[Mail Security - eset_wwwi not starting]

everything else seem's to be working perfectly fine with Centos8.
(would be a shame if not ....)

 

[Your Linux Guides are Extremely Confusing and Frustrating]

most of you errors are missing "common linux knowledge".
Im not tryin to be offense - but you should probably get more linux skills before installing software like this.

i dont see anything related to ESET.
Also keep in mind that there so MANY Linux distros with different Package Versions.

The Documentation is good - but you should know what you are doing and dont copy paste all commands without thinking.
As example -> if you dont know where your my.cnf is located - you are missing common mysql/mariadb knowledge.
If you dont know how to search for a file on linux -> you are missing common knowledge.

your last error seems also mysql Related.
it could be a DNS Problem, wrong creds. or a missconfigured mysql-daemon.

also you are using the password "password" in your installer.
This cant be right ....
 

[centos 7, ESET Mail Security Linux, exim4, selinux]

what was the output of
 

ausearch -c 'esets_mda' --raw | audit2allow -M my-esetsmda
semodule -i my-esetsmda.pp

?

[1201: Error '2' occurred while reading database: Current locale settings are invalid]

what says the output of command: 
 

localectl

 

[Mail Security - eset_wwwi not starting]

OS: Centos 8 | 4.18.0-193.28.1.el8_2.x86_64
ESET ver: /opt/eset/esets/sbin/esets_daemon (esets) 4.5.16
Selinux: disabled
 

[wwwi]
agent_enabled = yes
listen_addr = "10.0.1.15"
listen_port = 3377
username = "esetlogin"
password = "test1234"

when i restart the esets process i get the following error:

 esets_daemon[3458]: error[0d820000]: Child process wwwi[3460] terminated with return code 127, won't be restarte

 

cant anything related to error code 127.
What i`m missing?
Generally Exit Code 127 means something like "command is not found"

It worked on several centos7 machines without a problem.
First Centos8 machine.

[esets_daemon freeze - 2020 version]

had the same issue.
thanks for creating the post @Krzysztof L.
this year you saved me time
Well i guess i did it the last 4 years

@Marcos
Can confirm it was a corrupt perseus / em002_32.dat

[Whitelist domain (do not mark as spam)]

Hi,

i set up a whitelist via user_specific_configuration (user_config = "esets_smtp_spec.cfg")

The `esets_smtp_spec.cfg` looks like this
 

[black-list]
action_av = "reject" 

[white-list]
action_av = "accept"
action_as = "accept"

[|sndrname1@sndrdomain1.com]
parent_id = "white-list"

 

is there a wildcard way for whitelisting the whole domain?
Will Something like this work? :
 

[|sndrdomain1.com]
parent_id = "white-list"

also - the help page is referring to "For esets_smtp, refer to the esets_smtp(1) man page."
Where can i find this man page online?

sincerly,
Franz

[esets_daemon freeze - 2019 version]

wow - what an fast response. TY
unfortunately i dont have an 

em001.dat

[root@srvmail01 sbin]# cd /var/opt/eset/esets/lib/
[root@srvmail01 lib]# ll
total 103720
drwxr-xr-x 3 esets esets     4096 14. Apr 2016  data
-rw-r--r-- 1 esets esets   172409 30. Sep 13:30 em000_32.dat
-rw-r--r-- 1 esets esets  1100402 23. Okt 14:57 em001_32.dat
-rw-r--r-- 1 esets esets 70579835 24. Okt 17:42 em002_32.dat
-rw-r--r-- 1 esets esets  1479292 10. Okt 14:43 em003_32.dat
-rw-r--r-- 1 esets esets  2391100  8. Okt 12:40 em004_32.dat
-rw-r--r-- 1 esets esets   323143 24. Sep 12:22 em005_32.dat
-rw-r--r-- 1 esets esets   106325 29. Jul 13:18 em006_32.dat
-rw-r--r-- 1 esets esets    38604 14. Apr 2016  em013_32.dat
-rw-r--r-- 1 esets esets  1635443 24. Okt 17:42 em021_32.dat
-rw-r--r-- 1 esets esets   320545 16. Sep 14:12 em022_32.dat
-rw-r--r-- 1 esets esets 13410472 24. Okt 17:42 em023_32.dat
-rw-r--r-- 1 esets esets   148141 14. Sep 2017  em034_32.dat
-rw-r--r-- 1 esets esets  5613785 24. Okt 17:44 em049_32.dat

 

isnt it the "em021_32.dat" ?
or do you mean the "em001_32.dat" ?
im not sure.

