ClamAV not scanning email

I am using Virtualmin and have it set up to have Postfix scan incoming emails with ClamAV (using clamdscan) and delete any emails which contain a virus. However when I email myself the EICAR test string, it comes through just fine. I know ClamAV will report this file as a virus. How can I troubleshoot this / what could be wrong?


You may want to start by looking in the logfiles for any signs of trouble.

Look at the email and procmail logs around the time you think ClamAV should have kicked in… those are /var/log/procmail, and then either /var/log/mail.log or /var/log/maillog (depending on your distro).

Also, make sure that in Edit Virtual Server, the “Virus Filtering” feature is enabled for that domain.


“Virus Filtering” is enabled.

Procmail.log doesn’t show much of interest:

From Tue Apr 13 10:51:37 2010 Subject: Test 5 Folder: /home/ 1644 Time:1271170297 Size:1693 Dest:/home/ Mode:None

Nor does maillog:

Apr 13 10:51:37 workingman postfix/smtpd[9083]: 1FB231213B4:[], sasl_method=PLAIN, Apr 13 10:51:37 workingman postfix/cleanup[9086]: 1FB231213B4: message-id=<> Apr 13 10:51:37 workingman postfix/qmgr[10917]: 1FB231213B4: from=, size=1569, nrcpt=1 (queue active) Apr 13 10:51:37 workingman postfix/smtpd[9083]: disconnect from[] Apr 13 10:51:37 workingman postfix/local[9087]: 1FB231213B4: to=, orig_to=, relay=local, delay=0.83, delays=0.5/0/0/0.32, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME)

I suppose what they both do show is no indication that clamdscan nor spamc are running on these emails…

If you look at your email headers, are you seeing any that begin with “X-Spam-Status”?

Nope, no X-Spam-Status nor X-Spam-Score headers. So SpamAssassin isn’t scanning the emails…

I killed /usr/libexec/webmin/virtual-server/ and restarted it, and that seems to have solved my issue… I’ll keep an eye out and see if this happens again.