Hey,
we use the EMail Protection to scan mails for Malware. Since this night, we're not getting any inbound mails.
Mail Protection log says something about:
exim-in[25039]: 2016-05-26 11:29:21 1b5rbV-0006Vr-1f malware acl condition: cssd: connection to 127.0.0.1, port 1234 failed (Connection refused)
exim-in[25039]: [1\62] 2016-05-26 11:29:21 1b5rbV-0006Vr-1f H=mailprovider.domain [1.2.3.4]:55127 F=<someemailaddress@domain.com> temporarily rejected after DATA
and:
exim-in[24229]: 2016-05-26 10:17:22 1b5s6W-0000x8-2X malware acl condition: cssd: unparseable response from cssd: {500 Internal Server Error}
exim-in[24229]: [1\62] 2016-05-26 10:17:22 1b5s6W-0000x8-2X H=mailprovider.domain [1.2.3.4]:55127 F=<someemailaddress@domain.com> temporarily rejected after DATA
if i disable the malware scanning (set to disabled in SMTP settings) the problem is gone.
when i disable "Reject malware during SMTP transaction" the mails are waiting in the SMTP Spool with the state "Waiting for AV Scan".
Malware / AV Scanning is now completely disabled, but thats not what i want!
i've read something about wrong pattern updates, i'm now on 101625 (just updated) but the problem persists...
UPDATE:
now on pattern version: 101627
utm version. 9.403-4
UPDATE2:
tried a reboot, problem still persists...
UPDATE3:
seems to be ok with pattern update 101630.
i'm currently looking into it, but it seems ok now.
any ideas?
thanks for your help! :)
Lars
This thread was automatically locked due to age.
