/l3/users/clint/MIMEDefang-ASP/asp.linux.nt/root :1 :2 :3 :4 :5 :6 :7 :8 :9 :10 :11 :12 :13 :14 :15 :16
[ править ]

Журнал лабораторных работ

Содержание

Журнал

Суббота (10/28/06)

/dev/pts/7
00:08:35
#rpm -Uhv --force --nodeps /home/user/Desktop/clamav-0.88.5-1.rh9.rf.i386.rpm
предупреждение: /home/user/Desktop/clamav-0.88.5-1.rh9.rf.i386.rpm: Заголовок V3 DSA signature: NOKEY, key ID 6b8d79e6
Подготовка...     ########################################### [100%]
   1:clamav                 предупреждение: /etc/freshclam.conf создан как /etc/freshclam.conf.rpmnew
########################################### [100%]
предупреждение: /var/lib/clamav/daily.cvd сохранен как /var/lib/clamav/daily.cvd.rpmsave
предупреждение: /etc/logrotate.d/freshclam сохранен как /etc/logrotate.d/freshclam.rpmsave
предупреждение: /etc/clamd.conf сохранен как /etc/clamd.conf.rpmsave
00:08:43
#rpm -Uhv --force --nodeps /home/user/Desktop/clamav-db-0.88.5-1.rh9.rf.i386.rpm 
предупреждение: /home/user/Desktop/clamav-db-0.88.5-1.rh9.rf.i386.rpm: Заголовок V3 DSA signature: NOKEY, key ID 6b8d79e6
Подготовка...     ########################################### [100%]
   1:clamav-db              предупреждение: /var/clamav/daily.cvd создан как /var/clamav/daily.cvd.rpmnew
########################################### [100%]
ошибка: распаковка архива не удалась на файле /var/clamav/main.cvd;45427565: cpio: read
00:08:53
#rpm -Uhv --force /home/user/Desktop/clamd-0.88.5-1.rh9.rf.i386.rpm
предупреждение: /home/user/Desktop/clamd-0.88.5-1.rh9.rf.i386.rpm: Заголовок V3 DSA signature: NOKEY, key ID 6b8d79e6
Подготовка...     ########################################### [100%]
   1:clamd                  ########################################### [100%]
00:09:04
#vi /etc/clamd.conf
00:09:04
#vi /etc/clamd.conf
72c72
< #LocalSocket /var/run/clamav/clamd.sock
---
> LocalSocket /var/spool/MIMEDefangc/clamd.sock
76c76
< FixStaleSocket
---
> #FixStaleSocket
80c80
< TCPSocket 3310
---
> #TCPSocket 3310
144c144
< User clamav
---
> User defang
/dev/pts/9
00:09:19
#/etc/init.d/clamd start 










/dev/pts/7
00:11:12




#/etc/init.d/clamd stop


Stopping Clam AntiVirus Daemon:                            [  ОК  ]











00:11:19




#/etc/init.d/clamd start


Starting Clam AntiVirus Daemon: LibClamAV Warning: **************************************************
LibClamAV Warning: ***  The virus database is older than 7 days.  ***
LibClamAV Warning: ***        Please update it IMMEDIATELY!       ***
LibClamAV Warning: **************************************************
                                                           [  ОК  ]











00:11:22




#ps -ax


Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.5/FAQ
  PID TTY      STAT   TIME COMMAND
    1 ?        S      0:00 init [5]
    2 ?        SN     0:00 [ksoftirqd/0]
    3 ?        S<     0:00 [events/0]
    4 ?        S<     0:00 [khelper]
    5 ?        S<     0:00 [kthread]
    7 ?        S<     0:00 [kacpid]
   80 ?        S<     0:00 [kblockd/0]
   83 ?        S<     0:00 [khubd]
...
27253 ?        Sl     0:00 /usr/bin/mimedefang -P /var/spool/MIMEDefang/mimedefang.pid -m /var/spool/MIMEDefang/mimedefang-multiplexor.sock -R -1 -U defang -p /var/spool/
27264 ?        S      0:01 /usr/bin/perl /usr/bin/mimedefang.pl -server
27288 ?        Ss     0:00 sendmail: accepting connections
27295 ?        Ss     0:00 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue
27325 pts/5    S+     0:00 /bin/vi mimedefang.spec
27590 ?        Ss     0:00 sshd: root@pts/9
27593 pts/9    Ss+    0:00 script -f -q /root/.lilalo//93929998153653587-1161982837.script
27653 pts/9    S+     0:00 script -f -q /root/.lilalo//93929998153653587-1161982837.script
27654 pts/10   Ss+    0:00 bash -i
28023 pts/8    R+     0:00 ps -ax











00:11:25




#tail -f /var/log/messages





Oct 28 00:05:02 asp crond(pam_unix)[27793]: session closed for user root
Oct 28 00:10:01 asp crond(pam_unix)[27981]: session opened for user root by (uid=0)
Oct 28 00:10:02 asp crond(pam_unix)[27981]: session closed for user root
Oct 28 00:11:22 asp clamd[28014]: Daemon started.
Oct 28 00:11:22 asp clamd[28014]: clamd daemon 0.88.5 (OS: linux-gnu, ARCH: i386, CPU: i386)
Oct 28 00:11:22 asp clamd[28014]: Log file size limit disabled.
Oct 28 00:11:22 asp clamd[28014]: Running as user defang (UID 100, GID 101)
Oct 28 00:11:22 asp clamd[28014]: Reading databases from /var/clamav
Oct 28 00:11:22 asp clamd[28014]: Protecting against 8881 viruses.
Oct 28 00:11:22 asp clamd[28015]: Socket file /var/spool/MIMEDefangc/clamd.sock could not be bound: No such file or directory











00:11:47




#vi /etc/clamd.conf


72c72
< LocalSocket /var/spool/MIMEDefangc/clamd.sock
---
> LocalSocket /var/spool/MIMEDefang/clamd.sock









00:12:01




#/etc/init.d/clamd start


Starting Clam AntiVirus Daemon: LibClamAV Warning: **************************************************
LibClamAV Warning: ***  The virus database is older than 7 days.  ***
LibClamAV Warning: ***        Please update it IMMEDIATELY!       ***
LibClamAV Warning: **************************************************
                                                           [  ОК  ]











00:12:03




#vi /etc/clamd.conf










00:12:06




#tail -f /var/log/messages





Oct 28 00:12:03 asp clamd[28055]: Archive support enabled.
Oct 28 00:12:03 asp clamd[28055]: Archive: RAR support disabled.
Oct 28 00:12:03 asp clamd[28055]: Archive: Blocking encrypted archives.
Oct 28 00:12:03 asp clamd[28055]: Archive: Blocking archives that exceed limits.
Oct 28 00:12:03 asp clamd[28055]: Portable Executable support enabled.
Oct 28 00:12:03 asp clamd[28055]: Detection of broken executables enabled.
Oct 28 00:12:03 asp clamd[28055]: Mail files support enabled.
Oct 28 00:12:03 asp clamd[28055]: OLE2 support enabled.
Oct 28 00:12:03 asp clamd[28055]: HTML support enabled.
Oct 28 00:12:03 asp clamd[28055]: Self checking every 1800 seconds.











00:12:13




#tail -f /var/log/maillog





Oct 27 23:49:16 asp mimedefang.pl[27240]: filter: k9RKmEot027524:  tempfail=1
Oct 27 23:49:16 asp mimedefang[27253]: k9RKmEot027524: Tempfailing because filter instructed us to
Oct 27 23:49:16 asp sendmail[27524]: k9RKmEot027524: Milter: data, reject=451 4.3.0 Problem running virus-scanner
Oct 27 23:49:16 asp sendmail[27524]: k9RKmEot027524: to=root@asp.linux.nt, delay=00:00:20, pri=30022, stat=Problem running virus-scanner
Oct 28 00:11:18 asp clamd[27427]: Shutting down the main socket.
Oct 28 00:11:18 asp clamd[27427]: Closing the main socket.
Oct 28 00:11:18 asp clamd[27427]: Socket file removed.
Oct 28 00:11:18 asp clamd[27427]: Can't unlink the pid file /var/run/clamav/clamd.pid
Oct 28 00:11:18 asp clamd[27427]: Exiting (clean)
Oct 28 00:11:18 asp clamd[27427]: --- Stopped at Sat Oct 28 00:11:18 2006











00:12:34




#ps -ax





Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.5/FAQ
  PID TTY      STAT   TIME COMMAND
    1 ?        S      0:00 init [5]
    2 ?        SN     0:00 [ksoftirqd/0]
    3 ?        S<     0:00 [events/0]
    4 ?        S<     0:00 [khelper]
    5 ?        S<     0:00 [kthread]
    7 ?        S<     0:00 [kacpid]
   80 ?        S<     0:00 [kblockd/0]
   83 ?        S<     0:00 [khubd]
...
27264 ?        S      0:01 /usr/bin/perl /usr/bin/mimedefang.pl -server
27288 ?        Ss     0:00 sendmail: accepting connections
27295 ?        Ss     0:00 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue
27325 pts/5    S+     0:00 /bin/vi mimedefang.spec
27590 ?        Ss     0:00 sshd: root@pts/9
27593 pts/9    Ss+    0:00 script -f -q /root/.lilalo//93929998153653587-1161982837.script
27653 pts/9    S+     0:00 script -f -q /root/.lilalo//93929998153653587-1161982837.script
27654 pts/10   Ss+    0:00 bash -i
28055 ?        Ss     0:00 clamd
28099 pts/8    R+     0:00 ps -ax











/dev/pts/9
00:12:34




#telnet 192.168.15.150





Trying 192.168.15.150...
telnet: connect to address 192.168.15.150: Connection refused
telnet: Unable to connect to remote host: Connection refused











/dev/pts/7
00:12:40




#tail -f /var/log/maillog





Oct 27 23:49:16 asp mimedefang.pl[27240]: filter: k9RKmEot027524:  tempfail=1
Oct 27 23:49:16 asp mimedefang[27253]: k9RKmEot027524: Tempfailing because filter instructed us to
Oct 27 23:49:16 asp sendmail[27524]: k9RKmEot027524: Milter: data, reject=451 4.3.0 Problem running virus-scanner
Oct 27 23:49:16 asp sendmail[27524]: k9RKmEot027524: to=root@asp.linux.nt, delay=00:00:20, pri=30022, stat=Problem running virus-scanner
Oct 28 00:11:18 asp clamd[27427]: Shutting down the main socket.
Oct 28 00:11:18 asp clamd[27427]: Closing the main socket.
Oct 28 00:11:18 asp clamd[27427]: Socket file removed.
Oct 28 00:11:18 asp clamd[27427]: Can't unlink the pid file /var/run/clamav/clamd.pid
Oct 28 00:11:18 asp clamd[27427]: Exiting (clean)
Oct 28 00:11:18 asp clamd[27427]: --- Stopped at Sat Oct 28 00:11:18 2006











