Re: [clamav-users] feedback on Installing ClamAV instructions
On Mon, Nov 28, 2016 at 6:56 PM, Joel Esler (jesler)wrote: > There are a number of package maintainers for ClamAV on Solaris. The > installation method differs for each. > > I tried to figure out what this was saying a couple of times. > I've decided that it's trying to say that there are a couple of > competing packagings of ClamAV for Solaris. (Initially I thought it > was trying to say that there are multiple package management systems > for Solaris.) > > Assuming I'm right, it would be better to say "Multiple groups have > packaged ClamAV for Solaris." > OTOH, if it's trying to talk about competing package management > systems, then, something like "There are a number of package > management systems for Solaris, and thus packages of ClamAV." > > Would you like to download the latest virus pattern definitions during > installation ? (This requires that you have a direct connection to the > Internet. If you are behind a proxy server then skip this step.) > > It feels like this is missing a section heading. (perhaps it should be > inside the block below?) > There's also something odd with the *space* before the `?` > > The block itself /feels/ like output from one of the package > management systems, if so, it probably should identify which one... I think that the long (Solaris) install output is from Andy's packages he produced for Citrus IT. I'm not sure they are available any more, the output shows ClamAV 0.92 and I can't find anything about it on Citrus IT's web site. If this section can't be verified I think it's better to remove it since it doesn't help Solaris users, there's not even a link there. The section about OpenCSW is current though (I'm the maintainer). We're at 0.99.2. ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] CentOS 7 EPEL Packages
On Fri, Jan 15, 2016 at 10:33 PM, Walter H.wrote: > that sounds quite surprising to me; as I did this with the EPEL repository > but with CentOS 6 > and had no problems; Even though it's the same guy packaging ClamAV for both CentOS 6 & 7 he's gone crazy splitting it for 7 and it's not a good experience using it anymore. ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] CentOS 7 EPEL Packages
On Fri, Jan 15, 2016 at 10:54 PM, John Zimmermanwrote: > Yeah. I'm not sure I mind it being split, but there seems to be > inconsistencies, missing config files, wrong username, bad or no systemd > files etc > > Working off of this right now: > http://linux-audit.com/install-clamav-on-centos-7-using-freshclam/ so I > can update a puppet module to make this work appropriately on CentOS 7. Wish I had that link when I fought it a couple of months back. > Not sure if it was appropriate to do, but I put a bug report into RedHat's > bugzilla for EPEL as well: > https://bugzilla.redhat.com/show_bug.cgi?id=1299072 I think it's the right thing to do. If I remember correctly it worked out of the box for CentOS 6 and now it's a mess for 7. ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Interesting report from clamscan after adding new database
On Thu, Oct 15, 2015 at 5:55 PM, Gene Heskettwrote: >> http://sanesecurity.co.uk/foxhole-databases/ > > Unfortunatly, nothing seems to be linked, the only thing I can save is > the web page itself with either iceweasel or chromium. And I did enable > cookies, in chromium, to no avail. That's just a page describing that particular set of signatures. Click the Usage-menu above to get scripts to download any signatures you want. Freshclam can't download these for you. ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] 0.98.5 installation error
On Wed, Nov 19, 2014 at 10:54 AM, nikos ni...@qbit.gr wrote: ERROR: This tool requires libclamav with functionality level 79 or higher (current f-level: 77) Maybe you have multiple libclamav's on your system and it links with the old one? ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Version 0.98.3 fails on Solaris
