I've installed and configured postfix, amavisd, spamd, spamassassin, clamav, dcc, and razor by using the Anti-Spam Wiki from flakshack.com (http://www.flakshack.com/anti-spam/wiki/index.php)

In setting up the jail, I put bzip2, gzip, cpio, all things needed for amavisd jail that has spamassassin, dcc, clamav in it...

Something was happening with gzip. In my maillog I kept on getting

"Dec 20 07:23:01 otis amavis[11362]: (11362-06) TROUBLE in check_mail: spam quar+notif FAILED: Closing pipe to /usr/bin/gzip: DIED on signal 127 (ffffffff), Broken pipe at /usr/local/sbin/amavisd line 3567, GEN231> line 188.
Dec 20 07:23:02 otis amavis[11362]: (11362-06) PRESERVING EVIDENCE in /var/amavisd/tmp/amavis-20041220T072255-11362"

I've googled, looked at amavisd line 3567 and it says:
$?==0 or die ("Closing pipe to $gzip: .exit_status_str($?,$err));

So...I then decided to remove gzip from the jail and restart amavisd/postfix...
Now I get these errors in maillog:

Dec 21 06:46:51 otis amavis[925]: (00925-01) TROUBLE in process_request: register_proc: BDB N db_cursor: Locker does not exist, . at (eval 48) line 127, <GEN8> line 188.
Dec 21 06:46:51 otis amavis[925]: (00925-01) Requesting process rundown after fatal error
I'm not sure if this has anything to do with the gzip thing and me removing gzip from the jail, or if this is altogether another problem.

I'm off to google some more and look at the mailing lists

Now that I'm not freaking out after a long weekend of Postfix/<insert accessory here> config files, etc... let me try to explain my problem.
This seems to only happen when I receive a "SPAM" email. Amavisd wants to gzip the spam and save it for later in /var/amavisd/quarantine. I tried to gzip -d a "spam-e43234...324f.gz" file and got "unrecognized file format". I'm thinking it's saying "hey. we've got spam. let's gzip it, and put it in quarantine.. oops, didn't gzip properly <return>".

**NOTE: FQDN changed to "HOSTNAME.COM" for privacy **
Relevant entry from /var/log/maillog:

Dec 29 17:49:56 otis postfix/smtpd[1763]: connect from mail81.megamailservers.com[216.251.36.81]
Dec 29 17:49:57 otis postfix/smtpd[1763]: NOQUEUE: client=mail81.megamailservers.com[216.251.36.81]
Dec 29 17:49:57 otis amavis[21766]: (21766-05) ESMTP::10024 /var/amavisd/tmp/amavis-20041229T174957-21766: <antiquated8@myway.com> -> <XXXX@HOSTNAME.COM>,<X@HOSTNAME.COM> Received: SIZE=2654 BODY=8BITMIME from otis.HOSTNAME.COM ([127.0.0.1]) by localhost (otis.HOSTNAME.COM [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 21766-05; Wed, 29 Dec 2004 17:49:57 -0600 (CST)
Dec 29 17:49:57 otis amavis[21766]: (21766-05) Checking: [216.251.36.81] <antiquated8@myway.com> -> <XXXX@HOSTNAME.COM>,<X@HOSTNAME.COM>
Dec 29 17:49:57 otis amavis[21766]: (21766-05) p001 1 Content-Type: text/html, size: 1865 B, name:
Dec 29 17:50:12 otis amavis[21766]: (21766-05) local delivery: <antiquated8@myway.com> -> <spam-quarantine>, mbx=/var/amavisd/quarantine/spam-36ff4082b106eccd216b0072ed06c026-20041229-174957-21766-05.gz
Dec 29 17:50:12 otis amavis[21766]: (21766-05) TROUBLE in check_mail: spam quar+notif FAILED: Closing pipe to /bin/gzip: DIED on signal 127 (ffffffff), Broken pipe at /usr/local/sbin/amavisd line 3567, <GEN100> line 132.
Dec 29 17:50:12 otis amavis[21766]: (21766-05) PRESERVING EVIDENCE in /var/amavisd/tmp/amavis-20041229T174957-21766
Dec 29 17:50:12 otis amavis[21766]: (21766-05) TIMING [total 15075 ms] - SMTP EHLO: 26 (0%), SMTP pre-MAIL: 23 (0%), mkdir tempdir: 6 (0%), create email.txt: 4 (0%), SMTP pre-DATA-flush: 94 (1%), SMTP DATA: 403 (3%), body_hash: 6 (0%), mkdir parts: 9 (0%), mime_decode: 88 (1%), get-file-type1: 190 (1%), parts_decode: 3 (0%), AV-scan-1: 99 (1%), spam-wb-list: 48 (0%), SA msg read: 5 (0%), SA parse: 16 (0%), SA check: 13867 (92%), update_cache: 23 (0%), write-header: 148 (1%), rundown: 16 (0%)
Dec 29 17:55:12 otis postfix/smtpd[1763]: timeout after END-OF-MESSAGE from mail81.megamailservers.com[216.251.36.81]
Dec 29 17:55:12 otis postfix/smtpd[1763]: disconnect from mail81.megamailservers.com[216.251.36.81]

