Добрый день!
Кому-нибудь удалось подружить этого монстра с rspamd?
Выкурил все доступные материалы. Заработал бронхит.
Пробую подключить в обоих режимах:
kaspersky {
symbol = "KAS_VIRUS";
servers = "/var/run/klms/rds_av";
# servers = "/var/run/klms/klms_scanner_sock";
timeout = 5.0; # Allow 5 seconds for scan
max_size = 2048000;
scan_mime_parts = true; # Scan just attachments
tmpdir = "/tmp"; # Must be writable by `_rspamd` user and readable by `klusers` user/group
}
kaspersky_se {
symbol = "KAS_SE_VIRUS";
servers = "127.0.0.1:12345"; # Mandatory, dos not supports Unix sockets
max_size = 2048000;
timeout = 5.0; # Allow 5 seconds for scan
scan_mime_parts = true; # Just attachments
use_files = false; # Or true if you want this mode
use_https = false; # Enable if you like to use SSL
}
В логах rspamd вижу:
2023-09-14 12:54:01 #38928(rspamd_proxy) <e275e4>; proxy; proxy_accept_socket: accepted milter connection from 127.0.0.1 port 49674
2023-09-14 12:54:01 #38928(rspamd_proxy) <e275e4>; milter; rspamd_milter_process_command: got connection from 10.1.0.157:39478
2023-09-14 12:54:01 #38931(normal) <1b3e38>; task; rspamd_worker_body_handler: accepted connection from 127.0.0.1 port 48080, task ptr: 00007F850BE1CCA0
2023-09-14 12:54:01 #38931(normal) <1b3e38>; task; rspamd_mime_part_get_cte: detected missing CTE for part as: 7bit
2023-09-14 12:54:01 #38931(normal) <1b3e38>; task; rspamd_message_parse: loaded message; id: <*****@*****.tld>; queue-id: <8968E26E>; size: 691; checksum: <6e27fc81925a062e5a582d3bbdd75fec>
2023-09-14 12:54:01 #38931(normal) <1b3e38>; lua; greylist.lua:217: skip greylisting for local networks and/or authorized users
2023-09-14 12:54:01 #38931(normal) <1b3e38>; task; dkim_symbol_callback: skip DKIM checks for local networks and authorized users
2023-09-14 12:54:01 #38931(normal) <1b3e38>; lua; spf.lua:186: skip SPF checks for local networks and authorized users
2023-09-14 12:54:01 #38931(normal) <1b3e38>; lua; dmarc.lua:349: skip DMARC checks as either SPF or DKIM were not checked
2023-09-14 12:54:01 #38931(normal) <1b3e38>; lua; once_received.lua:102: Skipping once_received for authenticated user or local network
2023-09-14 12:54:01 #38931(normal) rspamd_inet_address_connect: connect unix:/var/run/klms/rds_av failed: 13, 'Permission denied'
2023-09-14 12:54:01 #38931(normal) <1b3e38>; task; lua_tcp_make_connection: cannot connect to /var/run/klms/rds_av (/var/run/klms/rds_av): Permission denied
2023-09-14 12:54:01 #38931(normal) rspamd_inet_address_connect: connect unix:/var/run/klms/rds_av failed: 13, 'Permission denied'
2023-09-14 12:54:01 #38931(normal) <1b3e38>; task; lua_tcp_make_connection: cannot connect to /var/run/klms/rds_av (/var/run/klms/rds_av): Permission denied
2023-09-14 12:54:01 #38931(normal) <1b3e38>; lua; kaspersky_av.lua:137: KAS_VIRUS [kaspersky]: failed to scan, maximum retransmits exceed
2023-09-14 12:54:01 #38931(normal) <1b3e38>; lua; common.lua:110: kaspersky: result - FAILED with error: "failed to scan and retransmits exceed - score: 0"
2023-09-14 12:54:01 #38931(normal) <1b3e38>; lua; common.lua:110: clamav: result - virusfound: "Win.Test.EICAR_HDB-1 - score: 1"
2023-09-14 12:54:01 #38931(normal) <1b3e38>; lua; kaspersky_se.lua:189: kaspersky_se: failed to scan, maximum retransmits exceed
Заметьте, clamav отрабатывает корректно.
Все группы и права доступа прописаны:
group:
_rspamd:x:123:kluser
klusers:x:125:kluser,www-data,_rspamd
ls -all /var/run/klms/rds_av
srw-rw-rw- 1 kluser klusers 0 сен 14 12:49 /var/run/klms/rds_av
ls -all /var/run/klms/klms_scanner_sock
srw-rw-rw- 1 kluser klusers 0 сен 14 12:49 /var/run/klms/klms_scanner_sock
Логи самого klms абсолютно невменяемы. Включил режим debug, ясности это не прибавило.
Чего ему ещё не хватает?
