Hi there, since a few days HestiaCP started to send me (by e-mail) a few warnings like these:
exim paniclog /var/log/exim4/paniclog on host.mydomain.com has non-zero size, mail system might be broken. Up to 10 lines are quoted below.
2022-05-28 11:07:03 1nusPX-0027QW-2Y malware acl condition: clamd /var/run/clamav/clamd.ctl : unable to connect to UNIX socket (/var/run/clamav/clamd.ctl): Connection refused
I checked the /var/log/exim4/paniclog which contained exactly the warning thas was e-mailed to me by my Hestia installation:
root@host:/var/log/exim4# cat paniclog
2022-05-28 11:07:03 1nusPX-0027QW-2Y malware acl condition: clamd /var/run/clamav/clamd.ctl : unable to connect to UNIX socket (/var/run/clamav/clamd.ctl): Connection refused
2022-05-28 15:16:22 1nuwIo-002DyJ-FY malware acl condition: clamd /var/run/clamav/clamd.ctl : unable to connect to UNIX socket (/var/run/clamav/clamd.ctl): Connection refused
2022-05-29 00:58:39 1nv5OJ-002Qs1-JF malware acl condition: clamd /var/run/clamav/clamd.ctl : unable to connect to UNIX socket (/var/run/clamav/clamd.ctl): Connection refused
If I than look at my exim4 mainlog at the given date + time, I get the following error:
2022-05-28 11:07:03 1nusPX-0027QW-2Y <= [email protected] H=host.mydomain.com (clientdomain.nl) [XX.XX.XXX.XX*ip-from-my-vps*] P=esmtpsa X=TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256 CV=no SNI="mail.clientdomain.nl" A=dovecot_login:[email protected] S=702 [email protected]
2022-05-28 11:07:03 1nusPX-0027QW-2Y => [email protected] R=send_via_smtp_relay T=smtp_relay_smtp H=mail.smtp2go.com [176.58.103.10*ip-from-smtp2go*] X=TLS1.2:ECDHE_SECP256R1__RSA_SHA256__AES_256_GCM:256 CV=yes A=smtp_relay_login K C="250- 719 byte chunk, total 719\\n250 OK id=1nusPX-9EFL5M-FB"
2022-05-28 11:07:03 1nusPX-0027QW-2Y Completed
I did setup a SMTP2GO relay for this client which works fine. Might it be an issue on his side; f.e. that he still tries to send e-mail over HestiaCP instead of SMTP2GO?
Thank you very much in advance!