/etc/amavisd.conf:

use strict;

$MYHOME = '/var/amavisd';
$mydomain = 'HOSTNAME.COM';
$daemon_user = '_amavisd';
$daemon_group = '_amavisd';
$daemon_chroot_dir = $MYHOME;

$QUARANTINEDIR = "$MYHOME/quarantine";
$TEMPBASE = "$MYHOME/tmp";
$ENV{TMPDIR} = $TEMPBASE;
$helpers_home = $MYHOME;

$max_servers=8;
$child_timeout=20*60; # we need to adjust the timeout since it is not a localhost transfer

$forward_method = 'smtp:127.0.0.1:10025';
$notify_method = $forward_method;
$inet_socket_port = 10024;
$inet_socket_bind = '127.0.0.1';

# @bypass_virus_checks_acl = (1);
read_hash(\%local_domains, '/etc/postfix/relay_domains');

$DO_SYSLOG = 1; # (1 = syslog, 0 = logfile)
$log_level = 5; # (0-5)

$final_spam_destiny = D_REJECT; # Set to D_REJECT, D_PASS to pass through

read_hash(\%whitelist_sender, '/var/amavisd/whitelist');
read_hash(\%blacklist_sender, '/var/amavisd/blacklist');
read_hash(\%spam_lovers, '/var/amavisd/spam_lovers');

#defending against mail bombs
$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA = 100*1024;
$MAX_EXPANSION_QUOTA = 300*1024*1024;

$path = '/usr/bin:/bin';
$file = 'file';
$arc = ['nomarch', 'arc'];
$gzip = 'gzip';
$bzip2 = 'bzip2';
$uncompress = ['uncompress', 'gzip -d', 'zcat'];
$lha = 'lha';
$unarj = 'unarj';
$unrar = 'unrar';
$zoo = 'zoo';
$cpio = 'cpio';
$rpm2cpio = 'rpm2cpio';
$cabextract = 'cabextract';


$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1

# SpamAssassin settings
$sa_local_tests_only = 0;
$sa_auto_whitelist = 1; # comment this line out to turn off auto whitelist
$sa_mail_body_size_limit = 64*1024; # 64KB

$sa_tag_level_deflt = 3.0; # controls adding the X-Spam-Status and X-Spam-Level headers,
$sa_tag2_level_deflt = 6.3; # controls adding 'X-Spam-Flag: YES', and editing Subject,
$sa_kill_level_deflt = $sa_tag2_level_deflt; # triggers spam evasive actions:

$sa_spam_subject_tag = '***SPAM*** ';
$sa_debug = 1; # comment this line out to turn off debugging

### Virus scanners

# Add X-Virus-Scanned line to mail? (default: undef)
$X_HEADER_TAG = 'X-Virus-Scanned';

$remove_existing_x_scanned_headers = 0; # leave existing X-Virus-Scanned alone

# Don't notify sender when these viruses
# are found because they spoof From:
$viruses_that_fake_sender_re = new_RE(
qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizz er|palyh|peido|holar'i,
qr'tanatos|lentin|bridex|mimail|trojan\.dropper|du maru|parite|spaces'i,
qr'dloader|galil|gibe|swen|netwatch|bics|sbrowse|s co|mydoom'i,
[qr'^(EICAR\.COM|Joke\.|Junk\.)'i => 0],
[qr'^(WM97|OF97|W95/CIH-|JS/Fort)'i => 0],
);

