[Clamav-users] problems
hello all i have been running v .80 with blackhole and spamassin 3 loging to a mysql db with no problem but now i have upgradded to v .81 and im not seeing any entries in my table the way its set up is this blackhole checks rbl's and reverse ip's first then spamassin checks for spam then clam does the final check HELP please Tony ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] LibClamAV Error: cl_loaddb() (fwd)
On Saturday 29 Jan 2005 23:28, dima wrote: FreeBSD 4.11-RELEASE, Clam AntiVirus Scanner 0.80 The problem has been fixed in 0.81. Next time install the latest stable version before reporting a bug. It is not report, just request for advices. 0.81 still does not available in the FreeBSD ports. Download it from www.clamav.net. ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] ERROR: Can't query current.cvd.clamav.net
On Sunday 30 January 2005 12:15 am, Marco van den Bovenkamp wrote: Stephen Gran wrote: This is indeed your problem. Probably the problem is that your DNS is not returning the text record, but returning host not found. Correct. The 'DNS server' (such as it is) in an Alcatel Speedtouch only resolves A records. Any other type returns host not found. I got bitten by it when running a mail server trying to resolve MX records. Will I still be able to download Signatures? Or will I need a new DNS server? If I do need a new DNS server is their one that I can trust. I could install it on my Linux box unfortunately my partner won't understand/cope with having to ensure that the Linux machine is running before accessing the internet and or printing. Thanks ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
[Clamav-users] Re: ERROR: Can't query current.cvd.clamav.net
Alexander Iain Kempshall wrote: [snip] Will I still be able to download Signatures? Or will I need a new DNS server? If I do need a new DNS server is their one that I can trust. I could install it on my Linux box unfortunately my partner won't understand/cope with having to ensure that the Linux machine is running before accessing the internet and or printing. Installing your own caching DNS server is easy but the best place to put it is in a server that is always on. On the other hand, the Alcatel router is getting the DNS info from your provider, you probably can configure it to just pass that DNS server address along. If the Alcatel is your DHCP server that's the place to do the change, just change the DNS server address it provides. In case you decide to install your own, you can try http://www.isc.org/index.pl?/bind; I'm using version 9.3.0, you can find binaries for just about any flavor of Linux and other OSes. -- René Berber ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
[Clamav-users] updateerror
I have ClamAV 0.80-2 and I want to update it to clamAV 0.81-2 I have installed it thrgh the RPM packets when it try to update i am getting the error like this warning: clamav-0.81-2.i386.rpm: V3 DSA signature: NOKEY, key ID 6cdf2cc1 error: Failed dependencies: zlib = 1.2.1.2 is needed by clamav-0.81-2 clamav = 70:0.80-2 is needed by (installed) clamav-devel-0.80-2 clamav = 70:0.80-2 is needed by (installed) clamav-milter-0.80-2 how can i update to 81-2 thanks in advance ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
RE: [Clamav-users] updateerror
warning: clamav-0.81-2.i386.rpm: V3 DSA signature: NOKEY, key ID 6cdf2cc1 error: Failed dependencies: zlib = 1.2.1.2 is needed by clamav-0.81-2 clamav = 70:0.80-2 is needed by (installed) clamav-devel-0.80-2 clamav = 70:0.80-2 is needed by (installed) clamav-milter-0.80-2 how can i update to 81-2 thanks in advance Contact the RPM packager or download from www.clamav.net ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] problems
l Original Message - From: ahellary [EMAIL PROTECTED] To: ClamAV users ML clamav-users@lists.clamav.net Sent: Sunday, January 30, 2005 8:13 AM Subject: [Clamav-users] problems hello all i have been running v .80 with blackhole and spamassin 3 loging to a mysql db with no problem but now i have upgradded to v .81 and im not seeing any entries in my table the way its set up is this blackhole checks rbl's and reverse ip's first then spamassin checks for spam then clam does the final check HELP please Tony ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users looking at top i can see clamav running after the mail gets past the other checks but .. im not seeing any notifcations can some one please send me a virus to test [EMAIL PROTECTED] is fine to send to Thanks ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
RE: [Clamav-users] problems
can some one please send me a virus to test www.testvirus.org ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
[Clamav-users] zlib prblm
when try to install ClamAV 0.81.2 I am getting the error while installing clamav-0.81-2.i386.rpm zlib = 1.2.1.2 is needed by clamav-0.81-2 where i will get this RPM package any Idea thanks ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] W32.Spybot.IVQ?
