from:"John Vestrum"

Re: [Clamav-users] limiting child processes

2004-03-09 Thread John Vestrum

On Tuesday 09 March 2004 11:43 am, you wrote:
 Is there a way to tell clamd how many children it can spawn? I don't
 want a server to allow more than 10 instances of clamd to run at any
 given time.

I think you need to limit this in your MTA and/or filter package. With 
amavisd-new, I think this is controlled by $max_servers in amavisd.conf 
(someone correct me if I am wrong). 

If you could set a limit in Clam, then Clam would need some mechanism for 
queueing messages, which is extra complexity that is unnecessary since the 
MTA can do this anyways.

JohnV


---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] Please help ERROR: Parse error at line 142: Unknown option Archive

2004-03-09 Thread John Vestrum

On Tuesday 09 March 2004 12:31 pm, you wrote:
 Here is the error that I am getting. I don't understand why Archive
 would not be known

 ERROR: Parse error at line 142: Unknown option Archive.
 ERROR: Can't open/parse the config file /usr/local/etc/clamav.conf

Well, according to the clamav.conf man page, there is no Archive option. 
There are options such as:

ScanArchive
ArchiveMaxFileSize
ArchiveMaxRecursion
ArchiveMaxFiles
ArchiveMaxCompressionRatio
ArchiveLimitMemoryUsage
ClamukoScanArchive

JohnV


---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] problem starting clamd

2004-03-08 Thread John Vestrum

 I am having trouble starting clamd ...

 connect(): No such file or directory
 ERROR: Can't connect to clamd.

--- SCAN SUMMARY ---
Infected files: 0
Time: 0.007 sec (0 m 0 s)

This looks like an error from clamdscan, not clamd. What's the full command 
line you are using that produces this error?

JohnV


---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] clamd and Amavis-new conflict?

2004-03-08 Thread John Vestrum

On Monday 08 March 2004 12:45 pm, you wrote:
 At every mail checked amavisd.log has a message:

 amavisd[950]: (00950-05) No anti-virus code loaded, skipping this section
 #(numbers, obviously, vary),

 even though clamd was started manually, the path to socket name
 (clamd.sock) is identical in amavisd.conf and clamd.conf, both amavisd and
 clamd are ran as amavisd:amavisd, and all the permissions are set correctly
 (I hope...) .


First, make sure clamdscan works:
# $CLAMPREFIX/bin/clamdscan /some/file

If not, make it work before coming back to amavis. Check the 
bypass_virus_checks_acl and virus_lovers lines in /etc/amavisd.conf. If you 
commented out the other virus scanners in amavisd.conf, check the syntax 
carefully to ensure, for example, you didn't accidently comment out the 
closing );. I'm running Postfix, amavisd-new, SA, and Clam on Solaris, and 
had no trouble, maybe it's a Freebsd quirk.

JohnV

 The clamd.log (debugged to the console) looks like:

 LibClamAV debug: Unpacking /tmp/74845765092f738c/COPYING
 LibClamAV debug: Unpacking /tmp/74845765092f738c/viruses.db2
 LibClamAV debug: Loading databases from /tmp/74845765092f738c
 LibClamAV debug: Loading /tmp/74845765092f738c/viruses.db2
 LibClamAV debug: set stacksize to 262144
 LibClamAV debug: Stat()ing files in /usr/local/share/clamav
 LibClamAV debug: Stat()ing files in /usr/local/share/clamav

 and never adds to the last line - i.e., clamd doesn't take anything from
 amavisd.

 I am running Freebsd5.2, clamav-067-1and amavisd-new-20030616-p7.

 Thank you.





 ---
 This SF.Net email is sponsored by: IBM Linux Tutorials
 Free Linux tutorial presented by Daniel Robbins, President and CEO of
 GenToo technologies. Learn everything from fundamentals to system
 administration.http://ads.osdn.com/?ad_id70alloc_id638op,ick
 ___
 Clamav-users mailing list
 [EMAIL PROTECTED]
 https://lists.sourceforge.net/lists/listinfo/clamav-users


---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] Re: MyDoom.G detected by clamscan but not by clamd

2004-03-08 Thread John Vestrum

 It seems clamd had not reloaded it's virus db since the last update, it now
 detects the virus fine after I restarted the daemon.

 Stuart.

You might want to check the NotifyClamd option in your freshclam.conf.

JohnV


---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] clamd and Amavis-new conflict?

2004-03-08 Thread John Vestrum

 I cant's see children of clamd, though - does this mean, that my messages
 load is too low?

Try showing threads. On Solaris, it's ps -elL. On Linux, it's ps -elm. On 
FreeBSD, hmm, I can't find thread or light weight process in the ps man 
page.

JohnV


---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] sendmail devel?