@av_scanners = (
# http://www.clamav.net/
['Clam Antivirus-clamd',
\&ask_daemon, ["CONTSCAN {}\n", '/var/amavisd/clamd.sock'],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
);

@av_scanners_backup = (
# http://www.clamav.net/
['Clam Antivirus - clamscan', 'clamscan',
'--stdout --disable-summary -r {}', [0], [1],
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
);

1; # insure a defined return

Amavisd stuff from /var/log/maillog:
Dec 29 20:44:20 otis amavis[2882]: SMTP-in protocol code loaded
Dec 29 20:44:20 otis amavis[2882]: ANTI-VIRUS code loaded
Dec 29 20:44:20 otis amavis[2882]: ANTI-SPAM code loaded
Dec 29 20:44:20 otis amavis[2882]: Unpackers code loaded
Dec 29 20:44:20 otis amavis[2882]: Found $file at (chroot: /var/amavisd/) /bin/file
Dec 29 20:44:20 otis amavis[2882]: Found $arc at (chroot: /var/amavisd/) /usr/bin/arc
Dec 29 20:44:20 otis amavis[2882]: Found $gzip at (chroot: /var/amavisd/) /bin/gzip
Dec 29 20:44:20 otis amavis[2882]: Found $bzip2 at (chroot: /var/amavisd/) /bin/bzip2
Dec 29 20:44:20 otis amavis[2882]: No $lzop, not using it
Dec 29 20:44:20 otis amavis[2882]: Found $lha at (chroot: /var/amavisd/) /usr/bin/lha
Dec 29 20:44:20 otis amavis[2882]: Found $unarj at (chroot: /var/amavisd/) /usr/bin/unarj
Dec 29 20:44:20 otis amavis[2882]: Found $uncompress at (chroot: /var/amavisd/) /bin/gzip -d
Dec 29 20:44:20 otis amavis[2882]: No $unfreeze, not using it
Dec 29 20:44:20 otis amavis[2882]: Found $unrar at (chroot: /var/amavisd/) /usr/bin/unrar
Dec 29 20:44:20 otis amavis[2882]: Found $zoo at (chroot: /var/amavisd/) /bin/zoo
Dec 29 20:44:20 otis amavis[2882]: Found $cpio at (chroot: /var/amavisd/) /usr/bin/cpio
Dec 29 20:44:20 otis amavis[2882]: No $ar, not using it
Dec 29 20:44:20 otis amavis[2882]: Found $rpm2cpio at (chroot: /var/amavisd/) /usr/bin/rpm2cpio
Dec 29 20:44:20 otis amavis[2882]: Found $cabextract at (chroot: /var/amavisd/) /usr/bin/cabextract
Dec 29 20:44:20 otis amavis[2882]: No $dspam, not using it
Dec 29 20:44:20 otis amavis[2882]: Using internal av scanner code for (primary) Clam Antivirus-clamd
Dec 29 20:44:20 otis amavis[2882]: Found secondary av scanner Clam Antivirus - clamscan at (chroot: /var/amavisd/) /bin/clamscan
Dec 29 20:44:20 otis amavis[2882]: Creating db in /var/amavisd /var/amavisd/db/; BerkeleyDB 0.26, libdb 4.2
Dec 29 20:44:21 otis amavis[2882]: SpamControl: initializing Mail::SpamAssassin
Dec 29 20:44:38 otis amavis[2882]: SpamControl: done


Right now I'm running Amavisd in normal mode (non-chroot) to see how much of a difference that makes. I've also tried "sudo chroot -u _amavisd /var/amavisd /bin/gzip -h" and gzip displays the syntaxes like it should.
I'm now watching the logs in hope that some spam arrives so I can see how gzip works without a chroot jail.
I also wonder if maybe the mail message that gzip is trying to compress is too small and gzip is returning "file would grow; left unmodified" and amavisd is taking this to be an error...?