00:12:55




#tail -f /var/log/messages





Oct 28 00:12:03 asp clamd[28055]: Archive support enabled.
Oct 28 00:12:03 asp clamd[28055]: Archive: RAR support disabled.
Oct 28 00:12:03 asp clamd[28055]: Archive: Blocking encrypted archives.
Oct 28 00:12:03 asp clamd[28055]: Archive: Blocking archives that exceed limits.
Oct 28 00:12:03 asp clamd[28055]: Portable Executable support enabled.
Oct 28 00:12:03 asp clamd[28055]: Detection of broken executables enabled.
Oct 28 00:12:03 asp clamd[28055]: Mail files support enabled.
Oct 28 00:12:03 asp clamd[28055]: OLE2 support enabled.
Oct 28 00:12:03 asp clamd[28055]: HTML support enabled.
Oct 28 00:12:03 asp clamd[28055]: Self checking every 1800 seconds.
^[[B:q











/dev/pts/9
00:12:58




#telnet 192.168.15.150 25





Trying 192.168.15.150...
Connected to asp.linux.nt (192.168.15.150).
Escape character is '^]'.
220 asp.linux.nt ESMTP Sendmail 8.13.7/8.13.7; Sat, 28 Oct 2006 00:13:03 +0300
MAIL FROM : iudr@mail.ru
250 2.1.0 iudr@mail.ru... Sender ok
RCPT TO : root@asp.linux.nt
250 2.1.5 root@asp.linux.nt... Recipient ok
DATA
354 Enter mail, end with "." on a line by itself
Subject: SPAM
.
451 4.3.0 Problem running virus-scanner
Connection closed by foreign host.











/dev/pts/7
00:13:07




#ps ax grep cla





ERROR: Process ID list syntax error.
********* simple selection *********  ********* selection by list *********
-A all processes                      -C by command name
-N negate selection                   -G by real group ID (supports names)
-a all w/ tty except session leaders  -U by real user ID (supports names)
-d all except session leaders         -g by session OR by effective group name
-e all processes                      -p by process ID
T  all processes on this terminal     -s processes in the sessions given
a  all w/ tty, including other users  -t by tty
g  OBSOLETE -- DO NOT USE             -u by effective user ID (supports names)
...
-o,o user-defined  -f full            --Group --User --pid --cols --ppid
-j,j job control   s  signal          --group --user --sid --rows --info
-O,O preloaded -o  v  virtual memory  --cumulative --format --deselect
-l,l long          u  user-oriented   --sort --tty --forest --version
-F   extra full    X  registers       --heading --no-heading --context
                    ********* misc options *********
-V,V  show version      L  list format codes  f  ASCII art forest
-m,m,-L,-T,H  threads   S  children in sum    -y change -l format
-M,Z  security data     c  true command name  -c scheduling class
-w,w  wide output       n  numeric WCHAN,UID  -H process hierarchy











00:13:16




#ps ax |


28055 ?        Ss     0:00 clamd
28135 pts/8    R+     0:00 grep cla











/dev/pts/2
00:13:52




#/etc/init.d/sendmail restart


Oct 27 23:49:16 asp mimedefang[27253]: k9RKmEot027524: Tempfailing because filter instructed us to
Oct 27 23:49:16 asp sendmail[27524]: k9RKmEot027524: Milter: data, reject=451 4.3.0 Problem running virus-scanner
Oct 27 23:49:16 asp sendmail[27524]: k9RKmEot027524: to=root@asp.linux.nt, delay=00:00:20, pri=30022, stat=Problem running virus-scanner
Oct 28 00:11:18 asp clamd[27427]: Shutting down the main socket.
Oct 28 00:11:18 asp clamd[27427]: Closing the main socket.
Oct 28 00:11:18 asp clamd[27427]: Socket file removed.
Oct 28 00:11:18 asp clamd[27427]: Can't unlink the pid file /var/run/clamav/clamd.pid
Oct 28 00:11:18 asp clamd[27427]: Exiting (clean)
Oct 28 00:11:18 asp clamd[27427]: --- Stopped at Sat Oct 28 00:11:18 2006
Oct 28 00:13:23 asp sendmail[28120]: k9RLD3e8028120: Authentication-Warning: asp.linux.nt: asp.linux.nt [192.168.15.150] didn't use HELO protocol
...
Oct 28 00:14:20 asp mimedefang.pl[27240]: Problem running virus scanner: code=226, category=swerr, action=tempfail
Oct 28 00:14:20 asp mimedefang.pl[27240]: filter: k9RLEJ3f028194:  tempfail=1
Oct 28 00:14:20 asp mimedefang[27253]: k9RLEJ3f028194: Tempfailing because filter instructed us to
Oct 28 00:14:20 asp sendmail[28194]: k9RLEJ3f028194: Milter: data, reject=451 4.3.0 Problem running virus-scanner
Oct 28 00:14:20 asp sendmail[28194]: k9RLEJ3f028194: to=<root@asp.linux.nt>, delay=00:00:01, pri=30300, stat=Problem running virus-scanner
Oct 28 00:14:20 asp sm-msp-queue[28193]: k9RK3pQi026361: to=root, ctladdr=root (0/0), delay=01:10:29, xdelay=00:00:01, mailer=relay, pri=480030, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: 451 4.3.0 Problem running virus-scanner
Останавливается sm-client:                  [  ОК  ]
Останавливается sendmail:                   [  ОК  ]
Запускается sendmail:                           [  ОК  ]
Запускается sm-client:                          [  ОК  ]











00:14:19




#vi /etc/mail/mimedefang-filter


143,146c143,146
<     if ($action eq "tempfail") {
< 	action_tempfail("Problem running virus-scanner");
< 	md_syslog('warning', "Problem running virus scanner: code=$code, category=$category, action=$action");
<     }
---
> #    if ($action eq "tempfail") {
> #	action_tempfail("Problem running virus-scanner");
> #	md_syslog('warning', "Problem running virus scanner: code=$code, category=$category, action=$action");
>  #   }









00:15:36




#/etc/init.d/mimedefang restart


Oct 27 23:49:16 asp mimedefang[27253]: k9RKmEot027524: Tempfailing because filter instructed us to
Oct 27 23:49:16 asp sendmail[27524]: k9RKmEot027524: Milter: data, reject=451 4.3.0 Problem running virus-scanner
Oct 27 23:49:16 asp sendmail[27524]: k9RKmEot027524: to=root@asp.linux.nt, delay=00:00:20, pri=30022, stat=Problem running virus-scanner
Oct 28 00:11:18 asp clamd[27427]: Shutting down the main socket.
Oct 28 00:11:18 asp clamd[27427]: Closing the main socket.
Oct 28 00:11:18 asp clamd[27427]: Socket file removed.
Oct 28 00:11:18 asp clamd[27427]: Can't unlink the pid file /var/run/clamav/clamd.pid
Oct 28 00:11:18 asp clamd[27427]: Exiting (clean)
Oct 28 00:11:18 asp clamd[27427]: --- Stopped at Sat Oct 28 00:11:18 2006
Oct 28 00:13:23 asp sendmail[28120]: k9RLD3e8028120: Authentication-Warning: asp.linux.nt: asp.linux.nt [192.168.15.150] didn't use HELO protocol
...
Oct 28 00:15:49 asp mimedefang-multiplexor[27239]: Slave 0 resource usage: req=12, scans=12, user=1.920, sys=0.188, nswap=0, majflt=0, minflt=18742, maxrss=0, bi=0, bo=0
Oct 28 00:15:49 asp mimedefang-multiplexor[28269]: started; minSlaves=2, maxSlaves=10, maxRequests=500, maxIdleTime=300, busyTimeout=600, clientTimeout=10
Oct 28 00:15:49 asp mimedefang-multiplexor[28269]: Starting slave 0 (pid 28270) (1 running): Bringing slaves up to minSlaves (2)
Oct 28 00:15:49 asp mimedefang[28283]: MIMEDefang alive. slavesReservedForLoopback=-1 AllowNewConnectionsToQueue=0 doRelayCheck=0 doHeloCheck=0 doSenderCheck=0 doRecipientCheck=0
Oct 28 00:15:49 asp mimedefang[28283]: Multiplexor alive - entering main loop
Shutting down mimedefang:                                  [  ОК  ]
Shutting down mimedefang-multiplexor:                      [  ОК  ]
Waiting for daemons to exit
Starting mimedefang-multiplexor:                           [  ОК  ]
Starting mimedefang:                                       [  ОК  ]











00:15:50




#/etc/init.d/sendmail restart


Oct 27 23:49:16 asp mimedefang[27253]: k9RKmEot027524: Tempfailing because filter instructed us to
Oct 27 23:49:16 asp sendmail[27524]: k9RKmEot027524: Milter: data, reject=451 4.3.0 Problem running virus-scanner
Oct 27 23:49:16 asp sendmail[27524]: k9RKmEot027524: to=root@asp.linux.nt, delay=00:00:20, pri=30022, stat=Problem running virus-scanner
Oct 28 00:11:18 asp clamd[27427]: Shutting down the main socket.
Oct 28 00:11:18 asp clamd[27427]: Closing the main socket.
Oct 28 00:11:18 asp clamd[27427]: Socket file removed.
Oct 28 00:11:18 asp clamd[27427]: Can't unlink the pid file /var/run/clamav/clamd.pid
Oct 28 00:11:18 asp clamd[27427]: Exiting (clean)
Oct 28 00:11:18 asp clamd[27427]: --- Stopped at Sat Oct 28 00:11:18 2006
Oct 28 00:13:23 asp sendmail[28120]: k9RLD3e8028120: Authentication-Warning: asp.linux.nt: asp.linux.nt [192.168.15.150] didn't use HELO protocol
...
Oct 28 00:16:00 asp mimedefang-multiplexor[28269]: Slave 0 stderr: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /root/.spamassassin/auto-whitelist.lock.asp.linux.nt.28270 for /root/.spamassassin/auto-whitelist.lock: Permission denied
Oct 28 00:16:00 asp mimedefang.pl[28270]: MDLOG,k9RLFwAs028327,mail_in,,,<root@asp.linux.nt>,<root@asp.linux.nt>,tets
Oct 28 00:16:00 asp sendmail[28327]: k9RLFwAs028327: Milter delete (noop): header: X-Spam-Score
Oct 28 00:16:00 asp sendmail[28327]: k9RLFwAs028327: Milter add: header: X-Scanned-By: MIMEDefang 2.57 on 192.168.15.150
Oct 28 00:16:00 asp sm-msp-queue[28326]: k9RK3pQi026361: to=root, ctladdr=root (0/0), delay=01:12:09, xdelay=00:00:00, mailer=relay, pri=570030, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (k9RLFwAs028327 Message accepted for delivery)
Oct 28 00:16:00 asp sendmail[28349]: k9RLFwAs028327: to=<root@asp.linux.nt>, ctladdr=<root@asp.linux.nt> (0/0), delay=00:00:00, xdelay=00:00:00, mailer=local, pri=30557, dsn=2.0.0, stat=Sent
Останавливается sm-client:                  [  ОК  ]
Останавливается sendmail:                   [  ОК  ]
Запускается sendmail:                           [  ОК  ]
Запускается sm-client:                          [  ОК  ]