On Thu, May 8, 2014 at 5:23 PM, Shawn Webb sw...@sourcefire.com wrote: I can install Solaris on this sparc64 machine as early as next week. OpenCSW provides a complete Solaris build farm if you're interested, we used to host automatic builds for ClamAV before Sourcefire aquired it. http://www.opencsw.org/extend-it/signup/to-upstream-maintainers/ ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] Freshclam error when trying to write to log file
On Mon, Jun 3, 2013 at 1:57 PM, Wietse Jorissen wietse.joris...@gmail.com wrote: -rw-r--r--. 1 clam clam 0 jun 2 03:50 clamd.log -rw-r--r--. 1 clamav clamav 59314 mei 12 03:13 clamd.log-20130512 -rw-r--r--. 1 clamav clamav 59926 mei 19 04:41 clamd.log-20130519 -rw-r--r--. 1 clamav clamav 40383 mei 24 16:43 clamd.log-20130526 -rw-r--r--. 1 clamav clamav 3295 mei 29 11:17 clamd.log-20130602 -rw-r--r--. 1 clam clam 0 jun 2 03:50 freshclam.log -rw-r--r--. 1 clamav clamav 6006 mei 12 03:13 freshclam.log-20130512 -rw-r--r--. 1 clamav clamav 5940 mei 19 04:41 freshclam.log-20130519 -rw-r--r--. 1 clamav clamav 3733 mei 26 03:50 freshclam.log-20130526 -rw-r--r--. 1 clamav clamav 6274 jun 2 03:50 freshclam.log-20130602 You have the classic mess of ClamAV from two sources, one using clam as the user and the other clamav. You need to sort out which packages you want to use, remove the others and stick with it. ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] Freshclam updates failing
On Tue, Jun 25, 2013 at 5:19 PM, Denis McMahon denismfmcma...@gmail.com wrote: So the issue is that apparmor is blocking freshclam? After adding: /etc/resolv.conf r, /etc/network/nameservers r, in: /etc/apparmor.d/local/usr.bin.freshclam freshclam updated fine! I asked you a few days ago SELinux or similar?... ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] Freshclam updates failing
On Sat, Jun 22, 2013 at 2:55 PM, TR Shaw ts...@oitc.com wrote: On Jun 22, 2013, at 8:52 AM, Denis McMahon wrote: On 22/06/13 04:10, Dennis Peterson wrote: On 6/21/13 5:45 AM, Denis McMahon wrote: appear to suggest that my dns is fine (these are included in the log). I have another machine on the LAN which updates fine. What do you get if you run freshclam --list-mirrors ? $ sudo freshclam --list-mirrors Can't read mirrors.dat $ Permissions? SELinux or similar? ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] GTUBE message detection
On Wed, Apr 10, 2013 at 9:54 AM, Paul Whelan paul...@blakecomp.co.uk wrote: On 9 Apr 2013 at 11:12, Steve Basford wrote: Hi All, Couple of updates.. I've just check end the Sanesecurity.TestSig.GTUBE signature name had accidentally been renamed to Sanesecurity.TestSig.10616 I have, however, removed the checks for GTUBE, so at least ClamAV and Third-Party sigs are now consistent. Given that a large proportion of the Sanesecurity sigs detect spam, phishing, and other junk mail (and folks use them as such), wouldn't it be useful to include a standard spam test signature by default? It seems to be very controversial if ClamAV should include signatures for other things than classic malware. Why not have some kind of classification of the signatures and let us control what we download via Freshclam? /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] New Version of ClamAV
On Wed, Mar 20, 2013 at 6:42 PM, Robert Lopez rlopez...@gmail.com wrote: Bot net member identification and blocking. Block email from spoofed in-our-domain-sender sent from outside our domain when it is equal to one of list of recipients. Why do you want this in ClamAV when other tools like RBLs and SpamAssassin already can do the above? /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] False Positive - Osx.Exploit.Iosjailbreak
On Sat, Feb 16, 2013 at 1:29 AM, Tilman Schmidt t.schm...@phoenixsoftware.de wrote: Am 14.02.2013 14:17, schrieb Daniel McDonald: But for the majority of us, It's not just potentially unwanted, it is simply unwanted. If I had wanted an open phone, I would have bought an Android. That does of course heavily depend on your definition of us. I take it that it doesn't include me or anyone in my virtual vicinity. :-) IOW, please don't claim you represent the majority without substantiation. Since jailbreakers are way below 50%, probably less than 5%, I think he's clearly right claiming to belong to a majority. ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] Solaris 10 UFS Support?