I'm not sure which possibility it is. Maybe it's a simple change to a config file. I'll stop speculating now. Thanks for your time.

Dec 29 17:50:12 otis amavis[21766]: (21766-05) TROUBLE in check_mail: spam quar+notif FAILED: Closing pipe to /bin/gzip: DIED on signal 127 (ffffffff), Broken pipe at /usr/local/sbin/amavisd line 3567, <GEN100> line 132.


Dec 29 19:18:25 otis amavis[1060]: Found $gzip at /usr/bin/gzip


why are the logs finding gzip in two different places?

run amavisd with debug turned on and post that output please.

Your sure amavisd is running as user amavisd right? And user amavisd has permissions to write to /var/amavisd?

Also I do believe thr /var/amavisd need to be chmod 750 at most. I could be wrong on this last part.

Here's the relevant portions of my amavisd.conf file:



$mydomain = 'DOMAIN.com';
$MYHOME = '/var/amavis';
$TEMPBASE = "$MYHOME/tmp";

$max_servers = 6; # number of pre-forked children
$daemon_user = 'vscan'; # (no default; customary: vscan or amavis)
$daemon_group = 'vscan'; # (no default; customary: vscan or amavis)
@local_domains_maps = ( [".$mydomain"] );

$log_level = 1;
$log_recip_templ = undef;
$DO_SYSLOG = 1;
$LOGFILE = "/var/log/maillog";
$SYSLOG_LEVEL = 'mail.info';
$ENV{TMPDIR} = $TEMPBASE;
$QUARANTINEDIR = '/var/amavis/virusmails';

$inet_socket_port = 10024; # accept SMTP on this local TCP port(s) (Postfix)

$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin';
$file = 'file'; # file(1) utility; use 3.41 or later to avoid vulnerability
$gzip = 'gzip';
$bzip2 = 'bzip2';
$lzop = 'lzop';
$rpm2cpio = ['rpm2cpio.pl','rpm2cpio'];
$cabextract = 'cabextract';
$uncompress = ['uncompress', 'gzip -d', 'zcat'];
$unfreeze = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
$arc = ['nomarch', 'arc'];
$unarj = ['arj', 'unarj'];
$unrar = ['rar', 'unrar'];
$zoo = 'zoo';
$lha = 'lha';
$cpio = ['gcpio','cpio'];
$dspam = 'dspam';

Sorry elmore. I posted the amavisd startup stuff from when it was in normal mode not chroot.

Seems to work fine when it's not chroot'ed. I could even gzip -d the spam email message.

I'm gonna compare the configs now and see if anything's in there.
I've edited the 2nd post to show the chroot output of amavisd.

When set for chroot, ps aux shows _amavisd being the owner of the perl amavisd process. /var/amavisd is also 750
drwxr-x--- 12 _amavisd wheel 512 Dec 29 21:00 /var/amavisd

Here is amavisd debug output (chroot mode :smile:)

