ClamAV blocks a certain user's mail

ericosman

Verified User
Joined
Nov 25, 2019
Messages
483
Location
Weert
Hi,

I was installing ClamAV today, and to test it i downloaded the eicar.com test virus....
But after ClamAV found that virus it started to block all incomming and outgoing mails from a certain domain...

Is there a way to remove this domain from the "bad" list?

Thanks in advance!
 
This should get you close.
If you want Rspamd replace spamassasin with rspamd

Code:
cd /usr/local/directadmin/custombuild
./build update
./build clean
./build set eximconf yes
./build set eximconf_release 4.5
./build set blockcracking yes
./build set easy_spam_fighter yes
./build set spamd spamassassin
./build set exim yes
./build set dovecot yes
./build set clamav yes
./build set dovecot_conf yes
./build curl
./build zlib
./build pcre2
./build exim
./build dovecot
./build spamassassin
./build blockcracking
./build easy_spam_fighter
./build exim_conf   
./build dovecot_conf
 
What cmds did you run?
This is what i did:


# cd /usr/local/directadmin/custombuild
# ./build update
# ./build set clamav yes
# ./build clamav

How to update clamav database?
# sudo freshclam

./build exim_conf


But if i run the code you sent me, i’ll change a lot of settings but will this remove the account from the blacklist? Or will this change the way clamav reacts when detecting a virus?
 
I wasn’t sure of what you had run. Wanted to make sure you had something that would cover you to correct the system to work.

If you think your server is on a blacklist that is something else. Have you run blacklist checks? Go to the How To section and get my doc and see..
 
I wasn’t sure of what you had run. Wanted to make sure you had something that would cover you to correct the system to work.

If you think your server is on a blacklist that is something else. Have you run blacklist checks? Go to the How To section and get my doc and see..
According to MXToolbox i'm on 0 blocklists. So this has to be a local issue i guess.

On other domains / account i can sent mails and recive them. It's just one account / domain i cant
 
This is what i get when i try to sent mails to the specific account

550 authentication required

Connecting to [my-ip]

220 srv1.mydomain.com ESMTP Exim 4.92.3 Sat, 07 Dec 2019 16:06:49 +0100 [672 ms]
EHLO keeper-us-east-1b.mxtoolbox.com
250-srv1.mydomain.com Hello keeper-us-east-1b.mxtoolbox.com [52.55.244.91]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-AUTH PLAIN LOGIN
250-STARTTLS
250 HELP [687 ms]
MAIL FROM:<[email protected]>
250 OK [687 ms]
RCPT TO:<[email protected]>
550 authentication required [729 ms]

LookupServer 4016ms
 
Actually never seen ClamAV to block email accounts in DirectAdmin. Probably it has been blocked for some other reasons. Server logs might give more information: /var/log/directadmin/
 
Back
Top