00:15:58




#mail


Mail version 8.1 6/6/93.  Type ? for help.
"/var/spool/mail/root": 10 messages 7 new 9 unread
 U  1 root@asp.linux.nt     Fri Oct 27 22:09  21/710   "test"
 U  2 root@asp.linux.nt     Fri Oct 27 22:13  22/720   "test"
    3 root@asp.linux.nt     Fri Oct 27 22:14  42/1305  "Re: test"
>N  4 root@asp.linux.nt     Fri Oct 27 22:37  18/673   "test"
 N  5 root@asp.linux.nt     Fri Oct 27 22:37  36/1105  "kjhkjhkg gjg"
 N  6 root@asp.linux.nt     Sat Oct 28 00:16  17/613   "trew"
 N  7 root@asp.linux.nt     Sat Oct 28 00:16  17/614   "wef"
 N  8 root@asp.linux.nt     Sat Oct 28 00:16  17/621   "ss"
...
At EOF
&
At EOF
&
At EOF
&
At EOF
& q
Saved 7 messages in mbox
Held 3 messages in /var/spool/mail/root











00:16:22




#mutt


Оставлено: 4, удалено: 0.
You have mail in /var/spool/mail/root











00:17:15




#ps -ax


Warning: bad syntax, perhaps a bogus '-'? See /usr/share/doc/procps-3.2.5/FAQ
  PID TTY      STAT   TIME COMMAND
    1 ?        S      0:00 init [5]
    2 ?        SN     0:00 [ksoftirqd/0]
    3 ?        S<     0:00 [events/0]
    4 ?        S<     0:00 [khelper]
    5 ?        S<     0:00 [kthread]
    7 ?        S<     0:00 [kacpid]
   80 ?        S<     0:00 [kblockd/0]
   83 ?        S<     0:00 [khubd]
...
27654 pts/10   Ss+    0:00 bash -i
28055 ?        Ss     0:00 clamd
28143 pts/8    S+     0:00 tail -f /var/log/maillog
28269 ?        S      0:00 /usr/bin/mimedefang-multiplexor -p /var/spool/MIMEDefang/mimedefang-multiplexor.pid -m 2 -x 10 -U defang -b 600 -l -s /va
28270 ?        S      0:03 /usr/bin/perl /usr/bin/mimedefang.pl -server
28283 ?        Sl     0:00 /usr/bin/mimedefang -P /var/spool/MIMEDefang/mimedefang.pid -m /var/spool/MIMEDefang/mimedefang-multiplexor.sock -R -1 -U
28294 ?        S      0:01 /usr/bin/perl /usr/bin/mimedefang.pl -server
28318 ?        Ss     0:00 sendmail: accepting connections
28325 ?        Ss     0:00 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue
28381 pts/1    R+     0:00 ps -ax











00:17:53




#mail root


Oct 28 00:13:23 asp sendmail[28120]: k9RLD3e8028120: Authentication-Warning: asp.linux.nt: asp.linux.nt [192.168.15.150] didn't use HELO protocol
Oct 28 00:13:52 asp sendmail[28145]: k9RLDqUa028145: from=root, size=29, class=0, nrcpts=1, msgid=<200610272113.k9RLDqUa028145@asp.linux.nt>, relay=root@localhost
Oct 28 00:13:52 asp sendmail[28151]: k9RLDq9A028151: from=<root@asp.linux.nt>, size=299, class=0, nrcpts=1, msgid=<200610272113.k9RLDqUa028145@asp.linux.nt>, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1]
Oct 28 00:13:52 asp mimedefang.pl[27240]: Problem running virus scanner: code=226, category=swerr, action=tempfail
Oct 28 00:13:52 asp mimedefang.pl[27240]: filter: k9RLDq9A028151:  tempfail=1
Oct 28 00:13:52 asp mimedefang[27253]: k9RLDq9A028151: Tempfailing because filter instructed us to
Oct 28 00:13:52 asp sendmail[28151]: k9RLDq9A028151: Milter: data, reject=451 4.3.0 Problem running virus-scanner
Oct 28 00:13:52 asp sendmail[28151]: k9RLDq9A028151: to=<root@asp.linux.nt>, delay=00:00:00, pri=30299, stat=Problem running virus-scanner
Oct 28 00:13:52 asp sendmail[28145]: k9RLDqUa028145: to=root, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30029, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: 451 4.3.0 Problem running virus-scanner
Oct 28 00:14:06 asp sendmail[28120]: k9RLD3e8028120: from=iudr@mail.ru, size=15, class=0, nrcpts=1, msgid=<200610272113.k9RLD3e8028120@asp.linux.nt>, proto=SMTP, daemon=MTA, relay=asp.linux.nt [192.168.15.150]
...
Oct 28 00:18:12 asp sendmail[28395]: k9RLICIN028395: from=<root@asp.linux.nt>, size=307, class=0, nrcpts=1, msgid=<200610272118.k9RLICja028389@asp.linux.nt>, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1]
Oct 28 00:18:12 asp mimedefang-multiplexor[28269]: Slave 0 stderr: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /root/.spamassassin/auto-whitelist.lock.asp.linux.nt.28270 for /root/.spamassassin/auto-whitelist.lock: Permission denied
Oct 28 00:18:12 asp mimedefang.pl[28270]: MDLOG,k9RLICIN028395,mail_in,,,<root@asp.linux.nt>,<root@asp.linux.nt>,sdfsdf sdf
Oct 28 00:18:12 asp sendmail[28395]: k9RLICIN028395: Milter delete (noop): header: X-Spam-Score
Oct 28 00:18:12 asp sendmail[28395]: k9RLICIN028395: Milter add: header: X-Scanned-By: MIMEDefang 2.57 on 192.168.15.150
Oct 28 00:18:12 asp sendmail[28389]: k9RLICja028389: to=root, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30037, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (k9RLICIN028395 Message accepted for delivery)
Oct 28 00:18:12 asp sendmail[28399]: k9RLICIN028395: to=<root@asp.linux.nt>, ctladdr=<root@asp.linux.nt> (0/0), delay=00:00:00, xdelay=00:00:00, mailer=local, pri=30564, dsn=2.0.0, stat=Sent
Subject: sdfsdf sdf
sdfsdf
Cc:











00:18:12




#freshclam


ClamAV update process started at Sat Oct 28 00:18:45 2006
Downloading main.cvd [*]
main.cvd updated (version: 40, sigs: 64138, f-level: 8, builder: tkojm)











00:21:55




#mail


Mail version 8.1 6/6/93.  Type ? for help.
"/var/spool/mail/root": 5 messages 1 new 3 unread
 U  1 root@asp.linux.nt     Fri Oct 27 22:09  21/710   "test"
 U  2 root@asp.linux.nt     Fri Oct 27 22:13  22/720   "test"
    3 root@asp.linux.nt     Fri Oct 27 22:14  43/1317  "Re: test"
    4 root@asp.linux.nt     Sat Oct 28 00:16  58/1970  "Re: test"
>N  5 root@asp.linux.nt     Sat Oct 28 00:18  17/622   "sdfsdf sdf"
&
Message 5:
From root@asp.linux.nt  Sat Oct 28 00:18:12 2006
Date: Sat, 28 Oct 2006 00:18:12 +0300
From: root <root@asp.linux.nt>
To: root@asp.linux.nt
Subject: sdfsdf sdf
X-Scanned-By: MIMEDefang 2.57 on 192.168.15.150
sdfsdf
& q
Saved 1 message in mbox
Held 4 messages in /var/spool/mail/root









прошло 64 минуты




/dev/pts/3
01:26:53




#tail -f /var/log/mail.log





tail: невозможно открыть `/var/log/mail.log' для чтения: Нет такого файла или каталога
tail: больше нет файлов











01:29:41




#tail -f /var/log/mail





mail/    maillog









прошло 48 минут




/dev/pts/3
02:18:05




#mail


Mail version 8.1 6/6/93.  Type ? for help.
"/var/spool/mail/root": 5 messages 1 new 3 unread
 U  1 root@asp.linux.nt     Fri Oct 27 22:09  21/710   "test"
 U  2 root@asp.linux.nt     Fri Oct 27 22:13  22/720   "test"
    3 root@asp.linux.nt     Fri Oct 27 22:14  43/1317  "Re: test"
    4 root@asp.linux.nt     Sat Oct 28 00:16  58/1970  "Re: test"
>N  5 sergey.cherepenin@gm  Sat Oct 28 02:17  13/533
&
Message 5:
From sergey.cherepenin@gmail.com  Sat Oct 28 02:17:49 2006
Date: Sat, 28 Oct 2006 02:16:52 +0300
From: sergey.cherepenin@gmail.com
X-Authentication-Warning: asp.linux.nt: [192.168.15.15] didn't use HELO protocol
X-Scanned-By: MIMEDefang 2.57 on 192.168.15.150
testishe!
& q
Saved 1 message in mbox
Held 4 messages in /var/spool/mail/root











02:18:25




#cd /usr/src/





asplinux/          debug/             mimedefang-2.57/   Unix-Syslog-0.100/











02:18:25




#yum insatall clamav





usage: yum [options] < update | install | info | remove | list |
    clean | provides | search | check-update | groupinstall |
    groupupdate | grouplist | groupinfo | groupremove |
    makecache | localinstall | erase | upgrade | whatprovides |
    localupdate | resolvedep | shell | deplist >
options:
  -h, --help            show this help message and exit
  -t, --tolerant        be tolerant of errors
  -C                    run entirely from cache, don't update cache
  -c  [config file]     config file location
  -R  [minutes]         maximum command wait time
  -d  [debug level]     debugging output level
  -e  [error level]     error output level
  -y                    answer yes for all questions
  --version             show Yum version and exit
  --installroot=[path]  set install root
  --enablerepo=[repo]   enable one or more repositories (wildcards allowed)
  --disablerepo=[repo]  disable one or more repositories (wildcards allowed)
  --exclude=[package]   exclude package(s) by name or glob
  --obsoletes           enable obsoletes processing during updates
  --noplugins           disable Yum plugins











