug 21 08:37 asdb.antispam
utm:/var/pattern/sasi # cat asdb.antispam.csum
7d7a0e369c64a92e8671caed4c93a84195760c697648d0d3e170b2518d08c652 /usr/local/gendelta/datadir/asdb.antispam
I even bypassed the proxy for this destination and created an explicit firewall rule, but it didn't help.
I changed the cacert.pem file but that didn't help either.
Disabling the Email protection/smtp module solves the problem but need it.
Any clue where to look?
This thread was automatically locked due to age.