2004-03-05 Thread John Vestrum

If you are on an rpm based system (Mandrake, Fedora, etc), use:
# rpm -qa | grep -i sendmail
and look for a sendmail-devel package. If it's not there, you need to find 
one that matches your version of sendmail. If sendmail came with your linux 
distribution (assuming you are using linux) then look for the sendmail-devel 
rpm in the same place you got the distro from (your install CDs, ftp server, 
etc). BTW, *-devel rpms only contain the extra stuff you need for 
compiling, so don't remove sendmail when you install sendmail-devel.

soapbox On the other hand, remove sendmail and install Postfix instead. 
Forget rpm, compile from source. Amavisd-new is a nice package to tie Postfix 
to ClamAV. /soapbox

John

On Friday 05 March 2004 12:20 pm, you wrote:
 How do I tell if I have sendmail-devel installed.  the clamav milter tells
 me to ensure that it is there. I know I am using sendmail 8.12.5 but how do
 I know if its devel? which sendmail and which sendmail-devel show nothing.


 Eric



 ---
 This SF.Net email is sponsored by: IBM Linux Tutorials
 Free Linux tutorial presented by Daniel Robbins, President and CEO of
 GenToo technologies. Learn everything from fundamentals to system
 administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click
 ___
 Clamav-users mailing list
 [EMAIL PROTECTED]
 https://lists.sourceforge.net/lists/listinfo/clamav-users


---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] Freshclam error in log file

2004-03-04 Thread John Vestrum

Take out the square brackets on NotifyClamd [/etc/clamav.conf]. The square 
brackets signify that the filename is an optional argument, so if your 
clamav.conf is in the default location, you could just leave the arguement 
out entirely:

# Send the RELOAD command to clamd.
NotifyClamd

JohnV

On Thursday 04 March 2004 08:52 am, you wrote:
 Hi all,
   New to group, tried to search previous postings for this, read
 everything in the docs group. I've got freshclam updating every two
 hours, and it seems to work fine, with one small exception. After it
 successfully downloads an update, I get a line in the config file that
 says this:

 'Error Can't parse configuration file.'

 This is right after the line 'Database updated (20381 signatures) from
 database.clamav.net (###.###.###.###).' I have checked and rechecked
 the permissions on both clamav.conf and freshclam.conf in the /etc dir
 and they are set g+wr u+wrx and the owner is clamav.clamav. What does
 this error mean? Do I have a syntax in my config file? And if so, which
 one? Here are both my config files, starting with clamav.conf:

 -- Start of
 clamav.conf---

 ##
 ## Example config file for the Clam AV daemon
 ## Please read the clamav.conf(5) manual before editing this file.
 ##


 # Comment or remove the line below.

 # Uncomment this option to enable logging.
 # LogFile must be writable for the user running the daemon.
 # Full path is required.
 #LogFile /tmp/clamd.log

 # By default the log file is locked for writing - the lock protects
 against
 # running clamd multiple times (if want to run another clamd, please
 # copy the configuration file, change the LogFile variable, and run
 # the daemon with --config-file option). That's why you shouldn't
 uncomment
 # this option.
 #LogFileUnlock

 # Maximal size of the log file. Default is 1 Mb.
 # Value of 0 disables the limit.
 # You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
 # and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the
 size
 # in bytes just don't use modifiers.
 #LogFileMaxSize 2M

 # Log time with an each message.
 #LogTime

 # Log also clean files. May be useful in debugging but will drastically
 # increase the log size.
 #LogClean

 # Use system logger (can work together with LogFile).
 #LogSyslog

 # Enable verbose logging.
 #LogVerbose

 # This option allows you to save the process identifier of the listening
 # daemon (main thread).
 PidFile /var/run/clamd.pid

 # Optional path to the global temporary directory.
 # Default is system specific - usually /var/tmp or /tmp.
 TemporaryDirectory /var/lib/clamav/tmp

 # Path to the database directory.
 # Default is the hardcoded directory (mostly /usr/local/share/clamav,
 # but it depends on installation options).
 DatabaseDirectory /var/lib/clamav

 # The daemon works in local or network mode. Currently the local mode is
 # recommended for security reasons.

 # Path to the local socket. The daemon doesn't change the mode of the
 # created file (portability reasons). You may want to create it in a
 directory
 # which is only accessible for a user running daemon.
 LocalSocket /tmp/clamd

 # Remove stale socket after unclean shutdown.
 FixStaleSocket

 # TCP port address.
 #TCPSocket 3310

 # TCP address.
 # By default we bind to INADDR_ANY, probably not wise.
 # Enable the following to provide some degree of protection
 # from the outside world.
 #TCPAddr 127.0.0.1

 # Maximum length the queue of pending connections may grow to.
 # Default is 15.
 #MaxConnectionQueueLength 30

 # When activated, input stream (see STREAM command) will be saved to
 disk before
 # scanning - this allows scanning within archives.
 #StreamSaveToDisk