02:18:52




#yum install clamav





Setting up Install Process
Setting up repositories
base                      100% |=========================|  951 B    00:00
updates-released          100% |=========================|  951 B    00:00
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Package clamav.i386 70:0.88.5-1.110asp set to be updated
--> Running transaction check
--> Processing Dependency: clamav = 0.88.5-1.rh9.rf for package: clamd
--> Finished Dependency Resolution
Error: Missing Dependency: clamav = 0.88.5-1.rh9.rf is needed by package clamd











02:19:27




#yum install clamad


Setting up Install Process
Setting up repositories
Reading repository metadata in from local files
Parsing package install arguments
No Match for argument: clamad
Nothing to do











02:19:54




#yum install clamd


Setting up Install Process
Setting up repositories
Reading repository metadata in from local files
Parsing package install arguments
No Match for argument: clamd
Nothing to do











02:19:59




#ps aux | grep clamd


defang   28055  0.0  0.5  17644  5964 ?        Ss   00:12   0:00 clamd
root     29237  0.0  0.0   3788   752 pts/4    R+   02:20   0:00 grep clamd











02:20:11




#/etc/init.d/clamd restart


Stopping Clam AntiVirus Daemon:                            [  ОК  ]
Starting Clam AntiVirus Daemon: LibClamAV Warning: **************************************************
LibClamAV Warning: ***  The virus database is older than 7 days.  ***
LibClamAV Warning: ***        Please update it IMMEDIATELY!       ***
LibClamAV Warning: **************************************************
                                                           [  ОК  ]











02:20:26




#freshclam





ClamAV update process started at Sat Oct 28 02:20:37 2006
main.cvd is up to date (version: 40, sigs: 64138, f-level: 8, builder: tkojm)
daily.cvd is up to date (version: 2126, sigs: 10476, f-level: 8, builder: sven)











02:20:38




#/etc/init.d/clamd restart


Stopping Clam AntiVirus Daemon:                            [  ОК  ]
Starting Clam AntiVirus Daemon: LibClamAV Warning: **************************************************
LibClamAV Warning: ***  The virus database is older than 7 days.  ***
LibClamAV Warning: ***        Please update it IMMEDIATELY!       ***
LibClamAV Warning: **************************************************
                                                           [  ОК  ]











02:20:53




#/etc/init.d/sendmail stop


Останавливается sm-client:                  [  ОК  ]
Останавливается sendmail:                   [  ОК  ]











02:24:49




#/etc/init.d/clamd stop


Stopping Clam AntiVirus Daemon:                            [  ОК  ]











02:25:02




#/etc/init.d/mimedefang stop


Shutting down mimedefang:                                  [  ОК  ]
Shutting down mimedefang-multiplexor:                      [  ОК  ]











02:25:19




#vi /etc/mail/mimedefang-filter


143,145c143,145
< #    if ($action eq "tempfail") {
< #	action_tempfail("Problem running virus-scanner");
< #	md_syslog('warning', "Problem running virus scanner: code=$code, category=$category, action=$action");
---
>     if ($action eq "tempfail") {
> 	action_tempfail("Problem running virus-scanner");
> 	md_syslog('warning', "Problem running virus scanner: code=$code, category=$category, action=$action");









02:26:03




#/etc/init.d/mimedefang start


Oct 28 02:17:49 asp mimedefang.pl[28270]: MDLOG,k9RNGqD1029091,mail_in,,,sergey.cherepenin@gmail.com,root@localhost,
Oct 28 02:17:49 asp sendmail[29091]: k9RNGqD1029091: Milter delete (noop): header: X-Spam-Score
Oct 28 02:17:49 asp sendmail[29091]: k9RNGqD1029091: Milter add: header: X-Scanned-By: MIMEDefang 2.57 on 192.168.15.150
Oct 28 02:17:49 asp sendmail[29099]: k9RNGqD1029091: to=root@localhost, delay=00:00:17, xdelay=00:00:00, mailer=local, pri=30444, dsn=2.0.0, stat=Sent
Oct 28 02:25:17 asp mimedefang[28283]: MIMEDefang-2.57: mi_stop=1
Oct 28 02:25:19 asp mimedefang-multiplexor[28269]: Received SIGTERM: Stopping slaves and terminating
Oct 28 02:25:19 asp mimedefang-multiplexor[28269]: Reap: slave 1 (pid 28294) exited normally with status 0
Oct 28 02:25:19 asp mimedefang-multiplexor[28269]: Slave 1 resource usage: req=0, scans=0, user=1.540, sys=0.100, nswap=0, majflt=0, minflt=5052, maxrss=0, bi=0, bo=0
Oct 28 02:25:19 asp mimedefang-multiplexor[28269]: Reap: slave 0 (pid 28270) exited normally with status 0
Oct 28 02:25:19 asp mimedefang-multiplexor[28269]: Slave 0 resource usage: req=8, scans=8, user=3.608, sys=0.276, nswap=0, majflt=0, minflt=30693, maxrss=0, bi=0, bo=0
...
Oct 28 02:27:17 asp mimedefang-multiplexor[29514]: Starting slave 0 (pid 29539) (1 running): Bringing slaves up to minSlaves (2)
Oct 28 02:27:18 asp mimedefang-multiplexor[29514]: Slave 0 stderr: Missing right curly or square bracket at /etc/mail/mimedefang-filter line 343, at end of line syntax error at /etc/mail/mimedefang-filter line 343, at EOF Compilation failed in require at /usr/bin/mimedefang.pl line 5012.
Oct 28 02:27:18 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29539) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:27:18 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.684, sys=0.044, nswap=0, majflt=0, minflt=2499, maxrss=0, bi=0, bo=0
Oct 28 02:27:20 asp mimedefang-multiplexor[29514]: Starting slave 0 (pid 29540) (1 running): Bringing slaves up to minSlaves (2)
Oct 28 02:27:21 asp mimedefang-multiplexor[29514]: Slave 0 stderr: Missing right curly or square bracket at /etc/mail/mimedefang-filter line 343, at end of line syntax error at /etc/mail/mimedefang-filter line 343, at EOF Compilation failed in require at /usr/bin/mimedefang.pl line 5012.
Oct 28 02:27:21 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29540) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:27:21 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.720, sys=0.036, nswap=0, majflt=0, minflt=2490, maxrss=0, bi=0, bo=0
Starting mimedefang-multiplexor:                           [  ОК  ]
Starting mimedefang:                                       [  ОК  ]











/dev/pts/5
02:26:38




#tail -f /var/log/mail





mail/    maillog











02:26:38




#tail -f /var/log/maillog





Oct 28 02:17:49 asp mimedefang.pl[28270]: MDLOG,k9RNGqD1029091,mail_in,,,sergey.cherepenin@gmail.com,root@localhost,
Oct 28 02:17:49 asp sendmail[29091]: k9RNGqD1029091: Milter delete (noop): header: X-Spam-Score
Oct 28 02:17:49 asp sendmail[29091]: k9RNGqD1029091: Milter add: header: X-Scanned-By: MIMEDefang 2.57 on 192.168.15.150
Oct 28 02:17:49 asp sendmail[29099]: k9RNGqD1029091: to=root@localhost, delay=00:00:17, xdelay=00:00:00, mailer=local, pri=30444, dsn=2.0.0, stat=Sent
Oct 28 02:25:17 asp mimedefang[28283]: MIMEDefang-2.57: mi_stop=1
Oct 28 02:25:19 asp mimedefang-multiplexor[28269]: Received SIGTERM: Stopping slaves and terminating
Oct 28 02:25:19 asp mimedefang-multiplexor[28269]: Reap: slave 1 (pid 28294) exited normally with status 0
Oct 28 02:25:19 asp mimedefang-multiplexor[28269]: Slave 1 resource usage: req=0, scans=0, user=1.540, sys=0.100, nswap=0, majflt=0, minflt=5052, maxrss=0, bi=0, bo=0
Oct 28 02:25:19 asp mimedefang-multiplexor[28269]: Reap: slave 0 (pid 28270) exited normally with status 0
Oct 28 02:25:19 asp mimedefang-multiplexor[28269]: Slave 0 resource usage: req=8, scans=8, user=3.608, sys=0.276, nswap=0, majflt=0, minflt=30693, maxrss=0, bi=0, bo=0
...
Oct 28 02:27:39 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.716, sys=0.060, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
Oct 28 02:27:41 asp mimedefang-multiplexor[29514]: Starting slave 0 (pid 29549) (1 running): Bringing slaves up to minSlaves (2)
Oct 28 02:27:42 asp mimedefang-multiplexor[29514]: Slave 0 stderr: Missing right curly or square bracket at /etc/mail/mimedefang-filter line 343, at end of line syntax error at /etc/mail/mimedefang-filter line 343, at EOF Compilation failed in require at /usr/bin/mimedefang.pl line 5012.
Oct 28 02:27:42 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29549) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:27:42 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.668, sys=0.068, nswap=0, majflt=0, minflt=2496, maxrss=0, bi=0, bo=0
Oct 28 02:27:44 asp mimedefang-multiplexor[29514]: Starting slave 0 (pid 29550) (1 running): Bringing slaves up to minSlaves (2)
Oct 28 02:27:45 asp mimedefang-multiplexor[29514]: Slave 0 stderr: Missing right curly or square bracket at /etc/mail/mimedefang-filter line 343, at end of line syntax error at /etc/mail/mimedefang-filter line 343, at EOF Compilation failed in require at /usr/bin/mimedefang.pl line 5012.
Oct 28 02:27:45 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29550) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:27:45 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.680, sys=0.056, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
Oct 28 02:27:47 asp mimedefang-multiplexor[29514]: Starting slave 0 (pid 29551) (1 running): Bringing slaves up to minSlaves (2)











/dev/pts/3
02:27:15




#/etc/init.d/mimedefang stop


Oct 28 02:27:48 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29551) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:27:48 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.708, sys=0.052, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Starting slave 0 (pid 29557) (1 running): Bringing slaves up to minSlaves (2)
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Slave 0 stderr: Missing right curly or square bracket at /etc/mail/mimedefang-filter line 343, at end of line syntax error at /etc/mail/mimedefang-filter line 343, at EOF Compilation failed in require at /usr/bin/mimedefang.pl line 5012.
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29557) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.704, sys=0.036, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Starting slave 0 (pid 29558) (1 running): Bringing slaves up to minSlaves (2)
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Slave 0 stderr: Missing right curly or square bracket at /etc/mail/mimedefang-filter line 343, at end of line syntax error at /etc/mail/mimedefang-filter line 343, at EOF Compilation failed in require at /usr/bin/mimedefang.pl line 5012.
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29558) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.696, sys=0.056, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
...
Oct 28 02:28:00 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29562) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:28:00 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.704, sys=0.056, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
Oct 28 02:28:03 asp mimedefang-multiplexor[29514]: Starting slave 0 (pid 29569) (1 running): Bringing slaves up to minSlaves (2)
Oct 28 02:28:03 asp mimedefang-multiplexor[29514]: Slave 0 stderr: Missing right curly or square bracket at /etc/mail/mimedefang-filter line 343, at end of line syntax error at /etc/mail/mimedefang-filter line 343, at EOF Compilation failed in require at /usr/bin/mimedefang.pl line 5012.
Oct 28 02:28:03 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29569) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:28:03 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.704, sys=0.036, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
Oct 28 02:28:04 asp mimedefang[29528]: MIMEDefang-2.57: mi_stop=1
Oct 28 02:28:05 asp mimedefang-multiplexor[29514]: Received SIGTERM: Stopping slaves and terminating
Shutting down mimedefang:                                  [  ОК  ]
Shutting down mimedefang-multiplexor:                      [  ОК  ]