On Wed, Jan 23, 2013 at 11:59 AM, Joseph, Matthew (EXP) matthew.jos...@lmco.com wrote: Hello, Does anyone know if ClamAV supports the UFS File system? As far as I know it doesn't operate on that level so if it runs on a certain OS it supports any file system that OS supports, if you can mount it ClamAV can scan it. And it does run on Solaris. /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] DLP scan configuration using clamscan
On Sun, Sep 23, 2012 at 5:55 PM, Fredrich Maney fredrichma...@gmail.com wrote: Is there a better way to do this that I'm overlooking? Using clamDscan? ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] [Clamav-announce] Announcing ClamAV 0.97.6
On Mon, Sep 17, 2012 at 9:28 PM, Joel Esler jes...@sourcefire.com wrote: Dear ClamAV users, ClamAV 0.97.6 includes minor bug fixes and detection improvements. Wasn't bug 5252 important enough to warrant a minor release? Lots of us had to run patched versions and looking at the change log you fixed a bunch of stuff including 5252 in a couple of weeks after 0.97.5 and then nothing happened for two months when you fixed another bug and made a release. How you just went quiet in the bug notes while so many had big problems makes me wonder how this project is managed nowadays. /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] Compiling and installing from an NFS mount
On Wed, Mar 14, 2012 at 6:14 PM, Forrest Aldrich for...@gmail.com wrote: There you go making life difficult for yourself again. Why not set up your own ClamAV database mirror? I'm not sure how to do this; however, we have only about 4 or 5 machines that poll for virus updates. And the mirror would be private (not publicly accessible). Just run freshclam on a machine having a web server on it. Then point freshclam on your scanning machines to that machine. ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] Untit Testing
On Mon, Feb 6, 2012 at 8:39 PM, Reynolds, David C. david.c.reyno...@saic.com wrote: I've recently installed .97.3 on an SGI Origin 3000 running TRIX v6.5.28 using gcc 3.2.1. (I did need to make some source file modifications). I was able to run clamscan against a directory seemingly without error. However, I would like to run some tests which would indicate catching an infected file without actually putting an infected file on our system. This is a totally Trusted Irix environment. I've had problems trying to build the check package as recommended in the ClamAV documentation in this IRIXS environment. Any suggestions as to how run some unit tests that would indicate that an infected file would actually be found? Use eicar, the test virus: http://eicar.org/86-0-Intended-use.html /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] Lightweight version of clamav
On Mon, Nov 21, 2011 at 11:28 PM, Shobana Narayanaswamy snar...@opnet.com wrote: Hi: I want to run ClamAV on a FreeBSD based appliance. However, it appears to have a performance impact that is significant (cpu/mem). Is there a lightweight version? Or can I possibly limit the virus definitions to only FreeBSD related and exclude the windows definitions - so it does not have to read the entire definitions file for each check? I assume you're running clamscan, it has a horrible startup time. Try running clamd, it will load the virus db once, then you use clamdscan instead of clamscan as a client. Much faster. /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] Obfuscated IP address.
