Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ClamD container keeps restarting due to database corruption #6219

Open
5 tasks done
SKJoy opened this issue Dec 19, 2024 · 1 comment
Open
5 tasks done

ClamD container keeps restarting due to database corruption #6219

SKJoy opened this issue Dec 19, 2024 · 1 comment
Labels
bug

Comments

@SKJoy
Copy link

SKJoy commented Dec 19, 2024

Contribution guidelines

I've found a bug and checked that ...

  • ... I understand that not following the below instructions will result in immediate closure and/or deletion of my issue.
  • ... I have understood that this bug report is dedicated for bugs, and not for support-related inquiries.
  • ... I have understood that answers are voluntary and community-driven, and not commercial support.
  • ... I have verified that my issue has not been already answered in the past. I also checked previous issues.

Description

We have a MailCow instance where all containers are HEALTHY except for the ClamD container keeps restarting with logs below.

Is there a way to RESET this container somehow so it could start fresh?

*** Please forgive me if I am repeating. I searched for the topic in Issues but was not able to see anything.

Logs:

Size: 190       	Blocks: 8          IO Block: 4096   regular file
Device: 820h/2080d	Inode: 2883594     Links: 1
Access: (0644/-rw-r--r--)  Uid: (  100/  clamav)   Gid: (  101/  clamav)
Access: 2024-12-19 09:10:54.058434276 -0500
Modify: 2024-12-19 09:10:54.058434276 -0500
Change: 2024-12-19 09:10:54.061767626 -0500
Running freshclam...
Thu Dec 19 09:10:54 2024 -> ClamAV update process started at Thu Dec 19 09:10:54 2024
Thu Dec 19 09:10:54 2024 -> daily.cld database is up-to-date (version: 27492, sigs: 2070575, f-level: 90, builder: raynman)
Thu Dec 19 09:10:54 2024 -> main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
Thu Dec 19 09:10:54 2024 -> bytecode.cld database is up-to-date (version: 335, sigs: 86, f-level: 90, builder: raynman)
LibClamAV Error: cli_add_content_match_pattern: Problem adding signature (2).
LibClamAV Error: Problem parsing database at line 31220
LibClamAV Error: Can't load /var/lib/clamav/phish.ndb: Malformed database
LibClamAV Error: cli_loaddbdir: error loading database /var/lib/clamav/phish.ndb
ERROR: Thu Dec 19 09:11:11 2024 -> Malformed database
Worker 23 died, stopping container waiting for respawn...
/clamd.sh: line 99: kill: (23) - No such process
Cleaning up tmp files...
Copying non-empty whitelist.ign2 to /var/lib/clamav/whitelist.ign2
  File: /var/lib/clamav/whitelist.ign2

Steps to reproduce:

Not sure if there is a procedure to reproduce this, it is just happening in our case.

Which branch are you using?

master

Which architecture are you using?

x86

Operating System:

Ubuntu 22.04.5 LTS

Server/VM specifications:

16 GB, x6 Core, 512 GB (52 GB consumed)

Is Apparmor, SELinux or similar active?

No

Virtualization technology:

KVM

Docker version:

27.3.1, build ce12230

docker-compose version or docker compose version:

2.29.7

mailcow version:

2023-11

Reverse proxy:

MailCow NginX

Logs of git diff:

diff --git a/.github/ISSUE_TEMPLATE/Bug_report.yml b/.github/ISSUE_TEMPLATE/Bug_report.yml
index afa1a27f..3cfbbe0d 100644
--- a/.github/ISSUE_TEMPLATE/Bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/Bug_report.yml
@@ -62,16 +62,6 @@ body:
         - nightly
     validations:
       required: true
-  - type: dropdown
-    attributes:
-      label: "Which architecture are you using?"
-      description: "#### `uname -m`"
-      multiple: false
-      options:
-        - x86
-        - ARM64 (aarch64)
-    validations:
-      required: true
   - type: input
     attributes:
       label: "Operating System:"
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
index 5c422bb4..dcda8f02 100644
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -1,11 +1,8 @@
 blank_issues_enabled: false
 contact_links:
-  - name: ❓ Community-driven support (Free)
+  - name: ❓ Community-driven support
     url: https://docs.mailcow.email/#get-support
     about: Please use the community forum for questions or assistance
-  - name: 🔥 Premium Support (Paid)
-    url: https://www.servercow.de/mailcow?lang=en#support
-    about: Buy a support subscription for any critical issues and get assisted by the mailcow Team. See conditions!
   - name: 🚨 Report a security vulnerability
-    url: "mailto:[email protected]?subject=mailcow: dockerized Security Vulnerability"
+    url: https://www.servercow.de/anfrage?lang=en
     about: Please give us appropriate time to verify, respond and fix before disclosure.
diff --git a/.github/workflows/check_if_support_labeled.yml b/.github/workflows/check_if_support_labeled.yml
deleted file mode 100644