/dev/pts/5
02:27:49




#tail -f /var/log/maillog





Oct 28 02:27:48 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29551) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:27:48 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.708, sys=0.052, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Starting slave 0 (pid 29557) (1 running): Bringing slaves up to minSlaves (2)
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Slave 0 stderr: Missing right curly or square bracket at /etc/mail/mimedefang-filter line 343, at end of line syntax error at /etc/mail/mimedefang-filter line 343, at EOF Compilation failed in require at /usr/bin/mimedefang.pl line 5012.
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29557) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.704, sys=0.036, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Starting slave 0 (pid 29558) (1 running): Bringing slaves up to minSlaves (2)
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Slave 0 stderr: Missing right curly or square bracket at /etc/mail/mimedefang-filter line 343, at end of line syntax error at /etc/mail/mimedefang-filter line 343, at EOF Compilation failed in require at /usr/bin/mimedefang.pl line 5012.
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29558) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.696, sys=0.056, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
...
Oct 28 02:30:00 asp sendmail[29671]: starting daemon (8.13.7): SMTP+queueing@01:00:00
Oct 28 02:30:00 asp sm-msp-queue[29678]: starting daemon (8.13.7): queueing@01:00:00
Oct 28 02:30:53 asp sendmail[29703]: k9RNUrf8029703: from=root, size=29, class=0, nrcpts=1, msgid=<200610272330.k9RNUrf8029703@asp.linux.nt>, relay=root@localhost
Oct 28 02:30:53 asp sendmail[29709]: k9RNUr1N029709: from=<root@asp.linux.nt>, size=299, class=0, nrcpts=1, msgid=<200610272330.k9RNUrf8029703@asp.linux.nt>, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1]
Oct 28 02:30:53 asp mimedefang.pl[29631]: Problem running virus scanner: code=226, category=swerr, action=tempfail
Oct 28 02:30:53 asp mimedefang.pl[29631]: filter: k9RNUr1N029709:  tempfail=1
Oct 28 02:30:53 asp mimedefang[29644]: k9RNUr1N029709: Tempfailing because filter instructed us to
Oct 28 02:30:53 asp sendmail[29709]: k9RNUr1N029709: Milter: data, reject=451 4.3.0 Problem running virus-scanner
Oct 28 02:30:53 asp sendmail[29709]: k9RNUr1N029709: to=<root@asp.linux.nt>, delay=00:00:00, pri=30299, stat=Problem running virus-scanner
Oct 28 02:30:53 asp sendmail[29703]: k9RNUrf8029703: to=root, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30029, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: 451 4.3.0 Problem running virus-scanner











/dev/pts/3
02:28:05




#vim


146c146
<  #   }
---
>     }









02:29:23




#/etc/init.d/mimedefang start


Oct 28 02:27:48 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29551) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:27:48 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.708, sys=0.052, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Starting slave 0 (pid 29557) (1 running): Bringing slaves up to minSlaves (2)
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Slave 0 stderr: Missing right curly or square bracket at /etc/mail/mimedefang-filter line 343, at end of line syntax error at /etc/mail/mimedefang-filter line 343, at EOF Compilation failed in require at /usr/bin/mimedefang.pl line 5012.
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29557) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.704, sys=0.036, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Starting slave 0 (pid 29558) (1 running): Bringing slaves up to minSlaves (2)
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Slave 0 stderr: Missing right curly or square bracket at /etc/mail/mimedefang-filter line 343, at end of line syntax error at /etc/mail/mimedefang-filter line 343, at EOF Compilation failed in require at /usr/bin/mimedefang.pl line 5012.
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29558) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.696, sys=0.056, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
...
Oct 28 02:28:03 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.704, sys=0.036, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
Oct 28 02:28:04 asp mimedefang[29528]: MIMEDefang-2.57: mi_stop=1
Oct 28 02:28:05 asp mimedefang-multiplexor[29514]: Received SIGTERM: Stopping slaves and terminating
Oct 28 02:29:36 asp mimedefang-multiplexor[29630]: started; minSlaves=2, maxSlaves=10, maxRequests=500, maxIdleTime=300, busyTimeout=600, clientTimeout=10
Oct 28 02:29:36 asp mimedefang-multiplexor[29630]: Starting slave 0 (pid 29631) (1 running): Bringing slaves up to minSlaves (2)
Oct 28 02:29:36 asp mimedefang[29644]: MIMEDefang alive. slavesReservedForLoopback=-1 AllowNewConnectionsToQueue=0 doRelayCheck=0 doHeloCheck=0 doSenderCheck=0 doRecipientCheck=0
Oct 28 02:29:36 asp mimedefang[29644]: Multiplexor alive - entering main loop
Oct 28 02:29:39 asp mimedefang-multiplexor[29630]: Starting slave 1 (pid 29655) (2 running): Bringing slaves up to minSlaves (2)
Starting mimedefang-multiplexor:                           [  ОК  ]
Starting mimedefang:                                       [  ОК  ]











02:29:37




#/etc/init.d/sendmail start


Oct 28 02:27:48 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29551) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:27:48 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.708, sys=0.052, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Starting slave 0 (pid 29557) (1 running): Bringing slaves up to minSlaves (2)
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Slave 0 stderr: Missing right curly or square bracket at /etc/mail/mimedefang-filter line 343, at end of line syntax error at /etc/mail/mimedefang-filter line 343, at EOF Compilation failed in require at /usr/bin/mimedefang.pl line 5012.
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29557) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.704, sys=0.036, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Starting slave 0 (pid 29558) (1 running): Bringing slaves up to minSlaves (2)
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Slave 0 stderr: Missing right curly or square bracket at /etc/mail/mimedefang-filter line 343, at end of line syntax error at /etc/mail/mimedefang-filter line 343, at EOF Compilation failed in require at /usr/bin/mimedefang.pl line 5012.
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29558) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.696, sys=0.056, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
...
Oct 28 02:29:36 asp mimedefang-multiplexor[29630]: Starting slave 0 (pid 29631) (1 running): Bringing slaves up to minSlaves (2)
Oct 28 02:29:36 asp mimedefang[29644]: MIMEDefang alive. slavesReservedForLoopback=-1 AllowNewConnectionsToQueue=0 doRelayCheck=0 doHeloCheck=0 doSenderCheck=0 doRecipientCheck=0
Oct 28 02:29:36 asp mimedefang[29644]: Multiplexor alive - entering main loop
Oct 28 02:29:39 asp mimedefang-multiplexor[29630]: Starting slave 1 (pid 29655) (2 running): Bringing slaves up to minSlaves (2)
Oct 28 02:30:00 asp sendmail[29667]: alias database /etc/aliases rebuilt by root
Oct 28 02:30:00 asp sendmail[29667]: /etc/aliases: 76 aliases, longest 10 bytes, 765 bytes total
Oct 28 02:30:00 asp sendmail[29671]: starting daemon (8.13.7): SMTP+queueing@01:00:00
Oct 28 02:30:00 asp sm-msp-queue[29678]: starting daemon (8.13.7): queueing@01:00:00
Запускается sendmail:                           [  ОК  ]
Запускается sm-client:                          [  ОК  ]











02:30:00




#/etc/init.d/clamd start


Starting Clam AntiVirus Daemon: LibClamAV Warning: **************************************************
LibClamAV Warning: ***  The virus database is older than 7 days.  ***
LibClamAV Warning: ***        Please update it IMMEDIATELY!       ***
LibClamAV Warning: **************************************************
                                                           [  ОК  ]











02:30:27




# mail root -s tets


Oct 28 02:27:48 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29551) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:27:48 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.708, sys=0.052, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Starting slave 0 (pid 29557) (1 running): Bringing slaves up to minSlaves (2)
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Slave 0 stderr: Missing right curly or square bracket at /etc/mail/mimedefang-filter line 343, at end of line syntax error at /etc/mail/mimedefang-filter line 343, at EOF Compilation failed in require at /usr/bin/mimedefang.pl line 5012.
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29557) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:27:51 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.704, sys=0.036, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Starting slave 0 (pid 29558) (1 running): Bringing slaves up to minSlaves (2)
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Slave 0 stderr: Missing right curly or square bracket at /etc/mail/mimedefang-filter line 343, at end of line syntax error at /etc/mail/mimedefang-filter line 343, at EOF Compilation failed in require at /usr/bin/mimedefang.pl line 5012.
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Reap: slave 0 (pid 29558) exited normally with status 255 (SLAVE DIED UNEXPECTEDLY)
Oct 28 02:27:54 asp mimedefang-multiplexor[29514]: Slave 0 resource usage: req=0, scans=0, user=0.696, sys=0.056, nswap=0, majflt=0, minflt=2491, maxrss=0, bi=0, bo=0
...
Oct 28 02:30:53 asp sendmail[29709]: k9RNUr1N029709: from=<root@asp.linux.nt>, size=299, class=0, nrcpts=1, msgid=<200610272330.k9RNUrf8029703@asp.linux.nt>, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1]
Oct 28 02:30:53 asp mimedefang.pl[29631]: Problem running virus scanner: code=226, category=swerr, action=tempfail
Oct 28 02:30:53 asp mimedefang.pl[29631]: filter: k9RNUr1N029709:  tempfail=1
Oct 28 02:30:53 asp mimedefang[29644]: k9RNUr1N029709: Tempfailing because filter instructed us to
Oct 28 02:30:53 asp sendmail[29709]: k9RNUr1N029709: Milter: data, reject=451 4.3.0 Problem running virus-scanner
Oct 28 02:30:53 asp sendmail[29709]: k9RNUr1N029709: to=<root@asp.linux.nt>, delay=00:00:00, pri=30299, stat=Problem running virus-scanner
Oct 28 02:30:53 asp sendmail[29703]: k9RNUrf8029703: to=root, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30029, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: 451 4.3.0 Problem running virus-scanner
rl;t
.
Cc:











02:30:53




#mime





Setting up Update Process
Setting up repositories
base                      100% |=========================|  951 B    00:00
updates-released          100% |=========================|  951 B    00:00
Reading repository metadata in from local files
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Package ipw2100-firmware.noarch 0:1.3-3 set to be updated
---> Package faad2.i386 0:2.0-4.2.110asp set to be updated
---> Package kdeaddons.i386 0:3.5.3-0.1.fc4 set to be updated
...
---> Downloading header for info to pack into transaction set.
info-4.8-8.fc4.2.i386.rpm 100% |=========================|  11 kB    00:00
---> Package info.i386 0:4.8-8.fc4.2 set to be updated
---> Downloading header for gnutls to pack into transaction set.
gnutls-1.0.25-2.110asp.i3 100% |=========================| 4.8 kB    00:00
---> Package gnutls.i386 0:1.0.25-2.110asp set to be updated
---> Downloading header for unrar to pack into transaction set.
mimedefang              mimedump                mimepostcard
mimedefang-multiplexor  mimeencode              mimesend
mimedefang.pl           mimeexplode











02:30:53




#mime





mimedefang              mimedump                mimepostcard
mimedefang-multiplexor  mimeencode              mimesend
mimedefang.pl           mimeexplode











02:30:53




#man m










/dev/pts/5
02:32:29




#yum search bash_completion


Searching Packages:
Setting up repositories
Reading repository metadata in from local files
No Matches found











02:32:56




#yum search completion


 * Session logging and reloading.
 * Extensible syntax processing for special purpose situations.
 * Access to the system shell with user-extensible alias system.
 * Easily embeddable in other Python programs.
 * Integrated access to the pdb debugger and the Python profiler.
kile.i386                                1.8.1-7.110asp         base
Matched from:
Kile is a user friendly (La)TeX editor.  The main features are:
  * Compile, convert and view your document with one click.
  * Auto-completion of (La)TeX commands
...
displayed as graphs. You can use your mouse to dereference pointers
or view structure contents, which are updated every time the program
stops. DDD can debug programs written in Ada, C, C++, Chill, Fortran,
Java, Modula, Pascal, Perl, and Python. DDD provides machine-level
debugging; hypertext source navigation and lookup; breakpoint,
watchpoint, backtrace, and history editors; array plots; undo and
redo; preferences and settings editors; program execution in the
terminal emulation window, debugging on a remote host, an on-line
manual, extensive help on the Motif user interface, and a command-line
interface with full editing, history and completion capabilities.











02:33:15




#yum search completion | less










02:34:02




#yum search bash_completion.noarch


Searching Packages:
Setting up repositories
Reading repository metadata in from local files
No Matches found











02:34:24




#yum install bash_completion.noarch


Setting up Install Process
Setting up repositories
Reading repository metadata in from local files
Parsing package install arguments
No Match for argument: bash_completion.noarch
Nothing to do











02:34:41




#yum install bash-completion.noarch


Setting up Install Process
Setting up repositories
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for bash-completion to pack into transaction set.
bash-completion-20060301- 100% |=========================|  19 kB    00:00
---> Package bash-completion.noarch 0:20060301-1.110asp set to be updated
--> Running transaction check
...
Is this ok [y/N]: y
Downloading Packages:
(1/1): bash-completion-20 100% |=========================| 141 kB    00:01
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing: bash-completion              ######################### [1/1]
Installed: bash-completion.noarch 0:20060301-1.110asp
Complete!











02:35:54




#. /etc/bash





bash_completion    bash_completion.d/ bashrc











02:35:54




#. /etc/bash_completion












02:36:05




#rpm -





-b  -e  -F  -i  -q  -t  -U  -V











02:36:05




#rpm -e





Display all 885 possibilities? (y or n)











02:36:05




#rpm -e m





m4                    mimedefang            mozilla-nss
mailcap               mimedefang-contrib    mpage
mailx                 mimedefang-debuginfo  mpeg2dec
make                  mingetty              mrtg
man                   minicom               mtools
man-pages             mjpegtools            mtr
man-pages-ru-asp      mkbootdisk            mt-st
mc                    mkinitrd              mutt
mdadm                 mktemp
metacity              module-init-tools











02:36:05




#rpm -e mimedefang mimedefang





mimedefang            mimedefang-contrib    mimedefang-debuginfo











02:36:05




#rpm -ev mimedefang mimedefang-contrib mimedefang-debuginfo


предупреждение: /etc/mail/sa-mimedefang.cf сохранен как /etc/mail/sa-mimedefang.cf.rpmsave
предупреждение: /etc/mail/mimedefang-filter сохранен как /etc/mail/mimedefang-filter.rpmsave











02:37:19




#cd /usr/src/mimedefang-2.57/












02:37:42




#ls


Changelog            Makefile.in                  README.IRIX
config.h.in          md-mx-ctrl.8.in              README.NONROOT
configure            md-mx-ctrl.c                 README.SECURITY
configure.in         mimedefang.8.in              README.SOPHIE
contrib              mimedefang.c                 README.SPAMASSASSIN
COPYING              mimedefang-filter.5.in       README.TRU64
drop_privs.c         mimedefang.h                 README.VEXIRA
embperl.c            mimedefang-multiplexor.8.in  redhat
event.c              mimedefang-multiplexor.c     rm_r.c
event.h              mimedefang-notify.7.in       SpamAssassin
eventpriv.h          mimedefang.pl.8.in           syslog-fac.c
event_tcp.c          mimedefang.pl.in             tests
event_tcp.h          mimedefang-protocol.7.in     utils.c
examples             notifier.c                   watch-mimedefang.8
gen-ip-validator.pl  README                       watch-mimedefang.in
install-sh           README.ANOMY











02:37:44




#vi README










02:39:35




#./configure


checking for gcc... gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether we are cross compiling... no
checking for suffix of executables...
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ANSI C... none needed
checking for ar... ar
...
File::Scan           YES
TROPHIE  'trophie'   NO (not found)
Make sure clamd runs as the defang user!
  ...and make sure you use clamd version 0.67 or higher.
Found Mail::SpamAssassin.  You may use spam_assassin_* functions
Found Anomy::HTMLCleaner.  You may use anomy_clean_html()
Found HTML::Parser.  You may use append_html_boilerplate()
Note: SpamAssassin, File::Scan, HTML::Parser and Anomy::HTMLCleaner are
detected at run-time, so if you install or remove any of those modules, you
do not need to re-run ./configure and make a new mimedefang.pl.











02:39:54




#make


gcc -g -O2 -Wall -Wstrict-prototypes -pthread -D_POSIX_PTHREAD_SEMANTICS -DEMBED_PERL -DSAFE_EMBED_PERL -DPERL_PATH=\"/usr/bin/perl\" -DMIMEDEFANG_PL=\"/usr/local/bin/mimedefang.pl\" -DRM=\"/bin/rm\" -DVERSION=\"2.57\" -DSPOOLDIR=\"/var/spool/MIMEDefang\" -DQDIR=\"/var/spool/MD-Quarantine\" -DCONFDIR=\"/etc/mail\"  -c -o mimedefang.o mimedefang.c
mimedefang.c: In function ‘rcptto’:
mimedefang.c:970: warning: pointer targets in passing argument 2 of ‘writestr’ differ in signedness
mimedefang.c:972: warning: pointer targets in passing argument 2 of ‘writestr’ differ in signedness
mimedefang.c:974: warning: pointer targets in passing argument 2 of ‘writestr’ differ in signedness
mimedefang.c:976: warning: pointer targets in passing argument 2 of ‘writestr’ differ in signedness
mimedefang.c:978: warning: pointer targets in passing argument 2 of ‘writestr’ differ in signedness
mimedefang.c: In function ‘header’:
mimedefang.c:1033: warning: pointer targets in passing argument 2 of ‘writestr’ differ in signedness
mimedefang.c:1035: warning: pointer targets in passing argument 2 of ‘writestr’ differ in signedness
...
gcc -g -O2 -Wall -Wstrict-prototypes -D_POSIX_PTHREAD_SEMANTICS -DEMBED_PERL -DSAFE_EMBED_PERL -DPERL_PATH=\"/usr/bin/perl\" -DMIMEDEFANG_PL=\"/usr/local/bin/mimedefang.pl\" -DRM=\"/bin/rm\" -DVERSION=\"2.57\" -DSPOOLDIR=\"/var/spool/MIMEDefang\" -DQDIR=\"/var/spool/MD-Quarantine\" -DCONFDIR=\"/etc/mail\"  -c -o md-mx-ctrl.o md-mx-ctrl.c
md-mx-ctrl.c: In function ‘percent_decode’:
md-mx-ctrl.c:71: warning: pointer targets in passing argument 1 of ‘sscanf’ differ in signedness
md-mx-ctrl.c: In function ‘buildCmd’:
md-mx-ctrl.c:176: warning: pointer targets in passing argument 1 of ‘percent_encode’ differ in signedness
md-mx-ctrl.c:176: warning: pointer targets in passing argument 2 of ‘percent_encode’ differ in signedness
md-mx-ctrl.c: In function ‘doCmd’:
md-mx-ctrl.c:239: warning: pointer targets in passing argument 1 of ‘percent_decode’ differ in signedness
gcc -g -O2 -Wall -Wstrict-prototypes -o md-mx-ctrl md-mx-ctrl.o -lnsl
test "" != "1" && strip md-mx-ctrl











02:40:23




#make install


mkdir -p /etc/mail && chmod 755 /etc/mail
if test "no" = "yes" -a ! -f "/etc/mail/mimedefang-ip-key" ; then \
        /usr/bin/perl ./gen-ip-validator.pl > /etc/mail/mimedefang-ip-key ;\
fi
if test "defang" != "" ; then \
        chown "defang" /etc/mail/mimedefang-ip-key > /dev/null 2>&1 || true; \
        mkdir -p /var/spool/MIMEDefang > /dev/null 2>&1 || true; \
        chown "defang" /var/spool/MIMEDefang || true; \
        chmod 700 /var/spool/MIMEDefang || exit 1; \
        mkdir -p /var/spool/MD-Quarantine > /dev/null 2>&1 || true; \
...
        if test -f /etc/mail/sa-mimedefang.cf ; then \
                /usr/bin/install -c -m 644 SpamAssassin/spamassassin.cf /etc/mail/sa-mimedefang.cf.example || exit 1; \
        else \
                /usr/bin/install -c -m 644 SpamAssassin/spamassassin.cf /etc/mail/sa-mimedefang.cf || exit 1; \
        fi \
fi
Please create the spool directory, '/var/spool/MIMEDefang',
if it does not exist.  Give it mode 700 or 750, and make
it owned by the user and group you intend to run MIMEDefang as.
Please do the same with the quarantine directory, '/var/spool/MD-Quarantine'.