On Mon, Sep 19, 2011 at 6:46 PM, Bernd Petrovitsch be...@petrovitsch.priv.at wrote: That's the whole problem as both are legal and correct (as in RFC-compliant) form. And you want to flag it as spam? Regardless of form I would call it spam since I've never seen legit numeric links. I've had my own SA rule for the common form for a long time now and it has served me well, I will probably expand that to include this form. /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] announcing ClamAV 0.97.1
On Thu, Jun 9, 2011 at 5:12 PM, Christopher X. Candreva ch...@westnet.com wrote: On Thu, 9 Jun 2011, Luca Gibelli wrote: Dear ClamAV users, This is a bugfix release recommended for all users. Please refer to the ChangeLog file for details. Download : http://downloads.sourceforge.net/clamav/clamav-0.97.1.tar.gz FYI to any Solaris users, my compile failed on Solaris 10 x86, gcc 4.6.0 It compiled fine with Sun Studio on 5.9/10 sparc/i386. Packages available here: http://buildfarm.opencsw.org/experimental.html#bonivart I've opened ticket 2921 https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2921 I can't access that. /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] clamd abending
On Mon, Apr 4, 2011 at 6:26 AM, David Alix david.a...@isc.ucsb.edu wrote: I'm running clamav 0.97/12943 on Solaris 9. Twice today, clamd has abended. I can find no error message in the log files indicating the problem. Is anyone else seeing this, or have any suggestions on how to troubleshoot this? You could give this package a try: http://www.opencsw.org/packages/CSWclamav/ Here's how to install if you're not already an OpenCSW user: http://www.opencsw.org/get-it/pkgutil/ /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] Database reload improvement
On Fri, Mar 11, 2011 at 2:03 PM, aCaB aca...@digitalfuture.it wrote: On 03/10/11 20:58, Peter Bonivart wrote: You could give our ClamAV package a try: http://www.opencsw.org/packages/CSWclamav/ Guys, Anybody tried? I'd be very interested in hearing the results. I have obviously tried my own packages ;) and if timestamps from clamd.log are to be trusted it's 3 seconds every time: Thu Mar 10 11:16:42 2011 - Reading databases from /var/opt/csw/clamav/db Thu Mar 10 11:16:45 2011 - Database correctly reloaded (915866 signatures) Thu Mar 10 15:21:45 2011 - Reading databases from /var/opt/csw/clamav/db Thu Mar 10 15:21:48 2011 - Database correctly reloaded (915861 signatures) Thu Mar 10 17:45:25 2011 - Reading databases from /var/opt/csw/clamav/db Thu Mar 10 17:45:28 2011 - Database correctly reloaded (915985 signatures) Thu Mar 10 21:46:11 2011 - Reading databases from /var/opt/csw/clamav/db Thu Mar 10 21:46:14 2011 - Database correctly reloaded (916108 signatures) Fri Mar 11 03:24:49 2011 - Reading databases from /var/opt/csw/clamav/db Fri Mar 11 03:24:52 2011 - Database correctly reloaded (916124 signatures) I also looked at a couple of servers where the hardware is 3-4 years old and they took 5-7 seconds to reload. But they have a high load from all mail related services they do, probably they could shave off a second or two if tested separately. /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] Database reload improvement
On Fri, Mar 11, 2011 at 2:07 PM, Martin Preen pr...@informatik.uni-freiburg.de wrote: Sorry, but currently I can't use these package on that system (because of the library/package/path dependencies). Not sure what you mean here? Everything from OpenCSW installs separately from the rest of Solaris and doesn't affect it all, you could very well install our ClamAV package and test it on the same system where you have your own. You just install pkgutil as a package manager and it will then pull in ClamAV and all dependencies with one command (pkgutil -i clamav). Think apt-get/yum. /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] Database reload improvement
