This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

No mail going through - Mail ends in Unscannable (AV Scanner unreachable)

Hi,

I am experiencing problems with my mail after the last Up2Date - or at least I think it might be related. 
From the smtp log:
2014:10:12-10:07:29 MAIL exim-in[10378]: 2014-10-12 10:07:29 1XdEBc-0002hO-2V malware acl condition: cssd: connection to 127.0.0.1, port 1234 failed (Connection refused)
2014:10:12-10:07:29 MAIL exim-in[10378]: 2014-10-12 10:07:29 1XdEBc-0002hO-2V H=mail.***X.com [***.yyy.zzz.2]:48810 Warning: ACL "warn" statement skipped: condition test deferred
2014:10:12-10:07:29 MAIL exim-in[10378]: 2014-10-12 10:07:29 1XdEBc-0002hO-2V malware acl condition: cssd: connection to 127.0.0.1, port 1234 failed (Connection refused)
2014:10:12-10:07:29 MAIL exim-in[10378]: [1\34] 2014-10-12 10:07:29 1XdEBc-0002hO-2V H=mail.***X.com [***.yyy.zzz.2]:48810 F= temporarily rejected after DATA

This log is repeated again and again.
I am on an UTM running as XEN guest.

Any suggestions?
/Claus, DK


This thread was automatically locked due to age.
  • Addition:
    If I attempt to release the mails get status:
    Malware (SCAN_ERROR)

    and then these can be released.
    /Claus,DK
  • Claus, can you find scanner crash in the SMTP log file?  Does rebooting solve the problem?  What happens if you change to single-scan ?  What if you change the single scan engine from one to the other in 'System Settings'?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,
    thank you for replying. Prior to that I had actually tried to find root cause without succes. I also tried single engine scan and reboot. I feel confident that something was not running correctly, since RAM usage had dropped appr. 300MB, so I ended up reinstalling and restore configuration from backup.
    Results:
    - Mail are passing as expected
    - But once again I end up with Up2Date reporting failure, https://community.sophos.com/products/unified-threat-management/astaroorg/f/52/t/29632 

    I continue that thread and hopefully get some feedback.
    This thread can be "closed", since the original issue is gone after reinstall.
    /Claus