Sounds like the answer is no? Christoph Cordes wrote: Gary Weinfurther wrote: Does ClamAv protect against W32.Spybot.IVQ, a worm with Denial of Service and Back Door capabilities? This is not easy to answer - this Spybots/Mybots/Gaobots/Wootbots/SdBots come in many different flavours, packed and crypted with one or more runtimepackers. ClamAV is able to detect more than thousand variants - if it detects this one can only be told if we have a sample to test it. ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
[Clamav-users] clamav-milter won't start with my sendmail.cf
Hi, i've upgraded to clamav-0.81 but the clamav-milter complains that: clamav-milter: socket-addr (inet:[EMAIL PROTECTED]) doesn't agree with sendmail.cf and does not start. How can i disable this check?? My sendmail server is running on another hosts and connects to clamav-milter on 132.72.41.68:3310 and the sendmail.cf on 132.72.41.68 is used just as sendmail client to send mails and clamav virus notifies to the sendmail server, thus the above check is wrong for my setup pls help On Sun, 30 Jan 2005, Gary Weinfurther wrote: Sounds like the answer is no? Christoph Cordes wrote: Gary Weinfurther wrote: Does ClamAv protect against W32.Spybot.IVQ, a worm with Denial of Service and Back Door capabilities? This is not easy to answer - this Spybots/Mybots/Gaobots/Wootbots/SdBots come in many different flavours, packed and crypted with one or more runtimepackers. ClamAV is able to detect more than thousand variants - if it detects this one can only be told if we have a sample to test it. ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
[Clamav-users] clamav-milter won't start with my sendmail.cf
Hi, i've upgraded to clamav-0.81 but the clamav-milter complains that: clamav-milter: socket-addr (inet:[EMAIL PROTECTED]) doesn't agree with sendmail.cf and does not start. How can i disable this check?? My sendmail server is running on another hosts and connects to clamav-milter on 132.72.41.68:3310 and the sendmail.cf on 132.72.41.68 is used just as sendmail client to send mails and clamav virus notifies to the sendmail server, thus the above check is wrong for my setup pls help ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] clamav-milter won't start with my sendmail.cf
On Sunday 30 Jan 2005 14:19, Alexander Piavka wrote: Hi, i've upgraded to clamav-0.81 but the clamav-milter complains that: clamav-milter: socket-addr (inet:[EMAIL PROTECTED]) doesn't agree with sendmail.cf and does not start. 3310 is the port used to communicate from clamav-milter-clamd, it would not be wise to use the same port number from sendmail-clamav-milter ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] zlib prblm
- Original Message - From: jijo [EMAIL PROTECTED] To: clamav-users@lists.clamav.net Sent: Sunday, January 30, 2005 7:14 AM Subject: [Clamav-users] zlib prblm when try to install ClamAV 0.81.2 I am getting the error while installing clamav-0.81-2.i386.rpm zlib = 1.2.1.2 is needed by clamav-0.81-2 where i will get this RPM package any Idea thanks I got zlib from: http://download.fedora.redhat.com/pub/fedora/linux/core/development/i386/Fedora/RPMS/zlib-1.2.2.2-1.i386.rpm and the devel package at: http://download.fedora.redhat.com/pub/fedora/linux/core/development/i386/Fedora/RPMS/zlib-devel-1.2.2.2-1.i386.rpm Note that these are in the development channel, they haven't been released to FC yet. But I've found them to be just fine. Thomas ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
[Clamav-users] Test - my previous e-mail bounced
Sorry to send a test post, my previous e-mail to this list bounced... Thomas ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] W32.Spybot.IVQ?
