Koozali.org: home of the SME Server

Can't query current.cvd.clamav.net

djhomeless

Can't query current.cvd.clamav.net
« on: February 01, 2005, 09:32:23 AM »
I'm getting email reports from the cron manager complaining that it is unable to query current.cvd.clamav.net.

The logs report the following:

Code: [Select]
ERROR: Can't query current.cvd.clamav.net
WARNING: Invalid DNS reply. Falling back to HTTP mode.
main.cvd is up to date (version: 29, sigs: 29086, f-level: 3, builder: tomek)
daily.cvd is up to date (version: 694, sigs: 979, f-level: 4, builder: ccordes)


So it seems it can't resolve the domain, but can at the IP?? Is there a way to point it to a domain closer to home (I live in the UK). Barring that, since it seems the process is succeeding can I disable the warnings?? :)

Thanks in advance,

Geoffrey

mbachmann

Can't query current.cvd.clamav.net
« Reply #1 on: February 01, 2005, 10:41:36 AM »
I bet just waiting until tomorrow will make the prob disappear.

djhomeless

Can't query current.cvd.clamav.net
« Reply #2 on: February 01, 2005, 11:25:59 AM »
I started seeing this error yesterday morning. I'll give it another day though....

thanks,

Geoffrey

mbachmann

Can't query current.cvd.clamav.net
« Reply #3 on: February 01, 2005, 11:56:13 AM »
You've already set the "country for database update" in server manager -> Antivirus to your country?

djhomeless

Can't query current.cvd.clamav.net
« Reply #4 on: February 01, 2005, 01:59:19 PM »
I set it in the server panel to UK, which is why I thought it odd that is was still polling the US.

Any idea how to set it from the command line?

thanks!

Geoffrey

mbachmann

Can't query current.cvd.clamav.net
« Reply #5 on: February 01, 2005, 03:09:17 PM »
No, but to make the changes effective, you have to save and restart ClamAV. I fear that you have already done that either. Try "service clamd restart" on the console and see if that makes a diffrence.

djhomeless

Can't query current.cvd.clamav.net
« Reply #6 on: February 01, 2005, 05:06:20 PM »
I'm pretty sure I tried it, but I'll do it again.

Hopefully that will do the trick!

thanks,

Geoffrey

mbachmann

Can't query current.cvd.clamav.net
« Reply #7 on: February 02, 2005, 11:17:56 AM »
Any changes?

djhomeless

Can't query current.cvd.clamav.net
« Reply #8 on: February 02, 2005, 11:32:55 AM »
No. :(

This is really weird. I'm going to dig around and find the command line flags to set the mirror directly.

Its just a minor annoyance I suppose since it does succeed in polling the IP directly.

Still weird that it can't resolve the DNS...

Geoffrey

Offline kmccarn

  • ***
  • 112
  • +0/-0
Can't query current.cvd.clamav.net
« Reply #9 on: February 04, 2005, 02:28:41 PM »
Don't know if this helps...

Apparently, there is no A record for current.cvd.clamav.net

cvd.clamav.net works fine. So - if anyone knows where to change this on the SME - please let us know.

I'm having this problem on 2 systems.
Kevin in WV 8-)......

djhomeless

Can't query current.cvd.clamav.net
« Reply #10 on: February 14, 2005, 08:32:32 AM »
Hmm,
According to the ClamAV FAQ, I'm having a problem with my DNS Server.

http://www.clamav.net/faq.html

The faq advises to run the following:

host -t txt current.cvd.clamav.net

When I do so, I get:

Code: [Select]
[root@domain root]# host -t txt current.cvd.clamav.net
;; connection timed out; no servers could be reached


The FAQ goes on to say that If I can't resolve the above URL, then my DNS is 'broken'. In addition, I should check my /etc/resolve.conf file for the correct entries.

Does anyone know how I can go about testing whether DNS is not working properly? In the short term, would anyone recommend adding a template fragment to add the IP of current.cvd.clamav.net to resolve.conf?

Thanks All,

Geoffrey

Offline gbentley

  • ****
  • 482
  • +0/-0
  • Forum Lurker
    • Earth
Can't query current.cvd.clamav.net
« Reply #11 on: May 14, 2006, 11:04:24 AM »
Same as last post ... started yesterday after manually updating clam.

freshclam worked prior to doing this.

Now :-

[root@server root]# host -t txt current.cvd.clamav.net
Host current.cvd.clamav.net not found: 2(SERVFAIL)

I can ping current.cvd.clamav.net fine ?

[root@server root]# freshclam -v
Current working dir is /usr/share/clamav
Max retries == 6
ClamAV update process started at Sun May 14 10:01:50 2006
Querying current.cvd.clamav.net
ERROR: Can't query current.cvd.clamav.net
WARNING: Invalid DNS reply. Falling back to HTTP mode.
Connected to db.uk.clamav.net (IP: 193.1.193.64).
Trying to retrieve http://db.uk.clamav.net/main.cvd
If-Modified-Since: Sun, 30 Apr 2006 11:51:56 GMT
Reading CVD header (main.cvd): OK (IMS)
main.cvd is up to date (version: 38, sigs: 51206, f-level: 7, builder: tkojm)
Connected to db.uk.clamav.net (IP: 193.1.193.64).
Trying to retrieve http://db.uk.clamav.net/daily.cvd
If-Modified-Since: Fri, 12 May 2006 21:32:09 GMT
Reading CVD header (daily.cvd): OK (IMS)
daily.cvd is up to date (version: 1461, sigs: 3843, f-level: 8, builder: ccordes)
Freeing option list...done

I restarted clamd so will see if the message reported in the above post persists ...

Edit: added upstream ISP dns to resolv.conf seems to have cured this
however am now getting other errors following weekly scan of entire system :-

LibClamAV Warning: Ignoring empty field in " charset="
LibClamAV Warning: Multipart MIME message contains no boundaries
LibClamAV Warning: Multipart MIME message contains no boundaries
LibClamAV Warning: Multipart MIME message contains no boundaries
LibClamAV Warning: messageFindArgument: no '=' sign found in MIME header
LibClamAV Warning: messageFindArgument: no '=' sign found in MIME header

Beginning to wish I had never bothered manually updating (it was only to fix a minor error)

Anyone help here ?
"If you don't know what you want, you end up with a lot you don't."