On Thu, Mar 10, 2011 at 8:52 PM, Martin Preen pr...@informatik.uni-freiburg.de wrote: Platform information uname: solaris2.10 OS: solaris2.10, ARCH: sparc, CPU: sparc Full OS version: Solaris 10 1/06 s10s_u1wos_19a SPARC zlib version: 1.1.4 (1.1.4) platform id: 0x0e663c3c14000580 Build information - Sun studio: (0.5.128) CPPFLAGS: -I/opt/bzip2/include CFLAGS: -g CXXFLAGS: LDFLAGS: Configure: '--prefix=/opt/clamav' '--sysconfdir=/etc' '--datadir=/var/clamav' '--enable-bigstack' '--disable-rpath' '--with-dbdir=/var/clamav' '--with-user=nobody' '--with-group=nogroup' '--with-libncurses-prefix=/opt/sfw' '--with-libbz2-prefix=/opt/bzip2' --enable-ltdl-convenience sizeof(void*) = 4 Engine flevel: 60, dconf: 60 You could give our ClamAV package a try: http://www.opencsw.org/packages/CSWclamav/ /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] daily database broken again
On Sat, Mar 5, 2011 at 11:11 PM, Dennis Peterson denni...@inetnw.com wrote: Though there is no free VM tool for Mac - Fusion is dirt cheap. VirtualBox is free and runs on Mac, it can even host Mac vm's. /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [clamav-users] 0.96.5 compilation problem on Solaris 10
On Wed, Dec 8, 2010 at 6:08 PM, Armitage, Jon jon.armit...@bskyb.com wrote: Edwin, I hope this makes sense to you, I'm a sysadmin, not a programmer, so I'm not sure what the differences mean. If you want to avoid the hassle you can use pre-built binary packages from OpenCSW. We have ClamAV in our repository including it's dependencies. Note that we for the moment only have 0.96.4 since 0.96.5 is in testing, soon to be released. Basically you just do pkgutil -i clamav to install it. More info here: OpenCSW: http://www.opencsw.org/ Install pkgutil: http://www.opencsw.org/get-it/pkgutil/ ClamAV package page: http://www.opencsw.org/packages/CSWclamav/ 0.96.5 test package: http://buildfarm.opencsw.org/experimental.html#bonivart /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Upcoming release of ClamAV (0.96.5)
On Mon, Nov 22, 2010 at 3:12 PM, Tomasz Kojm tk...@clamav.net wrote: You can help by testing (or just running ./configure make check) the latest code available in our Git repository - the latest snapshot tarball can be grabbed here: http://git.clamav.net/gitweb?p=clamav-devel.git;a=snapshot;h=refs/heads/master;sf=tgz I got this on Solaris 10 i386 using the latest development tarball http://www.clamav.net/snapshot/clamav-devel-latest.tar.gz (which I assume is pretty much the same as the link above?). configure: Summary of detected features follows OS : solaris2.10 pthreads: yes (-lpthread) configure: Summary of miscellaneous features check : no (auto) clamuko : yes fdpassing : 1 IPv6: yes configure: Summary of optional tools clamdtop: -L/opt/csw/lib -lncurses -R/opt/csw/lib milter : yes configure: Summary of engine performance features) release mode: yes jit : no (auto) mempool : yes configure: Summary of engine detection features autoit_ea06 : yes bzip2 : ok zlib: /usr unrar : yes [configure-modulated] complete for clamav. ... SKIP: check_clamav PASS: check_freshclam.sh PASS: check_sigtool.sh SKIP: check_unit_vg.sh PASS: check1_clamscan.sh PASS: check2_clamd.sh PASS: check3_clamd.sh PASS: check4_clamd.sh SKIP: check5_clamd_vg.sh SKIP: check6_clamd_vg.sh SKIP: check7_clamd_hg.sh SKIP: check8_clamd_hg.sh SKIP: check9_clamscan_vg.sh == All 6 tests passed (7 tests were not run) == r...@sol10[trunk]# freshclam -V ClamAV devel-csw-0.96.5/12307/Tue Nov 23 12:13:30 2010 r...@sol10[trunk]# clamdscan /root/eicar/* /root/eicar/eicar.com: Eicar-Test-Signature FOUND /root/eicar/eicar.com.txt: Eicar-Test-Signature FOUND /root/eicar/eicar_com.zip: Eicar-Test-Signature FOUND /root/eicar/eicarcom2.zip: Eicar-Test-Signature FOUND --- SCAN SUMMARY --- Infected files: 4 Time: 0.038 sec (0 m 0 s) /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] safe_clamd
On Thu, Oct 14, 2010 at 1:05 PM, Luca Gibelli l...@clamav.net wrote: Hello, starting from the 0.96.2 release, our source tarball includes a script to automatically restart clamd in case the daemon crashes. In Solaris, we use SMF (Service Management Facility). It keeps state of services regardless of patching, reboots or processes dying, if you want a service enabled/disabled it will try to keep it that way. Every service also gets its own log file. Only reason for me to use your script would be with Solaris 9 or older which didn't have SMF. /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Some questions about clamav update