Dec 29 20:57:24 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: starting. /usr/local/sbin/amavisd at otis.HOSTNAME.COM amavisd-new-2.2.0 (20041102), Unicode aware
Dec 29 20:57:24 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: user=, EUID: 0 (0); group=, EGID: 0 31 20 5 4 3 2 0 (0 31 20 5 4 3 2 0)
Dec 29 20:57:24 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Perl version 5.008005
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Net::Server: 2004/12/29-20:57:25 Amavis (type Net::Server::PreForkSimple) starting! pid(7626)
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Net::Server: Binding to TCP port 10024 on host 127.0.0.1
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Net::Server: Chrooting to /var/amavisd
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Net::Server: Setting gid to "3000 3000"
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Net::Server: Setting uid to "3000"
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Net::Server: Setting up serialization via flock
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module Amavis::Conf 2.033
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module Archive::Tar 1.23
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module Archive::Zip 1.14
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module BerkeleyDB 0.26
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module Compress::Zlib 1.33
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module Convert::TNEF 0.17
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module Convert::UUlib 1.03
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module DB_File 1.809
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module MIME::Entity 5.415
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module MIME::Parser 5.415
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module MIME::Tools 5.415
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module Mail::Header 1.65
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module Mail::Internet 1.65
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module Mail::SPF::Query 1.997
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module Mail::SpamAssassin 3.000002
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module Net::Cmd 2.26
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module Net::DNS 0.48
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module Net::SMTP 2.29
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module Net::Server 0.84
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module Razor2::Client::Version 2.61
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module Time::HiRes 1.65
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Module Unix::Syslog 0.99
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Amavis::DB code loaded
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Amavis::Cache code loaded
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Lookup::SQL code NOT loaded
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Lookup::LDAP code NOT loaded
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: AMCL-in protocol code NOT loaded
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: SMTP-in protocol code loaded
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: ANTI-VIRUS code loaded
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: ANTI-SPAM code loaded
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Unpackers code loaded
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Found $file at (chroot: /var/amavisd/) /bin/file
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Found $arc at (chroot: /var/amavisd/) /usr/bin/arc
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Found $gzip at (chroot: /var/amavisd/) /bin/gzip
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Found $bzip2 at (chroot: /var/amavisd/) /bin/bzip2
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: No $lzop, not using it
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Found $lha at (chroot: /var/amavisd/) /usr/bin/lha
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Found $unarj at (chroot: /var/amavisd/) /usr/bin/unarj
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Found $uncompress at (chroot: /var/amavisd/) /bin/gzip -d
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: No $unfreeze, not using it
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Found $unrar at (chroot: /var/amavisd/) /usr/bin/unrar
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Found $zoo at (chroot: /var/amavisd/) /bin/zoo
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Found $cpio at (chroot: /var/amavisd/) /usr/bin/cpio
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: No $ar, not using it
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Found $rpm2cpio at (chroot: /var/amavisd/) /usr/bin/rpm2cpio
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Found $cabextract at (chroot: /var/amavisd/) /usr/bin/cabextract
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: No $dspam, not using it
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Using internal av scanner code for (primary) Clam Antivirus-clamd
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Found secondary av scanner Clam Antivirus - clamscan at (chroot: /var/amavisd/) /bin/clamscan
Dec 29 20:57:25 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: Creating db in /var/amavisd /var/amavisd/db/; BerkeleyDB 0.26, libdb 4.2
Dec 29 20:57:26 otis.HOSTNAME.COM /usr/local/sbin/amavisd[7626]: SpamControl: initializing Mail::SpamAssassin
debug: SpamAssassin version 3.0.2
debug: Score set 0 chosen.
debug: running in taint mode? yes

after help from elmore the solution has been found. elmore pointed me out to http://www.harrysufehmi.com/phpwiki/index.php/OpenBSDFullyLoaded which about midway shows installation of GNU gzip. There's also a patch for OpenBSD's gzip so it returns the value that amavisd is expecting. I didn't install the patch. I used GNU gzip and copied the executable (after first making sure ldd didn't show any different req'd libs) to /var/amavisd/bin (this is my chroot jail). Because of the chroot jail I didn't bother with editing /usr/libdata/perl5/CPAN/Config.pm because the /usr/bin/gzip is still the default OpenBSD gzip and the /var/amavisd/bin/gzip is the GNU one.

here's a quote from harry's site:
Install Gzip:

mkdir /downloads
cd /downloads
/usr/local/bin/wget ftp://gatekeeper.dec.com/pub/GNU/gzip/gzip-1.2.4.tar.gz
tar xzvf gzip-1.2.4.tar.gz
cd gzip-1.2.4
mkdir /usr/local/gzip-1.2.4
./configure --prefix=/usr/local/gzip-1.2.4
make
make install
Now edit Perl's config file so it'll use GNU's gzip instead:

Edit Perl CPAN's config file: vi /usr/libdata/perl5/CPAN/Config.pm
Make sure that there's these lines in it:
'gzip' => q[/usr/local/gzip-1.2.4/bin/gzip],
'make_install_arg' => q[],

The other link for patching is at misc@: http://monkey.org/openbsd/archive/misc/0401/msg00806.html