Gary Weinfurther wrote: Sounds like the answer is no? Christoph Cordes wrote: Gary Weinfurther wrote: Does ClamAv protect against W32.Spybot.IVQ, a worm with Denial of Service and Back Door capabilities? This is not easy to answer - this Spybots/Mybots/Gaobots/Wootbots/SdBots come in many different flavours, packed and crypted with one or more runtimepackers. ClamAV is able to detect more than thousand variants - if it detects this one can only be told if we have a sample to test it. The answer is maybe. W32.Spybot.IVQ is no special thing - if you would ask Is ClamAV able to detect Netsky.B | Bagle.F | Parite.B ?, i can give you a definitive answer - but W32.Spybot.IVQ - aka Wootbot.gen - there are too many variants that show a behaviour like the one described by Symantec to give you a better answer. Sorry. And i think if you ask Symantec Is NAV able to detect Wootbot? you wont get a definitive answer too. -- Best regards, Christoph mailto:[EMAIL PROTECTED] ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
[Clamav-users] Redhat init script problem
I just installed clamav-milter on my mail server and it's working fine except I can't get it to stop sending notifications to the recipient and postmaster. I added the following to the /etc/init.d/clamav-milter file and restarted but the notifications continue. CLAMAV_FLAGS=-q When I restart clamav-milter and do a 'ps -ax' I get this. 8736 ?S 0:00 /usr/local/sbin/clamd 18505 ?S 0:00 lt-clamav-milter local:/var/run/clamav/clmilter.sock 19993 pts/1S 0:00 grep clam It looks to me like the clamav-milter script isn't passing the '-q' to the 'lt-clamav-milter' What am I missing? Bill ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] clamav-milter won't start with my sendmail.cf
On Sun, 30 Jan 2005, Nigel Horne wrote: On Sunday 30 Jan 2005 14:19, Alexander Piavka wrote: Hi, i've upgraded to clamav-0.81 but the clamav-milter complains that: clamav-milter: socket-addr (inet:[EMAIL PROTECTED]) doesn't agree with sendmail.cf and does not start. 3310 is the port used to communicate from clamav-milter-clamd, it would not be wise to use the same port number from sendmail-clamav-milter in my setup clamav-milter-clamd communicathe throght LocalSocket, thus i use this port of convinience. Anyway changing the port does not solve the problem. Does someone know a way to skip the sendmail.cf check? Thanks ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] zlib prblm
jijo wrote: when try to install ClamAV 0.81.2 I am getting the error while installing clamav-0.81-2.i386.rpm zlib = 1.2.1.2 is needed by clamav-0.81-2 where i will get this RPM package any Idea thanks Take it from the same repository, from where you get clamav package. pk ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] clamav-milter won't start with my sendmail.cf
On Sun, 30 Jan 2005, Nigel Horne wrote: On Sunday 30 Jan 2005 16:47, Alexander Piavka wrote: Does someone know a way to skip the sendmail.cf check Update to clamav-milter 0.81e The latest cvs version is 0.81d on the site (which i tried with no success ), or there is another repository i can down from? Thanks ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
[Clamav-users] configuring clamav
Hi i've installed Clamav and the scan runs ok but when I freshclam I recieve this message. [EMAIL PROTECTED]:~ freshclam ERROR: Please edit the example config file /etc/freshclam.conf. ERROR: Please edit the example config file /etc/clamd.conf. ERROR: Can't parse the config file /etc/clamd.conf [EMAIL PROTECTED]:~ Ok I have to edit the files, but it says to # Comment or remove the line below. Example ## ## Example config file for freshclam This Line 1 ## Please read the freshclam.conf(5) manual before editing this file. ## This file may be optionally merged with clamd.conf. ## # Comment or remove the line below. Example This line 2 # Path to the database directory. # WARNING: It must match clamd.conf's directive! # Default: hardcoded (depends on installation options) #DatabaseDirectory /var/lib/clamav # Path to the log file (make sure it has proper permissions) # Default: disabled #UpdateLogFile /var/log/freshclam.log but as you see there are two words example which I have classed this line 1 this line 2 above I am using nano to edit the conf files but when I edit the files and Alt J to justify no changes are saved can someone advise on what I am supposed to be commenting out and how to save changes? Thanks ___ ALL-NEW Yahoo! Messenger - all new features - even more fun! http://uk.messenger.yahoo.com ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
RE: [Clamav-users] problems
At 04:02 AM 1/30/2005, you wrote: can some one please send me a virus to test www.testvirus.org ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users ...which redirects to http://www.webmail.us/testvirus . i just tried it, and of the 27 test messages, my clamav 0.81 server let through tests 5, 8, 17, and 25. i have a pretty much 'vanilla' configuration, so i'm not entirely clear why these got through. i'd be interested in other folks test results. Paul Theodoropoulos http://www.anastrophe.com http://www.smileglobal.com ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] problems
On Sunday 30 Jan 2005 18:52, [EMAIL PROTECTED] wrote: www.testvirus.org i just tried it, and of the 27 test messages, my clamav 0.81 server let through tests 5, 8, 17, and 25. i have a pretty much 'vanilla' 5, 8, and 17 are stopped for me. 25 has nothing to stop. Paul Theodoropoulos -- Nigel Horne. Arranger, Composer, Typesetter. NJH Music, Barnsley, UK. ICQ#20252325 [EMAIL PROTECTED] http://www.bandsman.co.uk ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
[Clamav-users] What is -ve process group?
