Atomicorp

This is the first cut at a drop in mail scanner for environments using Postfix (including Plesk). Much like qmail-scanner, this drops right in with minimal configuration required. It supports multiple AV scanners, spamassassin, quarantining, etc. Implemented in C, clapf is currently implemented to run as a dedicated daemon. Connections from postfix are proxied through it for content analysis. The scoring system is somewhat different than spamassassins, so a large part of this initial implementation is as much about looking at its effectiveness as issues with integration. By default clapf will only tag messages as spam, although it does support score based deletion.

Features currently implemented:
- ClamAV Anti-Virus
- Drweb Anti-Virus
- Avast Anti-Virus
- Kaspersky Anti-Virus
- Spamassassin
- Quarantine support

To install:
1) yum --enablerepo=atomic-testing install clapf

2) /etc/init.d/clapf start

3) /etc/init.d/postfix restart

Installed: clapf.x86_64 0:0.4.2-0.1.el5.art
Complete!
[root@static]# /etc/init.d/clapf start
-bash: /etc/init.d/clapf: No such file or directory

Started for the moemnt with
/usr/sbin/clapf &

Fixed in 0.4.2-0.2

I just installed using the instructions above. Each hour I'm seeing a couple of Cron errors...

Subject: Cron <root@xxxx> /usr/share/doc/clapf-0.4.2/stat/process_syslog.pl `date +
Message:
/bin/sh: -c: line 0: unexpected EOF while looking for matching ``'
/bin/sh: -c: line 1: syntax error: unexpected end of file

Subject: Cron <root@xxxx> /usr/share/doc/clapf-0.4.2/stat/clapf-rrd-update.sh /var/lib/clapf/stat/clapf-ham-spam.rrd `tail -1 /var/lib/clapf/stat/clapf.stat | awk '{ print $1 ":" $5 ":" $8 }'`
Message:
tail: cannot open `/var/lib/clapf/stat/clapf.stat' for reading: No such file or directory
usage: /usr/share/doc/clapf-0.4.2/stat/clapf-rrd-update.sh <rrd file> <timestamp>:<ham>:<spam>

I've just installed clapf 0.4.2; and work my way through all the various bits in the config.

I created the directories /var/lib/clapf/stat with a view to the message above, and fired it off.

In my maillog I go the following report:

Nov 13 20:23:16 s15217754 clapf[13428]: reloaded config: /etc/clapf.conf
Nov 13 20:23:16 s15217754 clapf[13428]: clapf 0.4.2 starting
Nov 13 20:23:16 s15217754 clapf[13429]: cannot write pidfile: /var/lib/clapf/clapf.pid

The directory definitely exists, so it's probably a perms problem: can you give me a hint what it's expecting?

--- Later ---
I've edited the config to point to /var/spool/clapf instead, and now it seems to be happy.... I'll have to wait and see if it also sorts out the hourly emails.... but since it's 3:24am my time, I'm heading for bed now!

I´m trying to install the clapf, as i intalled in my other servers, but i´m getting this error:

http://www4.atomicorp.com/channels/ples ... repomd.xml: [Errno 12] Timeout: <urlopen error timed out>
Trying other mirror.
Error: Cannot retrieve repository metadata (repomd.xml) for repository: plesk. Please verify its path and try again


i can´t ping www4.atomicorp.com too, i´m thinking that i´m been blocked by atomicorp server, could you please verify Scott?? I´m asking you since Thursday, i already sent you 2 emails too, and i didn´t get any answer, could you please verify this for me. i sent my ip´s for you by email.

Thanks
Guilherme Carvalho

Try "yum clean all" - you may have some corrupt cache data.

mikeshinn wrote:Try "yum clean all" - you may have some corrupt cache data.

i already did this, the problem is not this, because i can´t ping the www4.atomicorp.com, so the problem is not on the yum.

Since this thread has woken up again... I thought I'd note that I'm still getting the hourly emails.... if I'd kept them all there would be an awful lot of them by now!

Is anything being done to clapf? The main distro seems to have a newer dev build at release candidate stage, but that has been so for nearly a month now....

Finally, is it possible that clapf could be responsible for the strange messages that result in Postfix Error message reports ending with the following?
It's cut the spam wonderfully, but I'm getting buckets of these 'queue file write error's.

yup, sure have. We've been working on the gui

spaceout wrote:I just installed using the instructions above. Each hour I'm seeing a couple of Cron errors...

Subject: Cron <root@xxxx> /usr/share/doc/clapf-0.4.2/stat/process_syslog.pl `date +
Message:
/bin/sh: -c: line 0: unexpected EOF while looking for matching ``'
/bin/sh: -c: line 1: syntax error: unexpected end of file

Subject: Cron <root@xxxx> /usr/share/doc/clapf-0.4.2/stat/clapf-rrd-update.sh /var/lib/clapf/stat/clapf-ham-spam.rrd `tail -1 /var/lib/clapf/stat/clapf.stat | awk '{ print $1 ":" $5 ":" $8 }'`
Message:
tail: cannot open `/var/lib/clapf/stat/clapf.stat' for reading: No such file or directory
usage: /usr/share/doc/clapf-0.4.2/stat/clapf-rrd-update.sh <rrd file> <timestamp>:<ham>:<spam>

I got the same problem here in one of my servers, did you fix this??

Thanks

nope
Update: 0.4.3-0.2 is out now, and it addresses this issue.

0.4.3.1 installed and getting the same errors via email.

/bin/sh: -c: line 0: unexpected EOF while looking for matching ``'
/bin/sh: -c: line 1: syntax error: unexpected end of file

tail: cannot open `/var/lib/clapf/stat/clapf.stat' for reading: No such file or directory
usage: /usr/share/doc/clapf-0.4.3.1/stat/clapf-rrd-update.sh <rrd file> <timestamp>:<ham>:<spam>

Any ideas?

i remove the CLAPF from /etc/cron.d /etc/cron.hourly, /etc/cron.daily, /etc/cron.weekly, /etc/cron.mouthly the message stop, but the statistics is not updating anymore, but i don´t use this, so i prefer to disable it to use less resources from my server.

Thanks