Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 4029 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

9.104-17 All mail showing as unscannable:encrypted archive

Biffa
Suddenly early this morning, all mail on my Astaro running  9.104-17 stopped flowing through the SMTP engine.

Telnetting to port 25 on the firewall from an allowed host, and manually passing email commands to the console ended with a 451 "Temporary local problem" error.

I looked into the Mail Manager and there were many emails stuck in Quarantine, including all the test emails sent from inside and outside the firewall. They are all listed as:

"Unscannable encrypted archive" and stuck in quarantine.

I've got no idea where this came from or how to resolve it without disabling things that were working until yesterday.

I've restarted the firewall, the only thing that lets the mail get through is to disable "Quarantine unscannable and encrypted content"

But I think the virus engine is broken. I think this is so because of the following error when trying to install the latest two up2date updates Version 9.105-9 and 9.106-17


id="371O" severity="error" sys="system" sub="up2date" name="Fatal: Up2Date package installation failed: An error occured during the RPM pre-installation test (1)" status="failed" action="install" code="1" package="savi"


This thread was automatically locked due to age.
Parents
  • 0
    Hi Barry (again) [:)]

    1. Single scan Avira, tried Sophos, tried dual scanner. Same deal.
    2. In the SMTP log every email has this port 1234 failure:

    2013:10:12-02:43:19 mail exim-in[14529]: 2013-10-12 02:43:19 1VUoEh-0003mL-06 DKIM: d=yahoo.co.uk s=s1024 c=relaxed/relaxed a=rsa-sha256 t=1381542021 [verification succeeded]
    2013:10:12-02:43:19 mail exim-in[14529]: 2013-10-12 02:43:19 1VUoEh-0003mL-06 malware acl condition: cssd: connection to 127.0.0.1, port 1234 failed (Connection refused)
    2013:10:12-02:43:19 mail exim-in[14529]: 2013-10-12 02:43:19 1VUoEh-0003mL-06 H=nm34.bullet.mail.ne1.yahoo.com [98.138.229.27]:26408 Warning: ACL "warn" statement skipped: condition test deferred
    2013:10:12-02:43:19 mail exim-in[14529]: 2013-10-12 02:43:19 1VUoEh-0003mL-06 malware acl condition: cssd: connection to 127.0.0.1, port 1234 failed (Connection refused)
    2013:10:12-02:43:19 mail exim-in[14529]: [1\44] 2013-10-12 02:43:19 1VUoEh-0003mL-06 H=nm34.bullet.mail.ne1.yahoo.com [98.138.229.27]:26408 F= temporarily rejected after DATA


    Home user so no support.
Reply
  • 0
    Hi Barry (again) [:)]

    1. Single scan Avira, tried Sophos, tried dual scanner. Same deal.
    2. In the SMTP log every email has this port 1234 failure:

    2013:10:12-02:43:19 mail exim-in[14529]: 2013-10-12 02:43:19 1VUoEh-0003mL-06 DKIM: d=yahoo.co.uk s=s1024 c=relaxed/relaxed a=rsa-sha256 t=1381542021 [verification succeeded]
    2013:10:12-02:43:19 mail exim-in[14529]: 2013-10-12 02:43:19 1VUoEh-0003mL-06 malware acl condition: cssd: connection to 127.0.0.1, port 1234 failed (Connection refused)
    2013:10:12-02:43:19 mail exim-in[14529]: 2013-10-12 02:43:19 1VUoEh-0003mL-06 H=nm34.bullet.mail.ne1.yahoo.com [98.138.229.27]:26408 Warning: ACL "warn" statement skipped: condition test deferred
    2013:10:12-02:43:19 mail exim-in[14529]: 2013-10-12 02:43:19 1VUoEh-0003mL-06 malware acl condition: cssd: connection to 127.0.0.1, port 1234 failed (Connection refused)
    2013:10:12-02:43:19 mail exim-in[14529]: [1\44] 2013-10-12 02:43:19 1VUoEh-0003mL-06 H=nm34.bullet.mail.ne1.yahoo.com [98.138.229.27]:26408 F= temporarily rejected after DATA


    Home user so no support.
Children
No Data
Unfiltered HTML