Today we had a problem at a client site when the mail failed to be delivered due to what appears to be a corrupt AV pattern. Eventually we found the error in the SMTP log that read:
2010:05:18-01:35:28 astaro exim[13436]: 2010-05-18 01:35:28 1OE59z-0003Ui-1N malware acl condition: cssd: connection to 127.0.0.1, port 1234 failed (Connection refused)
It took us a while to isolate the problem (of course it is easy when you know what you are looking for!) and I wondered whether it would have been useful for Astaro to have indicated that it had a problem, preferably on the dashboard. Mail outages are fairly important for most businesses.
In trying to troubleshoot, we turned off AV for the mail stream, however this did not cause the problem to resolve, nor the error message to stop, so it appears that turning off AV checking may require more than a mouse click, perhaps a reboot? We solved the problem by copying an AV file from a known good server and mail started flowing again.
Something to watch out for. Comments, insight?
This thread was automatically locked due to age.