[clamav-users] Server Busy 421 - Debian 9
Hello Debian 9, ClamAV and ClamSmtp daemon are running, the port are in listen state... but if try to telnet to this Appair the messeges < 421 Server busy, too many connections > # telnet 127.0.0.1 10026 and 10025 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. 421 Server busy, too many connections Clamd.log dosn't appair with any error message... User i have changed on both config to clamav clamsmtp.conf OutAddress: 10026 MaxConnections: 64 Listen: 127.0.0.1:10025 ClamAddress: /var/run/clamav/clamd.ctl Header: X-AV-Checked: ClamAV using ClamSMTP TempDirectory: /var/spool/clamsmtp PidFile: /var/run/clamsmtp/clamsmtpd.pid User: clamav root@mail:/etc/clamav# cat clamd.conf #Automatically Generated by clamav-daemon postinst #To reconfigure clamd run #dpkg-reconfigure clamav-daemon #Please read /usr/share/doc/clamav-daemon/README.Debian.gz for details LocalSocket /var/run/clamav/clamd.ctl FixStaleSocket true LocalSocketGroup clamav LocalSocketMode 666 # TemporaryDirectory is not set to its default /tmp here to make overriding # the default with environment variables TMPDIR/TMP/TEMP possible User clamav ScanMail true ScanArchive true ArchiveBlockEncrypted false MaxDirectoryRecursion 15 FollowDirectorySymlinks false FollowFileSymlinks false ReadTimeout 180 MaxThreads 12 MaxConnectionQueueLength 15 LogSyslog false LogRotate true LogFacility LOG_LOCAL6 LogClean false LogVerbose false PreludeEnable no PreludeAnalyzerName ClamAV DatabaseDirectory /var/lib/clamav OfficialDatabaseOnly false SelfCheck 3600 Foreground false Debug false ScanPE true MaxEmbeddedPE 10M ScanOLE2 true ScanPDF true ScanHTML true MaxHTMLNormalize 10M MaxHTMLNoTags 2M MaxScriptNormalize 5M MaxZipTypeRcg 1M ScanSWF true ExitOnOOM false LeaveTemporaryFiles false AlgorithmicDetection true ScanELF true IdleTimeout 30 CrossFilesystems true PhishingSignatures true PhishingScanURLs true PhishingAlwaysBlockSSLMismatch false PhishingAlwaysBlockCloak false PartitionIntersection false DetectPUA false ScanPartialMessages false HeuristicScanPrecedence false StructuredDataDetection false CommandReadTimeout 30 SendBufTimeout 200 MaxQueue 100 ExtendedDetectionInfo true OLE2BlockMacros false AllowAllMatchScan true ForceToDisk false DisableCertCheck false DisableCache false MaxScanTime 12 MaxScanSize 100M MaxFileSize 25M MaxRecursion 16 MaxFiles 1 MaxPartitions 50 MaxIconsPE 100 PCREMatchLimit 1 PCRERecMatchLimit 5000 PCREMaxFileSize 25M ScanXMLDOCS true ScanHWP3 true MaxRecHWP3 16 StreamMaxLength 25M LogFile /var/log/clamav/clamav.log LogTime true LogFileUnlock false LogFileMaxSize 0 Bytecode true BytecodeSecurity TrustSigned BytecodeTimeout 6 OnAccessMaxFileSize 5M ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Problem with one virus definition
Html.Exploit.CVE_2017_0011-5752098-0 was added to the ClamAV database by daily 23249 on Mar 29, 2017 and dropped by daily 25820 on May 22. -Al- > On May 26, 2020, at 13:03, Luis Herrada via clamav-users > wrote: > > Hello ClamAV team: > > Starting May 22th , the new update on the virus definition (using freshclam) > is not flagging anymore for files containing the following definition: > > Html.Exploit.CVE_2017_0011-5752098-0 > > Can you please provide an update about this specific virus definition? > Was it removed from the virus definition DB for some reason? > Or you just missed to add it? > > Before May 22th, the clamav scan was flagging on files infected with the > virus indicated above. > We preserved past virus definitions so I am able to reproduce the problem. > > We are currently running clamav 0.101.2-1 > > I will appreciate your feedback. > > Luis smime.p7s Description: S/MIME cryptographic signature ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml