Results 1 to 3 of 3
  1. 04-04-2016, 12:21 AM #1
    RvD
    RvD is offline
    Newbie
    Join Date
    Apr 2016
    Posts
    5

    Default Virusblocker Lite not working on new installs, after fix SMTP not working

    Hello all,

    Looking for a new UTM-system as a reseller, I stumbled upon Untangle. It's really easy to use and feature-rich, but it seems parts of it are not working right.

    I performed a clean install with, amongst others, Virus Blocker Lite.
    I enabled the web scan, but it was flagging all downloads as 'unknown' viruses (status clean, virus name 'unknown') and letting all files pass through. There was someone else with this problem here: https://forums.untangle.com/virus-bl...eats-past.html

    I managed to resolve it myself, by performing these steps:
    -Log in via SSH
    -Go /var/lib
    -Rename folder 'clamav' (to clamav-old) (there are a lot of files in this folder at this moment)
    -Reinstall Virus Lite package from web UI
    -Create folder '/var/lib/clamav'
    -CHMOD that folder to 777
    -Run FRESHCLAM (there are much fewer files in the folder now)
    -Reboot Untangle


    After this, web scanning was working just fine and blocking viruses.
    However, SMTP scanning is not working properly.
    It is scanning all inbound mails, but in the report ('logfile') it marks all messages (with attachments) as 'clean', virus name column being empty. This last part is as expected, but it is marking eicar.com also as clean (whereas the web filter, using the same AV-engine, is catching it).

    Having thought something went probably wrong on the initial install, I redownloaded and reinstalled Untangle, this time the x64 version (used the 32-bit before). But I ended up with exactly the same situation.
    It seems to me that at first, ClamAV is unable to scan any file because of 'all the files' in its definitions-folder (/var/lib/clamav) and that can be resolved the way I described. But after that SMTP is still not working...

    I'm also working with support on this issue, but I since I keep getting these problems, more users must have them? Is there something wrong with the install file of Untangle?
  2. 04-04-2016, 06:41 PM #2
    dmorris
    dmorris is offline
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,747

    Default

    I would start by reinstalling and not messing around at the command line.
    It will download the signatures in the background.
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com
  3. 04-05-2016, 07:21 AM #3
    RvD
    RvD is offline
    Newbie
    Join Date
    Apr 2016
    Posts
    5

    Default

    I performed several clean installs now, and found that the steps I outlined need to be taken every time, otherwise the Virus Blocker (ClamAV to be specific) doesn't run at all.
    The virus definitions are there on a clean install, but apparantly corrupt or something, because ClamAV won't start at all. Also, running Freshclam at that point indicates the definitions are up to date.
    After performing those steps, the definitions are downloaded again and ClamAV runs fine.

    On those other installs the SMTP scanning seems to be working, so I don't think these two issues are related. Support is working with me on fixing the SMTP issue.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules


SEO by vBSEO 3.6.0 PL2