Dear all, I have searched the mail archive, both clamav-devel and clamav-users, with no hope. I installed the new ClamAV 0.81 on my Linux box, and found the PID file of clamav-milter is different now. The PID is minus. ^^; I cannot figure out why, but a line in the ChangeLog saying: On Linux store the -ve process group in the pid file to ensure that all threads are sent signals and a line in clamav-milter.c saying: /* Ensure that all threads are kill()ed */ What is -ve process group means? And how does it revelent to ensuring all threads are sent signals? I'd searched the google whole day with no answer. All I know is that the PID is minus now, and I cannot simply kill `cat [pidfile]`. Why are you making PID negative? Is there another expected, official method to stop clamav-milter than kill `cat [pidfile]`? I can't get this answer on google either. Currently I hack to turn PID from negative to positive. Under bash, I do echo $((0-$([pidfile]))) [pidfile] after clamav-milter is started. I guess this is not the answer, though. -- Best regards, imacat ^_*' [EMAIL PROTECTED] PGP Key: http://www.imacat.idv.tw/me/pgpkey.txt Woman's Voice News: http://www.wov.idv.tw/ Tavern IMACAT's: http://www.imacat.idv.tw/ TLUG List Manager: http://www.linux.org.tw/mailman/listinfo/tlug pgp5EkogcdmsW.pgp Description: PGP signature ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
[Clamav-users] Re: What is -ve process group?
imacat wrote: [snip] I installed the new ClamAV 0.81 on my Linux box, and found the PID file of clamav-milter is different now. The PID is minus. ^^; I cannot figure out why, but a line in the ChangeLog saying: On Linux store the -ve process group in the pid file to ensure that all threads are sent signals and a line in clamav-milter.c saying: /* Ensure that all threads are kill()ed */ What is -ve process group means? And how does it revelent to ensuring all threads are sent signals? I'd searched the google whole day with no answer. All I know is that the PID is minus now, and I cannot simply kill `cat [pidfile]`. Why are you making PID negative? [snip] It's an option (*not* available in all Unixes or Unix like environments) to send the signal to all threads in the process group. See for instance http://seth.positivism.org/man.cgi/kill Hope this helps. -- René Berber ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] Re: What is -ve process group?
On Sun, 30 Jan 2005 16:01:32 -0600 Ren?Berber [EMAIL PROTECTED] wrote: imacat wrote: It's an option (*not* available in all Unixes or Unix like environments) to send the signal to all threads in the process group. Thank you. I somehow got it now. The manpage on my Debian machine does not state this, but it works both for built-in kill of bash and /bin/bash. But does this means that I have to specify the signal explicitly, kill -SIGTERM `cat [pidfile]` instead of the short form, kill `cat [pidfile]` from now on? It would be very inconvienent. Also, I'm using Debian's start-stop-daemon to control it, which verify the PID against the process first to check if it is really the target process first before actually killing it. In fact it uses kvm_getprocs() to find the process. This negative PID won't work for kvm_getprocs(). What is suggested here? Stop using the PID file now? Stop using start-stop-daemon? Modify the source, recompile and make my own copy of start-stop-daemon so that it send a positive PID to kvm_getprocs()? Modify the source, recompile and make my own copy of clamav-milter.c so that it saves a positive PID? Using my current hack to turn the PID positive after it is made? I'm open to the answer. But if you are asking me, I would say that whether to kill the process positive or negative is beyond the scope of the daemon itself. The daemon should leave a correct and useful PID and let the user and the daemon controller decide how to use it. It would be nice if you would like to strongly suggest that to the user and the init script maintainer. But it should not be forced. -- Best regards, imacat ^_*' [EMAIL PROTECTED] PGP Key: http://www.imacat.idv.tw/me/pgpkey.txt Woman's Voice News: http://www.wov.idv.tw/ Tavern IMACAT's: http://www.imacat.idv.tw/ TLUG List Manager: http://www.linux.org.tw/mailman/listinfo/tlug pgp9i89lX9b2G.pgp Description: PGP signature ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] Re: What is -ve process group?