02:40:30




#. /etc/bash_completion















02:40:30




#tail -f /var/log/maillog





Oct 28 02:30:53 asp mimedefang[29644]: k9RNUr1N029709: Tempfailing because filter instructed us to
Oct 28 02:30:53 asp sendmail[29709]: k9RNUr1N029709: Milter: data, reject=451 4.3.0 Problem running virus-scanner
Oct 28 02:30:53 asp sendmail[29709]: k9RNUr1N029709: to=<root@asp.linux.nt>, delay=00:00:00, pri=30299, stat=Problem running virus-scanner
Oct 28 02:30:53 asp sendmail[29703]: k9RNUrf8029703: to=root, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30029, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: 451 4.3.0 Problem running virus-scanner
Oct 28 02:37:18 asp mimedefang[29644]: MIMEDefang-2.57: mi_stop=1
Oct 28 02:37:19 asp mimedefang-multiplexor[29630]: Received SIGTERM: Stopping slaves and terminating
Oct 28 02:37:19 asp mimedefang-multiplexor[29630]: Reap: slave 1 (pid 29655) exited normally with status 0
Oct 28 02:37:19 asp mimedefang-multiplexor[29630]: Slave 1 resource usage: req=0, scans=0, user=1.712, sys=0.100, nswap=0, majflt=0, minflt=5052, maxrss=0, bi=0, bo=0
Oct 28 02:37:19 asp mimedefang-multiplexor[29630]: Reap: slave 0 (pid 29631) exited normally with status 0
Oct 28 02:37:19 asp mimedefang-multiplexor[29630]: Slave 0 resource usage: req=1, scans=1, user=1.604, sys=0.104, nswap=0, majflt=0, minflt=6285, maxrss=0, bi=0, bo=0
...
Oct 28 02:45:37 asp last message repeated 8 times
Oct 28 02:46:48 asp sendmail[32213]: alias database /etc/aliases rebuilt by root
Oct 28 02:46:48 asp sendmail[32213]: /etc/aliases: 76 aliases, longest 10 bytes, 765 bytes total
Oct 28 02:46:49 asp sendmail[32217]: starting daemon (8.13.7): SMTP+queueing@01:00:00
Oct 28 02:46:49 asp sendmail[32217]: NOQUEUE: SYSERR(root): opendaemonsocket: daemon MTA: cannot bind: Address already in use
Oct 28 02:46:49 asp sendmail[32217]: daemon MTA: problem creating SMTP socket
Oct 28 02:46:54 asp sendmail[32217]: NOQUEUE: SYSERR(root): opendaemonsocket: daemon MTA: cannot bind: Address already in use
Oct 28 02:46:54 asp sendmail[32217]: daemon MTA: problem creating SMTP socket
Oct 28 02:46:59 asp sendmail[32217]: NOQUEUE: SYSERR(root): opendaemonsocket: daemon MTA: cannot bind: Address already in use
Oct 28 02:46:59 asp sendmail[32217]: daemon MTA: problem creating SMTP socket











/dev/pts/7
02:43:08




#/usr/bin/mime -P /var/spool/MIMEDefang/mimedefang.pid -m /var/spoo















02:43:08




#/usr/bin/mime





mimedump      mimeencode    mimeexplode   mimepostcard  mimesend











02:43:08




#/usr/bin/mime -P /var/spool/MIMEDefang/mimedefang.pid -m /var/spoo















02:43:08




#/usr/bin/mime





mimedump      mimeencode    mimeexplode   mimepostcard  mimesend











02:43:08




#/usr/bin/mime -P /var/spool/MIMEDefang/mimedefang.pid -m /var/spoo















02:43:08




#/usr/bin/mime





mimedump      mimeencode    mimeexplode   mimepostcard  mimesend











02:43:08




#/usr/bin/mime -P /var/spool/MIMEDefang/mimedefang.pid -m /var/spoo















02:43:08




#ps ax | grep mimedef


32113 pts/8    S+     0:00 grep mimedef











02:44:06




#/usr/local/bin/


l3-agent                mimedefang              mimedefang.pl
md-mx-ctrl              mimedefang-multiplexor  watch-mimedefang











02:45:13




#ps ax | grep mimedef


32134 ?        S      0:00 /usr/local/bin/mimedefang -P /var/spool/MIMEDefang/mimedefang.pid -m /var/spool/MIMEDefang/mimedefang-multiplex -U defang
32141 pts/8    R+     0:00 grep mimedef











02:45:17




#kill -9 32134












02:45:38




#/usr/local/bin/mimedefang-multiplexor -p /var/spool/MIMEDefang/mi


edefang-multiplexor.pid -m 2 -x 10 -U defang











02:45:57




#ps ax | grep mimedef


32157 ?        S      0:00 /usr/local/bin/mimedefang-multiplexor -p /var/spool/MIMEDefang/mimedefang-multiplexor.pid -m 2 -x 10 -U defang
32158 ?        S      0:01 /usr/bin/perl /usr/local/bin/mimedefang.pl -server
32165 pts/8    S+     0:00 grep mimedef











02:46:11




#ps ax | grep mimedef


32157 ?        S      0:00 /usr/local/bin/mimedefang-multiplexor -p /var/spool/MIMEDefang/mimedefang-multiplexor.pid -m 2 -x 10 -U defang
32158 ?        S      0:01 /usr/bin/perl /usr/local/bin/mimedefang.pl -server
32171 ?        S      0:01 /usr/bin/perl /usr/local/bin/mimedefang.pl -server
32175 ?        S      0:00 /usr/local/bin/mimedefang-multiplexor -p /var/spool/MIMEDefang/mimedefang-multiplexor.pid -m 2 -x 10 -U defang
32176 ?        S      0:01 /usr/bin/perl /usr/local/bin/mimedefang.pl -server
32182 ?        S      0:01 /usr/bin/perl /usr/local/bin/mimedefang.pl -server
32184 pts/8    R+     0:00 grep mimedef











02:46:21




#/etc/init.d/clamd start


Starting Clam AntiVirus Daemon: LibClamAV Warning: **************************************************
LibClamAV Warning: ***  The virus database is older than 7 days.  ***
LibClamAV Warning: ***        Please update it IMMEDIATELY!       ***
LibClamAV Warning: **************************************************
                                                           [  ОК  ]











02:46:34




#/etc/init.d/sendmail start


Oct 28 02:30:53 asp mimedefang[29644]: k9RNUr1N029709: Tempfailing because filter instructed us to
Oct 28 02:30:53 asp sendmail[29709]: k9RNUr1N029709: Milter: data, reject=451 4.3.0 Problem running virus-scanner
Oct 28 02:30:53 asp sendmail[29709]: k9RNUr1N029709: to=<root@asp.linux.nt>, delay=00:00:00, pri=30299, stat=Problem running virus-scanner
Oct 28 02:30:53 asp sendmail[29703]: k9RNUrf8029703: to=root, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30029, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: 451 4.3.0 Problem running virus-scanner
Oct 28 02:37:18 asp mimedefang[29644]: MIMEDefang-2.57: mi_stop=1
Oct 28 02:37:19 asp mimedefang-multiplexor[29630]: Received SIGTERM: Stopping slaves and terminating
Oct 28 02:37:19 asp mimedefang-multiplexor[29630]: Reap: slave 1 (pid 29655) exited normally with status 0
Oct 28 02:37:19 asp mimedefang-multiplexor[29630]: Slave 1 resource usage: req=0, scans=0, user=1.712, sys=0.100, nswap=0, majflt=0, minflt=5052, maxrss=0, bi=0, bo=0
Oct 28 02:37:19 asp mimedefang-multiplexor[29630]: Reap: slave 0 (pid 29631) exited normally with status 0
Oct 28 02:37:19 asp mimedefang-multiplexor[29630]: Slave 0 resource usage: req=1, scans=1, user=1.604, sys=0.104, nswap=0, majflt=0, minflt=6285, maxrss=0, bi=0, bo=0
Oct 28 02:45:13 asp mimedefang[32134]: MIMEDefang alive. slavesReservedForLoopback=-1 AllowNewConnectionsToQueue=0 doRelayCheck=0 doHeloCheck=0 doSenderCheck=0 doRecipientCheck=0
Oct 28 02:45:13 asp mimedefang[32134]: MXCommand: connect: No such file or directory: Is multiplexor running?
Oct 28 02:45:37 asp last message repeated 8 times
Oct 28 02:46:48 asp sendmail[32213]: alias database /etc/aliases rebuilt by root
Oct 28 02:46:48 asp sendmail[32213]: /etc/aliases: 76 aliases, longest 10 bytes, 765 bytes total
Oct 28 02:46:49 asp sendmail[32217]: starting daemon (8.13.7): SMTP+queueing@01:00:00
Oct 28 02:46:49 asp sendmail[32217]: NOQUEUE: SYSERR(root): opendaemonsocket: daemon MTA: cannot bind: Address already in use
Oct 28 02:46:49 asp sendmail[32217]: daemon MTA: problem creating SMTP socket
Запускается sendmail: WARNING: Xmimedefang: local socket name /var/spool/MIMEDefang/mimedefang.sock missing
                                                           [  ОК  ]











02:46:49




#/etc/init.d/sendmail stop


Останавливается sm-client:                  [  ОК  ]
Останавливается sendmail:                   [  ОК  ]











