Yes, you can enable debugging in clamd by uncommenting the following line in you clamd.conf:
#Debug yes I usually run clamd in foreground when debugging. This is done by uncommenting: #Foreground yes Steve On Mon, Jan 26, 2015 at 11:31 AM, Dave McMurtrie <[email protected]> wrote: > Hi Steve, > > Thanks for the suggestion. I didn't know clamdscan existed. Indeed, that > seems to work also: > > [root@andrew-mx-t01 phish]# clamdscan ./phish_test.txt > ./phish_test.txt: Heuristics.Phishing.URL.Blacklisted FOUND > > ----------- SCAN SUMMARY ----------- > Infected files: 1 > Time: 0.017 sec (0 m 0 s) > > > Is there a way to configure clamd to do debug-level logging like you can > do with clamscan? > > Thanks! > > Dave > > ________________________________________ > From: clamav-users [[email protected]] on behalf of > Steven Morgan [[email protected]] > Sent: Monday, January 26, 2015 11:24 AM > To: ClamAV users ML > Subject: Re: [clamav-users] clamscan detects, but clamd doesn't > > Hi Dave, > > I am wondering what happens if you use clamdscan on your phish_test file? > > Steve > > > On Mon, Jan 26, 2015 at 7:42 AM, Dave McMurtrie <[email protected]> > wrote: > > > Hi, > > > > We've been running ClamAV successfully for years. Recently, I added a > URL > > to our local.gdb database to block a malicious URL. When I send a test > > message containing this URL through an MX server, it does not detect the > > URL: > > > > Jan 26 07:13:17 andrew-mx-t01 clamd[31673]: > > /var/spool/mqueue/mxmilter/mdefang-t0QCDGNx031682/Work/msg-31460-5.txt: > OK > > Jan 26 07:13:17 andrew-mx-t01 clamd[31673]: > > /var/spool/mqueue/mxmilter/mdefang-t0QCDGNx031682/Work/msg-31460-6.html: > OK > > > > However, when I run clamscan against the exact same message on the same > MX > > server, it does successfully detect the URL: > > > > [root@andrew-mx-t01 phish]# clamscan ./phish_test.txt > > ./phish_test.txt: Heuristics.Phishing.URL.Blacklisted FOUND > > > > ----------- SCAN SUMMARY ----------- > > Known viruses: 4835255 > > Engine version: 0.98.1 > > Scanned directories: 0 > > Scanned files: 1 > > Infected files: 1 > > Data scanned: 0.00 MB > > Data read: 0.00 MB (ratio 0.00:1) > > Time: 10.179 sec (0 m 10 s) > > > > When I start clamd, I can see that it successfully loads the local.gdb > > file, so I know that's not the issue. > > > > Any pointers on how to troubleshoot this? sysadmin via google has thus > > far failed me. > > > > Thanks! > > > > Dave > > _______________________________________________ > > Help us build a comprehensive ClamAV guide: > > https://github.com/vrtadmin/clamav-faq > > > > http://www.clamav.net/contact.html#ml > > > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
