> > To try to solve this issue, i have added this line in my /etc/hosts file : > > > > * 104.16.218.84 database.clamav.net > > Don't do things like that. Sooner or later it will break, and you'll > find yourself back here again asking why.
Our firewall blocks our mail server from issuing requests via ports 80 and 443, but, after our failure to set up a private mirror that worked reliably after the switch to Cloudflare (their BOS mirror was usually behind the DNS TXT reported version, as detailed in many previous posts), I had to add exceptions for 104.16.218.84 and 104.16.219.84 so that our mail server could update ClamAV. (And Joel said last July that these IPs are quite stable for our geo-location "Unless cloudflare drastically changes things".) The only other alternative was to set up some sort of on-LAN relay or proxy (e.g., Squid), which seemed like way overkill. P.S. Since "G.W. Haywood" <[email protected]> never accepts incoming mail, why not switch from CC to BCC in your submissions to clamav-users and save us a lot of frustration. (Also, your private email address from which you sent me a private email never accepted my private reply, it just "timed out" -- twice.) On Tue, 5 May 2020 12:23:10 +0100 (BST) "G.W. Haywood via clamav-users" <[email protected]> wrote: > Hi there, > > On Tue, 5 May 2020, 21ch181 via clamav-users wrote: > > > I use ExpressVPN and each time i want to update the database i see a > > message in the logs files (syslog and freshclam) ... > > To try to solve this issue, i have added this line in my /etc/hosts file : > > > > * 104.16.218.84 database.clamav.net > > Don't do things like that. Sooner or later it will break, and you'll > find yourself back here again asking why. > > > Please note that the update work well if i switch off my VPN. > > It's clear from your log messages that your problem is caused by name > resolution issues. It isn't clear exactly what they are, but it's > obviously associated with the DNS service provided when the VPN is > running. Since the ExpressVPN sales pitch makes a thing of encrypting > your DNS traffic as well as other traffic this isn't a great surprise. > You could try to debug the name resolution using tools like 'dig', but > it's not necessarily straightforward and in any case I'm not persuaded > that there's a case for sending ClamAV database traffic over a VPN. > All the information (including, now that you've posted to this list, > the fact that you are using it) is in the public domain. > > > Is someone could give me some solutions to solve this issue please ? > > Send ClamAV traffic over normal routes. It's possible that Cloudflare > is blocking ExpressVPN traffic, but I don't know what you'd be able to > do about that. Joel (on this list) might have insights to offer. > > I'd never use a VPN service provided by someone else. You can't trust > them. It's very easy to set up your own, then you know what's going > on, and you aren't providing raw material from which someone probably > intends to make a profit. > > I'll leave aside the legality or otherwise of using strong encryption > in your country, but if you can tell us why you think you need ClamAV > on your Linux box that might be useful. > _______________________________________________ clamav-users mailing list [email protected] https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
