I end up facing the following issue with these symptoms lately :
- Emails from the outside not coming in and no outbound email going out (error returned trying to send a message)
- Very high amount of resources (CPU) consumed by the ClamAV engine
The following errors that can be seen in the ClamD logs [/var/log/qmail/clamd/current] :
LibClamAV Error: cli_load(): Can’t open file /usr/share/clamav/lmd.user.hdb
LibClamAV Error: cli_loaddbdir(): error loading database /usr/share/clamav/lmd.user.hdb
ERROR: Can’t open file or directory
Closing the main socket.
The following errors that can be seen in the ClamD logs [/var/log/qmail/smtp/current] :
qmail-smtpd: qq soft reject (mail server temporarily rejected message (#4.3.0)): MAILFROM:<sender@domain.tld> RCPTTO:recipient@domain.tld
spamdyke[31085]: DENIED_OTHER from: sender@domain.tld to: recipient@domain.tld origin_ip: 0.0.0.1 origin_rdns: remote-mta.domain.tld auth: (unknown) encryption: TLS reason: 451_mail_server_temporarily_rejected_message_(#4.3.0)
Since this is similar to an issue I had before and faced more than a year ago, I have tried to update the ClamAV software without any luck. The only thing that could make this to happen is a 3rd party software triggered in tandem with the anti-virus engine.
Since I am running maldet which is invoked with ClamAV, I have decided to disable it and it worked!
To disable maldet temporairaly, simply do the following :
mv /usr/local/maldetect /usr/local/maldetect.DISABLED
The problem has occured with maldet v1.4.2. Upgrading to version 1.5 fixed the issue.