 # Close the connection if this limit is exceeded.
 #StreamMaxLength 10M

 # Maximal number of a threads running at the same time.
 # Default is 5, and it should be sufficient for a typical workstation.
 # You may need to increase threads number for a server machine.
 #MaxThreads 10

 # Thread (scanner - single task) will be stopped after this time
 (seconds).
 # Default is 180. Value of 0 disables the timeout. SECURITY HINT:
 Increase the
 # timeout instead of disabling it.
 #ThreadTimeout 500

 # Maximal depth the directories are scanned at.
 MaxDirectoryRecursion 15

 # Follow a directory symlinks.
 # SECURITY HINT: You should have enabled directory recursion limit to
 # avoid potential problems.
 FollowDirectorySymlinks

 # Follow regular file symlinks.
 FollowFileSymlinks

 # Do internal checks (eg. check the integrity of the database
 structures)
 # By default clamd checks itself every 3600 seconds (1 hour).
 SelfCheck 600

 # Execute a command when virus is found. In the command string %v and
 %f will
 # be replaced by the virus name and the infected file name respectively.
 #
 # SECURITY WARNING: Make sure the virus event command cannot be
 exploited,
 # eg. by using some

Re: [Clamav-users] Freshclam Error messages

2004-03-04 Thread John Vestrum

Even though you are running as root, freshclam drops privileges to user 
clamav. Therefore, user clamav must be able able to write to Clam's data 
directory, which is at $PREFIX/share/clamav. It should look something like 
this:

# ls -l /opt/clamav/share/clamav
-rw-r--r--   1 clamav   clamav  32727 Mar  4 09:19 daily.cvd
-rw-r--r--   1 clamav   clamav 944351 Feb 29 12:38 main.cvd

See also the --datadir and --user options in freshclam.conf.

The Security warning means you didn't have the Gnu MP library when you 
compiled freshclam; it's optional but highly recommended. Get it from 
http://www.gnu.org/software/gmp/.

JohnV


On Thursday 04 March 2004 09:56 am, you wrote:
 When I try to run freshclam on a Solaris 8 SPARC I get the following
 errors.

 nemo# freshclam
 ClamAV update process started at Thu Mar  4 10:37:56 2004
 SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES
 Reading CVD header (main.cvd): OK
 ERROR: Can't open new file ./fe2c2591272a5315 to write
 open: Permission denied
 ERROR: Can't download main.cvd from 210.22.201.152
 Waiting 10 seconds...
 ClamAV update process started at Thu Mar  4 10:38:07 2004
 SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES
 Reading CVD header (main.cvd): OK
 ERROR: Can't open new file ./d83a9adaea65e446 to write
 open: Permission denied
 ERROR: Can't download main.cvd from 210.22.201.152
 Waiting 10 seconds...
 ClamAV update process started at Thu Mar  4 10:38:18 2004
 SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES
 Reading CVD header (main.cvd): OK
 ERROR: Can't open new file ./068506789e044f1f to write
 open: Permission denied
 ERROR: Can't download main.cvd from 210.22.201.152
 Waiting 10 seconds...

 What did I miss?

 Thanks,

 Steve Plemmons
 [EMAIL PROTECTED]



 ---
 This SF.Net email is sponsored by: IBM Linux Tutorials
 Free Linux tutorial presented by Daniel Robbins, President and CEO of
 GenToo technologies. Learn everything from fundamentals to system
 administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click
 ___
 Clamav-users mailing list
 [EMAIL PROTECTED]
 https://lists.sourceforge.net/lists/listinfo/clamav-users



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

RE: [Clamav-users] email report

2004-03-03 Thread John Vestrum

clamav sends an email to...

Nobody. That's the job of your MTA and filter package. I'm using postfix and 
amavis-new, what are you using?

You can likely just change the line for postmaster in /etc/aliases, and run 
newaliases.

JohnV

-Original Message-
From: Raul Elizondo [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, March 03, 2004 3:14 PM
To: [EMAIL PROTECTED]
Subject: [Clamav-users] email report


Hi,

Quick question.  By default, clamav sends an email to the sender, receiver 
and the postmaster.  How do i change the [EMAIL PROTECTED] to 
another address?

Thanks

-=Raul=-



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] limiting child processes

Re: [Clamav-users] Please help ERROR: Parse error at line 142: Unknown option Archive

Re: [Clamav-users] problem starting clamd

Re: [Clamav-users] clamd and Amavis-new conflict?

Re: [Clamav-users] Re: MyDoom.G detected by clamscan but not by clamd

Re: [Clamav-users] clamd and Amavis-new conflict?

Re: [Clamav-users] sendmail devel?

Re: [Clamav-users] Freshclam error in log file

Re: [Clamav-users] Freshclam Error messages

RE: [Clamav-users] email report

10 matches

Site Navigation

Mail list logo

Footer information