EDIT:
yes its was the ""em001_32.dat" 

[root@srvmail01 sbin]# ./esets_update --verbose
Virus signature database has been updated successfully.                        
ESETS Update utility
+-+--------------------+------------------------+------------------------+
| | Module             | Available version      | Installed version      |
+-+--------------------+------------------------+------------------------+
|*| loader             |      1074.1 (20190925) |                        |
|*| perseus            |        1555 (20190911) |                        |
|*| engine             |       20235 (20191024) |                        |
|*| archiver           |        1293 (20191004) |                        |
|*| heuristic          |        1194 (20190918) |                        |
|*| cleaner            |        1200 (20190916) |                        |
| |                    |                        |                        |
| |                    |                        |                        |
| |                    |                        |                      d |
|*| horus              |        7833 (20191016) |                        |
|*| dblite             |        1110 (20190827) |                        |
+-+--------------------+------------------------+------------------------+
[root@srvmail01 sbin]# 

 

will observe it for now.
Thank you again Marcos!

[esets_daemon freeze - 2019 version]

It looks like the Problem is back since October 29, 2018

 

status=deferred (connect to 127.0.0.1[127.0.0.1]:2526: Connection refused)

Mail Security Version: 

4.5.15

Signatures:

[root@srvmail01 ~]# cd /opt/eset/esets/sbin/
[root@srvmail01 sbin]# ./esets_update --verbose
Update is not necessary - the installed virus signature database is current.   
ESETS Update utility
+-+--------------------+------------------------+------------------------+
| | Module             | Available version      | Installed version      |
+-+--------------------+------------------------+------------------------+
| | loader             |      1074.1 (20190925) |      1074.1 (20190925) |
| | perseus            |      1556.1 (20191023) |      1556.1 (20191023) |
| | engine             |       20234 (20191024) |       20234 (20191024) |
| | archiver           |        1293 (20191004) |        1293 (20191004) |
| | heuristic          |        1194 (20190918) |        1194 (20190918) |
| | cleaner            |        1200 (20190916) |        1200 (20190916) |
| | horus              |        7833 (20191016) |        7833 (20191016) |
| | dblite             |        1110 (20190827) |        1110 (20190827) |
+-+--------------------+------------------------+------------------------+

 

The deamon freeze, after a reboot/restart after 5 until 15minutes.
Before it freezes it scans and delivers Mails just fine.
It Worked like a charm the last "year"

 

its crazy, cause its almost to the day 1 Year since the last time this Bug appeared ....

[esets_daemon freeze - 2018 version]

hi @CircleSquare !!

can you post us your output from ?

cd /opt/eset/esets/sbin
./esets_update --verbose

[esets_daemon freeze - 2018 version]

for now it looks stable.
i will inform you if it crashes again.

Thanks for your time!

[esets_daemon freeze - 2018 version]

first yes looks like there was also a horus update.
im on
 

 | horus              |        7779 (20181029) |        7779 (20181029) |

im not sure if the issue was resolved with that - since the error occurs from 10minutes after starting the daemon - up to 24hours and more.
we will see.

was there a fix in v7779 cause you are mentioning it ?

[esets_daemon freeze - 2018 version]

Quote

including fresh info_get command logs

what do you mean with ` including fresh info_get command logs ` ?

Edit - oh you mean that -> https://support.eset.com/kb6159/?locale=en_US&viewlocale=en_US
got you

----

also there is a new engine version again
 

| | engine             |       18293 (20181029) |       18293 (20181029) |

 

[esets_daemon freeze - 2018 version]

just made an Virus Database Update again.
It Updated the engine from 18289 to 18291.
the Update is from today - so it looks like it just was released.

 

[root@srvmail01 sbin]# ./esets_update --verbose
Virus signature database has been updated successfully.
ESETS Update utility
+-+--------------------+------------------------+------------------------+
| | Module             | Available version      | Installed version      |
+-+--------------------+------------------------+------------------------+
| | loader             |        1072 (20180813) |        1072 (20180813) |
| | perseus            |        1543 (20180927) |        1543 (20180927) |
|*| engine             |       18291 (20181029) |       18289 (20181028) |
| | archiver           |        1278 (20180924) |        1278 (20180924) |
| | heuristic          |        1190 (20180924) |        1190 (20180924) |
| | cleaner            |        1170 (20181025) |        1170 (20181025) |
| | horus              |        7778 (20181017) |        7778 (20181017) |
| | dblite             |        1103 (20180629) |        1103 (20180629) |
+-+--------------------+------------------------+------------------------+

 

 

now the daemons run since ~45 minutes.
but as we know - it can be hanging later.
Will report back later.

to all ending here - Update your databases via:
 

cd /opt/eset/esets/sbin
./esets_update --verbose

 

[esets_daemon freeze - 2018 version]

It looks like the Problem is back since 25/10/2018.
Also confirmed from the User Krzysztof L.