On Mon, Jan 31, 2005 at 10:14:29AM +0800, imacat said: This negative PID won't work for kvm_getprocs(). What is suggested here? Stop using the PID file now? Stop using start-stop-daemon? Modify the source, recompile and make my own copy of start-stop-daemon so that it send a positive PID to kvm_getprocs()? Modify the source, recompile and make my own copy of clamav-milter.c so that it saves a positive PID? Using my current hack to turn the PID positive after it is made? Take a look at the sed line in the clamav-milter init script that comes with the debian package - it first gets the correct pid before doing anything with it (in fact, I later do send kill -SIGNAL -PID) I'm open to the answer. But if you are asking me, I would say that whether to kill the process positive or negative is beyond the scope of the daemon itself. The daemon should leave a correct and useful PID and let the user and the daemon controller decide how to use it. It would be nice if you would like to strongly suggest that to the user and the init script maintainer. But it should not be forced. The debian init script has been sending the kill signal to the whole process group for some time, and now it checks if the pid is negative first. If htere is a problem with the package supplied init script, let me know, and I'll merge patches or otherwise try to work on it. I do agree that writing a negative pdi file seems wrong, however. -- -- | Stephen Gran | When you go out to buy, don't show your | | [EMAIL PROTECTED] | silver. | | http://www.lobefin.net/~steve | | -- pgp8iUwVi2YcL.pgp Description: PGP signature ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] problems
hello alll i was getting no detections with version .81 so i have gone back to v .80 for now none of the config had changed . Tony ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] problems
ahellary said: hello alll i was getting no detections with version .81 so i have gone back to v .80 for now none of the config had changed . Tony Did you completely remove the old version prior to installing the new one? If not then you may have enough bits left laying about to bugger your new installation. It happens often enough it ought to be incorporated into make install and the fact the .80 works is suspect immediately. dp ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
[Clamav-users] reiterated request for conf file overhaul
I brought this up a couple of months ago, and I'm going to state my case again. The clamd.conf file has several built in 'behaviors' and structures that i consider bizarre, and - at least by the measure of the great majority of configuration files that i deal with on a day to day basis - non-standard and thus confusing. Most notably, DisableDefaultScanOptions. No other configuration file I deal with regularly has this peculiar construct. i quote the conf file verbatim: # By default clamd uses scan options recommended by libclamav. This option # disables recommended options and allows you to enable selected ones below. # DO NOT TOUCH IT unless you know what you are doing. # Default: disabled #DisableDefaultScanOptions okay. so. DisableDefaultScanOptions is by default disabled. meaning the default scan options are enabled. that's sufficiently non-intuitive for me! secondly, and more problematic, is the statement selected ones below. There is no demarcation in the file for the end of the scan options that are controlled by DisableDefaultScanOptions. it would reasonably *appear* that the end of the scan options is at #ArchiveBlockMax, after which are Clamuko settings. but again - there's no explicit demarcation that suggests that that's the end of the options covered by DisableDefaultScanOptions. Further: if DisableDefaultScanOptions is by default disabled, meaning default scan options are enabled, then does that mean that the scan options listed under DisableDefaultScanOptions are in the *opposite* state of what they are listed as? example: # ClamAV can scan within archives and compressed files. # Default: enabled #ScanArchive # Due to license issues libclamav does not support RAR 3.0 archives (only the # old 2.0 format is supported). Because some users report stability problems # with unrarlib it's disabled by default and you must uncomment the directive # below to enable RAR 2.0 support. # Default: disabled #ScanRAR if DisableDefaultScanOptions is *enabled*, then does this mean that ScanArchive becomes disabled, regardless of being commented out, and ScanRAR becomes enabled, regardless of being commented out? or does it mean that ScanArchive and ScanRAR are both by default disabled, because both are commented out? suffice to say, it's not intuitive. the conf file needs an overhaul. in addition to option arguments of STRING, SIZE, and NUMBER, there need to be dedicated ON and OFF options for those options that can be in an enabled or disabled state. get rid of DisableDefaultScanOptions. instead, structure the important scanning options like this: # ClamAV can scan within archives and compressed files. # Default: On ScanArchive ON # Due to license issues libclamav does not support RAR 3.0 archives (only the # old 2.0 format is supported). Because some users report stability problems # with unrarlib it's disabled by default and you must uncomment the directive # below to enable RAR 2.0 support. # Default: Off ScanRAR OFF or if you prefer, use YES and NO: # ClamAV can scan within archives and compressed files. # Default: enabled ScanArchive YES # Due to license issues libclamav does not support RAR 3.0 archives (only the # old 2.0 format is supported). Because some users report stability problems # with unrarlib it's disabled by default and you must uncomment the directive # below to enable RAR 2.0 support. # Default: disabled ScanRAR NO rather than having commented/uncommented indicating enabled/disabled. There's just no need for DisableDefaultScanOptions. you can indicate the importance of not changing these important options really simply, without the DisableDefaultScanOptions construct: just add the line DON'T CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING to the comments above those particular options. easy. i know i've belabored the subject. but again, i think this is reasonably important, if only for making default behaviors clearer to the end user. and no, i'm not a newbie, believe it or not - i have a decade of professional experience as a unix sysadmin - that's in fact my impetus here, to get the clamd.conf to conform in structure to the majority of the other config files i use - sshd_config, clockspeed.conf, imapproxy.conf, etc etc etc. i submit this in the spirit of making clamav better. i'm not angry/upset about this, i'd just like to see it improved. Paul Theodoropoulos http://www.anastrophe.com http://www.smileglobal.com ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