Logs of iptables -L -vn:

# Warning: iptables-legacy tables present, use iptables-legacy to see them
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy DROP 47 packets, 2416 bytes)
 pkts bytes target     prot opt in     out     source               destination
5786K 5264M DOCKER-USER  all  --  *      *       0.0.0.0/0            0.0.0.0/0
5786K 5264M DOCKER-ISOLATION-STAGE-1  all  --  *      *       0.0.0.0/0            0.0.0.0/0
14282 4980K ACCEPT     all  --  *      br-d2db7b469ec4  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
  138  7812 DOCKER     all  --  *      br-d2db7b469ec4  0.0.0.0/0            0.0.0.0/0
13019   52M ACCEPT     all  --  br-d2db7b469ec4 !br-d2db7b469ec4  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  br-d2db7b469ec4 br-d2db7b469ec4  0.0.0.0/0            0.0.0.0/0
6839K 3676M ACCEPT     all  --  *      docker5  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
23930 3814K DOCKER     all  --  *      docker5  0.0.0.0/0            0.0.0.0/0
7286K 1110M ACCEPT     all  --  docker5 !docker5  0.0.0.0/0            0.0.0.0/0
23930 3814K ACCEPT     all  --  docker5 docker5  0.0.0.0/0            0.0.0.0/0
  528 79604 ACCEPT     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
   69  4044 DOCKER     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0
  423  267K ACCEPT     all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  docker0 docker0  0.0.0.0/0            0.0.0.0/0
 114M  118G ACCEPT     all  --  *      br-mailcow  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
  10M  701M DOCKER     all  --  *      br-mailcow  0.0.0.0/0            0.0.0.0/0
  61M   30G ACCEPT     all  --  br-mailcow !br-mailcow  0.0.0.0/0            0.0.0.0/0
8168K  594M ACCEPT     all  --  br-mailcow br-mailcow  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  *      br-7724d492b19b  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 DOCKER     all  --  *      br-7724d492b19b  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  br-7724d492b19b !br-7724d492b19b  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  br-7724d492b19b br-7724d492b19b  0.0.0.0/0            0.0.0.0/0

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain DOCKER (5 references)
 pkts bytes target     prot opt in     out     source               destination
  124  6988 ACCEPT     tcp  --  !br-d2db7b469ec4 br-d2db7b469ec4  0.0.0.0/0            172.19.0.2           tcp dpt:9000
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.3           tcp dpt:8983
   21  1024 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.9           tcp dpt:80
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.11          tcp dpt:3306
   28  1520 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.9           tcp dpt:443
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.249         tcp dpt:6379
   28  1656 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.253         tcp dpt:25
   22  1312 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.253         tcp dpt:465
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.253         tcp dpt:587
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:110
    1    60 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:143
 2529  151K ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:993
    4   240 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:995
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:4190
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:12345

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
 pkts bytes target     prot opt in     out     source               destination
13019   52M DOCKER-ISOLATION-STAGE-2  all  --  br-d2db7b469ec4 !br-d2db7b469ec4  0.0.0.0/0            0.0.0.0/0
7286K 1110M DOCKER-ISOLATION-STAGE-2  all  --  docker5 !docker5  0.0.0.0/0            0.0.0.0/0
 193M  149G RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain DOCKER-ISOLATION-STAGE-2 (2 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DROP       all  --  *      br-d2db7b469ec4  0.0.0.0/0            0.0.0.0/0
    0     0 DROP       all  --  *      docker5  0.0.0.0/0            0.0.0.0/0
7299K 1163M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain DOCKER-USER (1 references)
 pkts bytes target     prot opt in     out     source               destination
 199M  153G RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Logs of ip6tables -L -vn:

# Warning: ip6tables-legacy tables present, use ip6tables-legacy to see them
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy DROP 3 packets, 254 bytes)
 pkts bytes target     prot opt in     out     source               destination
2311K 7415M DOCKER-USER  all      *      *       ::/0                 ::/0
  81M  284G DOCKER-ISOLATION-STAGE-1  all      *      *       ::/0                 ::/0
   19  1520 ACCEPT     all      *      docker5  ::/0                 ::/0                 ctstate RELATED,ESTABLISHED
 212K   15M DOCKER     all      *      docker5  ::/0                 ::/0
 4746  380K ACCEPT     all      docker5 !docker5  ::/0                 ::/0
 212K   15M ACCEPT     all      docker5 docker5  ::/0                 ::/0
10868  869K ACCEPT     all      *      docker0  ::/0                 ::/0                 ctstate RELATED,ESTABLISHED
  634 41072 DOCKER     all      *      docker0  ::/0                 ::/0
    0     0 ACCEPT     all      docker0 !docker0  ::/0                 ::/0
  634 41072 ACCEPT     all      docker0 docker0  ::/0                 ::/0
  70M  287G ACCEPT     all      *      br-mailcow  ::/0                 ::/0                 ctstate RELATED,ESTABLISHED
4086K  289M DOCKER     all      *      br-mailcow  ::/0                 ::/0
7430K 2258M ACCEPT     all      br-mailcow !br-mailcow  ::/0                 ::/0
4058K  287M ACCEPT     all      br-mailcow br-mailcow  ::/0                 ::/0

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain DOCKER (3 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::b  tcp dpt:80
    7   504 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::b  tcp dpt:443
    2   160 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::11  tcp dpt:25
    2   144 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::11  tcp dpt:465
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::11  tcp dpt:587
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::12  tcp dpt:110
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::12  tcp dpt:143
    6   459 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::12  tcp dpt:993
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::12  tcp dpt:995
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::12  tcp dpt:4190

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DOCKER-ISOLATION-STAGE-2  all      br-d2db7b469ec4 !br-d2db7b469ec4  ::/0                 ::/0
 4746  380K DOCKER-ISOLATION-STAGE-2  all      docker5 !docker5  ::/0                 ::/0
  81M  284G RETURN     all      *      *       ::/0                 ::/0

Chain DOCKER-ISOLATION-STAGE-2 (2 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DROP       all      *      br-d2db7b469ec4  ::/0                 ::/0
    0     0 DROP       all      *      docker5  ::/0                 ::/0
 4746  380K RETURN     all      *      *       ::/0                 ::/0

Chain DOCKER-USER (1 references)
 pkts bytes target     prot opt in     out     source               destination
  82M  289G RETURN     all      *      *       ::/0                 ::/0

Logs of iptables -L -vn -t nat:

# Warning: iptables-legacy tables present, use iptables-legacy to see them
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
3971K  213M DOCKER     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type LOCAL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
  408 24480 DOCKER     all  --  *      *       0.0.0.0/0           !127.0.0.0/8          ADDRTYPE match dst-type LOCAL

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
   42  2520 MASQUERADE  all  --  *      !br-d2db7b469ec4  172.19.0.0/16        0.0.0.0/0
 648K   40M MASQUERADE  all  --  *      !docker5  172.58.0.0/24        0.0.0.0/0
    0     0 MASQUERADE  all  --  *      !docker5  172.58.0.0/24        0.0.0.0/0
    0     0 MASQUERADE  all  --  *      !docker0  172.17.0.0/16        0.0.0.0/0
6725K  559M MASQUERADE  all  --  *      !br-mailcow  172.22.1.0/24        0.0.0.0/0
    0     0 MASQUERADE  all  --  *      !br-7724d492b19b  172.18.0.0/16        0.0.0.0/0
    0     0 MASQUERADE  tcp  --  *      *       172.17.0.2           172.17.0.2           tcp dpt:9001
    0     0 MASQUERADE  tcp  --  *      *       172.19.0.2           172.19.0.2           tcp dpt:9000
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.3           172.22.1.3           tcp dpt:8983
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.9           172.22.1.9           tcp dpt:80
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.11          172.22.1.11          tcp dpt:3306
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.9           172.22.1.9           tcp dpt:443
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.249         172.22.1.249         tcp dpt:6379
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.253         172.22.1.253         tcp dpt:25
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.253         172.22.1.253         tcp dpt:465
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.253         172.22.1.253         tcp dpt:587
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:110
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:143
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:993
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:995
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:4190
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:12345

