Since last friday (October 21st, 2016) a reboot of both 10.6 (Snow Leopard Server) and 10.7 (Lion Server) result in numerous repetitions of the logged error message:
LibClamAV Error: mpool_malloc(): Attempt to allocate 8388608 bytes.
and
WARNING: [LibClamAV] mpool_malloc(): Attempt to allocate 8388608
bytes. Please report to http://bugs.clamav.net Log size = 1048612, max
= 1048576 LOGGING DISABLED (Maximal log file size exceeded).
Workaround (not a fix)
After disabling "Server Admin" > "Mail" > "Settings" > "General" > "Filters":
- [ ] Enable junk mail filtering
- [ ] Enable virus filtering
the error message was gone and the reboots stopped.
Regression
It seems that the ClamAV engine ($ /usr/bin/clamscan --version … 0.97.8) is too old according to ClamAV.net bug 11647.
How to fix?
How to fix the ClamAV "LibClamAV Error: mpool_malloc(): Attempt to allocate 8388608 bytes" error permanently and having email junk and virus filtering functionality? In other words How to upgrade the built-in clamav scanner of Mac OS X Lion 10.7 server (without installing Xcode on the machine running the outdated ClamAV)?
Best Answer
I ran across this page dealing with the issue on a carefully rebuilt OS X server running 10.6 (I have reasons). The compile-it-yourself answer by Pro Backup is fantastically detailed, but I may have run across a simpler answer, at least in the short term. I noticed another machine I had, also using 10.6 Server, didn't have the issue. Checking the versions of each using
/usr/bin/clamscan --version, I saw they were the same engine versions, but different definition versions:Has the issue
versus
Doesn't have the issue
Manual download clamAV definitions
So, decided to try manually downloading the virus definitions using
/usr/bin/freshclam(assudo). It ran through lots of versions, finishing with 22471. Not yet sure if this will do the trick, but I'm hoping it's on the right track.