Same error pattern as in the old topic.
The daemon runs for 10 - 30 seconds and than is "dead"

 

i Updated everything so far but problem persists.

[root@srvmail01 ~]# /opt/eset/esets/sbin/esets_daemon --version
/opt/eset/esets/sbin/esets_daemon (esets) 4.5.11

./esets_update --verbose

Update is not necessary - the installed virus signature database is current.
ESETS Update utility
+-+--------------------+------------------------+------------------------+
| | Module             | Available version      | Installed version      |
+-+--------------------+------------------------+------------------------+
| | loader             |        1072 (20180813) |        1072 (20180813) |
| | perseus            |        1543 (20180927) |        1543 (20180927) |
| | engine             |       18289 (20181028) |       18289 (20181028) |
| | archiver           |        1278 (20180924) |        1278 (20180924) |
| | heuristic          |        1190 (20180924) |        1190 (20180924) |
| | cleaner            |        1170 (20181025) |        1170 (20181025) |
| | horus              |        7778 (20181017) |        7778 (20181017) |
| | dblite             |        1103 (20180629) |        1103 (20180629) |
+-+--------------------+------------------------+------------------------+

 

[esets_daemon freeze]

Just to make an update for Visitors or Google´ers who might end up here ...

The Problem is fixed since 11.Dezember.2017 for me.
It never came back for any of my customers so far.

[esets_daemon freeze]

i dont know, it was just a common sys-admin thought
i didnt used the prerelease-update - i changed the files manually.
 

[esets_daemon freeze]

also, de error sound different,
it was

delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:2526: Connection refused

in the past and not
 

Quote

delivery temporarily suspended: conversation with 127.0.0.1[127.0.0.1] timed out while receiving the initial server greeting

 

[esets_daemon freeze]

did you recheck you versions ? (automatically updated, etc)

[esets_daemon freeze]

Ty Peter!
installed it and will test it.

appreciate your work - and dont worry, the best (and every) software has bugs

hope we figured the problem - my customers already go crazy ^^

for the record:

[root@mail sbin]# ./esets_update --verbose
Update is not necessary - the installed virus signature database is current.
ESETS Update utility
+-+--------------------+------------------------+------------------------+
| | Module             | Available version      | Installed version      |
+-+--------------------+------------------------+------------------------+
| | loader             |        1069 (20161122) |        1069 (20161122) |
| | perseus            |        1532 (20171031) |        1532 (20171031) |
| | engine             |       16530 (20171206) |       16530 (20171206) |
| | archiver           |        1270 (20171113) |        1270 (20171113) |
| | heuristic          |        1184 (20171110) |        1184 (20171110) |
| | cleaner            |        1150 (20171031) |        1150 (20171031) |
| | horus              |        6556 (20171206) |        6556 (20171206) |
| | dblite             |        1095 (20171206) |        1095 (20171206) |
+-+--------------------+------------------------+------------------------+

 

[esets_daemon freeze]

My Last Response from ESET was on 22.11.2017 with the information:

Quote

wir haben noch keine neuen Informationen von unserer Entwicklung bekommen.
Sobald wir neue Informationen bekommen, melden wir uns wieder bei Ihnen.

which translates to "we have no glue yet but we will inform you if we find a solution"

[esets_daemon freeze]

thank you for the workaround,

Still - this isnt an open source or free product.
I payed for the smpt scan - i need a fix for it.

[esets_daemon freeze]

for me its a litte hard do reproduce the error.

Yes its still there - but it happens in a time span of Days to weeks.
not hours/minutes like for others.

but sure, i can try it.
 

[esets_daemon freeze]

sure

[esets_daemon freeze]

Just had this Error myself again. - so its not fixed with 4.5.9
it worked around 7days straight with no problem.

Im in contact with ESET Support again - will inform you guys about the progress.