Chain DOCKER (2 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 RETURN     all  --  br-d2db7b469ec4 *       0.0.0.0/0            0.0.0.0/0
    0     0 RETURN     all  --  docker5 *       0.0.0.0/0            0.0.0.0/0
  124  6988 DNAT       tcp  --  !br-d2db7b469ec4 *       0.0.0.0/0            0.0.0.0/0            tcp dpt:9000 to:172.19.0.2:9000
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:18983 to:172.22.1.3:8983
   21  1024 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80 to:172.22.1.9:80
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:13306 to:172.22.1.11:3306
   28  1520 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:443 to:172.22.1.9:443
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:7654 to:172.22.1.249:6379
   24  1416 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25 to:172.22.1.253:25
   47  2812 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:465 to:172.22.1.253:465
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:587 to:172.22.1.253:587
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:110 to:172.22.1.250:110
    1    60 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:143 to:172.22.1.250:143
 2331  140K DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:993 to:172.22.1.250:993
    1    60 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:995 to:172.22.1.250:995
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:4190 to:172.22.1.250:4190
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:19991 to:172.22.1.250:12345

Logs of ip6tables -L -vn -t nat:

# Warning: ip6tables-legacy tables present, use ip6tables-legacy to see them
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
36540 2771K DOCKER     all      *      *       ::/0                 ::/0                 ADDRTYPE match dst-type LOCAL      

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
 1641  131K DOCKER     all      *      *       ::/0                !::1                  ADDRTYPE match dst-type LOCAL      

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
 2553  204K MASQUERADE  all      *      !docker5  fd00:dead:beef:c0::/80  ::/0
   12   960 MASQUERADE  all      *      !docker0  fd00:dead:beef:c0::/80  ::/0
2067K  201M MASQUERADE  all      *      !br-mailcow  fd4d:6169:6c63:6f77::/64  ::/0
    0     0 MASQUERADE  tcp      *      *       fd00:dead:beef:c0:0:242:ac11:2  fd00:dead:beef:c0:0:242:ac11:2  tcp dpt:9001
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::b  fd4d:6169:6c63:6f77::b  tcp dpt:80
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::b  fd4d:6169:6c63:6f77::b  tcp dpt:443
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::11  fd4d:6169:6c63:6f77::11  tcp dpt:25
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::11  fd4d:6169:6c63:6f77::11  tcp dpt:465
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::11  fd4d:6169:6c63:6f77::11  tcp dpt:587
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::12  fd4d:6169:6c63:6f77::12  tcp dpt:110
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::12  fd4d:6169:6c63:6f77::12  tcp dpt:143
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::12  fd4d:6169:6c63:6f77::12  tcp dpt:993
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::12  fd4d:6169:6c63:6f77::12  tcp dpt:995
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::12  fd4d:6169:6c63:6f77::12  tcp dpt:4190

Chain DOCKER (2 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 RETURN     all      docker5 *       ::/0                 ::/0
    0     0 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:80 to:[fd4d:6169:6c63:6f77::b]:80
    6   432 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:443 to:[fd4d:6169:6c63:6f77::b]:443
    2   160 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:25 to:[fd4d:6169:6c63:6f77::11]:25
    2   144 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:465 to:[fd4d:6169:6c63:6f77::11]:465        
    2   160 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:587 to:[fd4d:6169:6c63:6f77::11]:587        
    0     0 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:110 to:[fd4d:6169:6c63:6f77::12]:110        
    0     0 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:143 to:[fd4d:6169:6c63:6f77::12]:143        
    6   459 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:993 to:[fd4d:6169:6c63:6f77::12]:993        
    0     0 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:995 to:[fd4d:6169:6c63:6f77::12]:995        
    0     0 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:4190 to:[fd4d:6169:6c63:6f77::12]:4190

DNS check:

root@mailcow:~# docker exec -it $(docker ps -qf name=acme-mailcow) dig +short stackoverflow.com @172.22.1.254
172.64.155.249
104.18.32.7
@SKJoy SKJoy added the bug label Dec 19, 2024
@accolon
Copy link
Contributor

accolon commented Dec 20, 2024

The download of the affected database file probably failed.

I would try to enter the ClamAV container by running this command inside your mailcow folder:
docker exec -it mailcowdockerized-clamd-mailcow-1 bash

Then remove the malformed database file:
rm /var/lib/clamav/phish.ndb

Exit the container and restart it (or the whole mailcow stack). It should download the ClamAV databases after it is running successfully again.

AFAIK there is usually no support for mailcow here on Github, you can also try their forums.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@accolon @SKJoy