/dev/pts/5
02:47:01




#tail -f /var/log/maillog





Oct 28 02:46:59 asp sendmail[32217]: daemon MTA: problem creating SMTP socket
Oct 28 02:47:04 asp sendmail[32217]: NOQUEUE: SYSERR(root): opendaemonsocket: daemon MTA: cannot bind: Address already in use
Oct 28 02:47:04 asp sendmail[32217]: daemon MTA: problem creating SMTP socket
Oct 28 02:47:09 asp sendmail[32217]: NOQUEUE: SYSERR(root): opendaemonsocket: daemon MTA: cannot bind: Address already in use
Oct 28 02:47:09 asp sendmail[32217]: daemon MTA: problem creating SMTP socket
Oct 28 03:03:20 asp mimedefang-multiplexor[322]: started; minSlaves=2, maxSlaves=10, maxRequests=500, maxIdleTime=300, busyTimeout=600, clientTimeout=10
Oct 28 03:03:20 asp mimedefang-multiplexor[322]: Starting slave 0 (pid 323) (1 running): Bringing slaves up to minSlaves (2)
Oct 28 03:03:20 asp mimedefang[336]: MIMEDefang alive. slavesReservedForLoopback=-1 AllowNewConnectionsToQueue=0 doRelayCheck=0 doHeloCheck=0 doSenderCheck=0 doRecipientCheck=0
Oct 28 03:03:20 asp mimedefang[336]: Multiplexor alive - entering main loop
Oct 28 03:03:23 asp mimedefang-multiplexor[322]: Starting slave 1 (pid 347) (2 running): Bringing slaves up to minSlaves (2)
Oct 28 03:03:51 asp sendmail[375]: alias database /etc/aliases rebuilt by root
Oct 28 03:03:51 asp sendmail[375]: /etc/aliases: 76 aliases, longest 10 bytes, 765 bytes total
Oct 28 03:03:51 asp sendmail[379]: starting daemon (8.13.7): SMTP+queueing@01:00:00
Oct 28 03:03:51 asp sm-msp-queue[386]: starting daemon (8.13.7): queueing@01:00:00
Oct 28 03:03:51 asp sendmail[394]: k9S03pRE000394: from=<root@asp.linux.nt>, size=299, class=0, nrcpts=1, msgid=<200610272330.k9RNUrf8029703@asp.linux.nt>, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1]
Oct 28 03:03:51 asp mimedefang.pl[323]: Problem running virus scanner: code=226, category=swerr, action=tempfail
Oct 28 03:03:51 asp mimedefang.pl[323]: filter: k9S03pRE000394:  tempfail=1
Oct 28 03:03:51 asp mimedefang[336]: k9S03pRE000394: Tempfailing because filter instructed us to
Oct 28 03:03:51 asp sendmail[394]: k9S03pRE000394: Milter: data, reject=451 4.3.0 Problem running virus-scanner
Oct 28 03:03:51 asp sendmail[394]: k9S03pRE000394: to=<root@asp.linux.nt>, delay=00:00:00, pri=30299, stat=Problem running virus-scanner
Oct 28 03:03:51 asp sm-msp-queue[387]: k9RNUrf8029703: to=root, ctladdr=root (0/0), delay=00:32:58, xdelay=00:00:00, mailer=relay, pri=120029, relay=[127.0.0.1] [127.0.0.1], dsn=4.0.0, stat=Deferred: 451 4.3.0 Problem running virus-scanner











/dev/pts/7
02:47:14




#vi /etc/mail/mimedefang-filter








Статистика
Время первой команды журнала00:08:35 2006-10-28
Время последней команды журнала02:47:14 2006-10-28
Количество командных строк в журнале101
Процент команд с ненулевым кодом завершения, % 9.90
Процент синтаксически неверно набранных команд, % 6.93
Суммарное время работы с терминалом *, час 0.75
Количество командных строк в единицу времени, команда/мин 2.23
Частота использования команд
tail12|===========| 11.21%
ps10|=========|  9.35%
yum10|=========|  9.35%
mime9|========|  8.41%
/etc/init.d/clamd9|========|  8.41%
vi8|=======|  7.48%
rpm8|=======|  7.48%
/etc/init.d/sendmail6|=====|  5.61%
/etc/init.d/mimedefang5|====|  4.67%
mail5|====|  4.67%
grep5|====|  4.67%
.3|==|  2.80%
telnet2|=|  1.87%
freshclam2|=|  1.87%
cd2|=|  1.87%
make2|=|  1.87%
configure1||  0.93%
mutt1||  0.93%
man1||  0.93%
vim1||  0.93%
/usr/local/bin/1||  0.93%
less1||  0.93%
mimedefang-multiplexor1||  0.93%
kill1||  0.93%
ls1||  0.93%
____
*) Интервалы неактивности длительностью 30 минут и более не учитываются
Справка
    Для того чтобы использовать LiLaLo, не нужно знать ничего особенного:
    всё происходит само собой.
    Однако, чтобы ведение и последующее использование журналов
    было как можно более эффективным, желательно иметь в виду следующее:
    
    
    
  1.  
    В журнал автоматически попадают все команды, данные в любом терминале системы.
    
    2. 
    
  2. 
    Для того чтобы убедиться, что журнал на текущем терминале ведётся, 
    и команды записываются, дайте команду w.
    В поле WHAT, соответствующем текущему терминалу, 
    должна быть указана программа script.
    
    3. 
    
  3. 
    Команды, при наборе которых были допущены синтаксические ошибки, 
    выводятся перечёркнутым текстом:

    

    


    $ l s-l
    

    bash: l: command not found

    
    		

    

    

    
    
    4. 
    
  4. 
    Если код завершения команды равен нулю, 
    команда была выполнена без ошибок.
    Команды, код завершения которых отличен от нуля, выделяются цветом.

    

    


    $ test 5 -lt 4
    

    		

    

    
    Обратите внимание на то, что код завершения команды может быть отличен от нуля
    не только в тех случаях, когда команда была выполнена с ошибкой.
    Многие команды используют код завершения, например, для того чтобы показать результаты проверки

    
    
    5. 
    
  5. 
    Команды, ход выполнения которых был прерван пользователем, выделяются цветом.

    

    


    $ find / -name abc
    

    find: /home/devi-orig/.gnome2: Keine Berechtigung
find: /home/devi-orig/.gnome2_private: Keine Berechtigung
find: /home/devi-orig/.nautilus/metafiles: Keine Berechtigung
find: /home/devi-orig/.metacity: Keine Berechtigung
find: /home/devi-orig/.inkscape: Keine Berechtigung
^C

    
    		

    

    

    
    
    6. 
    
  6. 
    Команды, выполненные с привилегиями суперпользователя,
    выделяются слева красной чертой.

    

    


    # id
    

    uid=0(root) gid=0(root) Gruppen=0(root)

    
    		

    

    
    
    
    
    7. 
    
  7. 
    Изменения, внесённые в текстовый файл с помощью редактора, 
    запоминаются и показываются в журнале в формате ed.
    Строки, начинающиеся символом "<", удалены, а строки,
    начинающиеся символом ">" -- добавлены.

    

    


    $ vi ~/.bashrc
    

    2a3,5
>    if [ -f /usr/local/etc/bash_completion ]; then
>         . /usr/local/etc/bash_completion
>        fi

    		

    

    
    
    
    
    8. 
    
  8. 
    Для того чтобы изменить файл в соответствии с показанными в диффшоте
    изменениями, можно воспользоваться командой patch.
    Нужно скопировать изменения, запустить программу patch, указав в
    качестве её аргумента файл, к которому применяются изменения,
    и всавить скопированный текст:

    

    


    $ patch ~/.bashrc
    
    		

    

    
    В данном случае изменения применяются к файлу ~/.bashrc
    
    9. 
    
  9. 
    Для того чтобы получить краткую справочную информацию о команде, 
    нужно подвести к ней мышь. Во всплывающей подсказке появится краткое
    описание команды.
    
    
    
    
    Если справочная информация о команде есть, 
    команда выделяется голубым фоном, например: vi.
    Если справочная информация отсутствует,
    команда выделяется розовым фоном, например: notepad.exe.
    Справочная информация может отсутствовать в том случае, 
    если (1) команда введена неверно; (2) если распознавание команды LiLaLo выполнено неверно;
    (3) если информация о команде неизвестна LiLaLo.
    Последнее возможно для редких команд.
    
    10. 
    
  10. 
    Большие, в особенности многострочные, всплывающие подсказки лучше 
    всего показываются браузерами KDE Konqueror, Apple Safari и Microsoft Internet Explorer.
    В браузерах Mozilla и Firefox они отображаются не полностью, 
    а вместо перевода строки выводится специальный символ.
    
    11. 
    
  11. 
    Время ввода команды, показанное в журнале, соответствует времени 
    начала ввода командной строки, которое равно тому моменту, 
    когда на терминале появилось приглашение интерпретатора
    
    12. 
    
  12. 
    Имя терминала, на котором была введена команда, показано в специальном блоке.
    Этот блок показывается только в том случае, если терминал
    текущей команды отличается от терминала предыдущей.
    
    13. 
    
  13. 
    Вывод не интересующих вас в настоящий момент элементов журнала,
    таких как время, имя терминала и других, можно отключить.
    Для этого нужно воспользоваться формой управления журналом
    вверху страницы.
    
    14. 
    
  14. 
    Небольшие комментарии к командам можно вставлять прямо из командной строки.
    Комментарий вводится прямо в командную строку, после символов #^ или #v.
    Символы ^ и v показывают направление выбора команды, к которой относится комментарий:
    ^ - к предыдущей, v - к следующей.
    Например, если в командной строке было введено:

    $ whoami

    

    user

    

    $ #^ Интересно, кто я?

    
    в журнале это будет выглядеть так:
    

    $ whoami

    

    user

    

    

      Интересно, кто я?
     
     
    
    15. 
    
  15. 
    Если комментарий содержит несколько строк,
    его можно вставить в журнал следующим образом:

    $ whoami

    

    user

    

    $ cat > /dev/null #^ Интересно, кто я?

    

    Программа whoami выводит имя пользователя, под которым 
мы зарегистрировались в системе.
-
Она не может ответить на вопрос о нашем назначении 
в этом мире.

    
    В журнале это будет выглядеть так:

    

    


    $ whoami
    

    user

    

    Интересно, кто я?
    
Программа whoami выводит имя пользователя, под которым
    
мы зарегистрировались в системе.
    

    
Она не может ответить на вопрос о нашем назначении
    
в этом мире.
    

    
    		

    

    
    Для разделения нескольких абзацев между собой
    используйте символ "-", один в строке.
    
    

    16. 
    
  16. 
    Комментарии, не относящиеся непосредственно ни к какой из команд, 
    добавляются точно таким же способом, только вместо симолов #^ или #v 
    нужно использовать символы #=
    
    17. 

    
  17. 
    Содержимое файла может быть показано в журнале.
    Для этого его нужно вывести с помощью программы cat.
    Если вывод команды отметить симоволами #!, 
    содержимое файла будет показано в журнале
    в специально отведённой для этого секции.
    
    18. 

    
    
    
  18. 
    Для того чтобы вставить скриншот интересующего вас окна в журнал,
    нужно воспользоваться командой l3shot.
    После того как команда вызвана, нужно с помощью мыши выбрать окно, которое
    должно быть в журнале.
    
    19. 
    
    

    
    
    
  19. 
    Команды в журнале расположены в хронологическом порядке.
    Если две команды давались одна за другой, но на разных терминалах,
    в журнале они будут рядом, даже если они не имеют друг к другу никакого отношения.

    1
    2
3   
    4

    
    Группы команд, выполненных на разных терминалах, разделяются специальной линией.
    Под этой линией в правом углу показано имя терминала, на котором выполнялись команды.
    Для того чтобы посмотреть команды только одного сенса, 
    нужно щёкнуть по этому названию.
    
    20. 
    
    



О программе
    

    LiLaLo (L3) расшифровывается как Live Lab Log.

    Программа разработана для повышения эффективности обучения Unix/Linux-системам.

    (c) Игорь Чубин, 2004-2008

    

$Id$