On Tue, Jul 6, 2010 at 9:32 PM, JD jd1...@gmail.com wrote: All in all, these packages are just not ready for the non-techie user!! So complain to the packager then. -- /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] (no subject)
On Wed, Apr 21, 2010 at 10:39 PM, Christopher X. Candreva ch...@westnet.com wrote: IMHO, open source projects don't have a business side. Opensource projects exist for the developers to get the software they need, faster, through colaboration with others. If anyone else finds it usefull that's an added bonus. But if no one other than the devs use it themselves, the project has fullfilled it's purpose. Adding business value is the job of the distros, or Apple if they include it, or myself as an ISP. That's why I said before I think the real let-down here are the distros that didn't do anything about it. Extreme ? Maybe, but that's why I use open-source, for getting best of breed, newest, breaking with history when needed. Well put. Luckily I read your post just before having to mute yet another endless thread on this list. -- /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] You have been unsubscribed from the clamav-users mailing list
On Mon, Apr 19, 2010 at 10:13 AM, Giampaolo Tomassoni giampa...@tomassoni.biz wrote: Forcefully unsubscribing people is not a fair way to silence them. Not even explaining why is even worse. ...on the other hand the description of this mailing list is obtaining support for UNIX platforms. In my mind you have no interest in receiving or delivering support. Please let the complaining end now. Let's get back to the support this list used to be about. The last couple of days the volume has been 10 times the normal amount and of no interest to me. -- /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] You have been unsubscribed from the clamav-users mailing list
On Mon, Apr 19, 2010 at 10:49 AM, Jeroen Ticheler jeroen.tiche...@geocat.net wrote: Hi Peter, Although I don't agree with aggressive emails, I do myself have serious problems that started on exactly the 15th. Since then my mail server has become completely unreliable and an upgrade to 0.95.3 has not resolved my problems yet. I notice I am not the only person that has a problem with the EOL and I can understand a strong traffic increase because of this. Maybe more care had to be taken with regards to this EOL change... I sincerely hope you receive the support you need, that's what the list is for. -- /peter ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Re: Centralized Linux Antivirus server for Windows XP Clients
Raja Muhammad Hammad wrote: does ClamAV support the given scenario? You don't need any extra software to do that. Just install Clam on all machines. On the master server you update from official internet mirrors. On the slave servers you update from the master server running Apache and the workstations update from the slave servers, also running Apache of course. -- /Peter Bonivart --Unix lovers do it in the Sun ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Exploit.W32.MS05-002 False Positives
jef moskot wrote: On Wed, 9 Feb 2005, Maxim Britov wrote: P900\Beyonce Knowles - Crazy In Love (2).wav: Exploit.W32.MS05-002 FOUND I don't know, but size is ~50-100KB. If they're tiny files, are you sure they're actually wavs? My guess is they are ring signals for the Sony Ericsson P900 mobile phone. -- /Peter Bonivart --Unix lovers do it in the Sun ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] Requesting Recommendations (clamav, amavis, spamassassin, sendmail, procmail, etc)
Robin Lynn Frank wrote: Peter Bonivart wrote: Grow up. I gave pertinent, and truthful, advice to the question, that is all. To quote your earlier post: There's plenty of happy Postfix users running MailScanner, the Postfix author doesn't like the way MailScanner interacts with its queues and Postfix users who do not use MailScanner are quick to judge. Anyway, if you don't have a very good reason for using Postfix, stay with Sendmail since it's faster than Postfix with MailScanner. It has to do with Postfix using only one queue file per message and MailScanner having to rewrite the whole file. 1. The author of postfix has described in detail, how the manner in which mailscanner manipulates the queue can result in loss of mail. Yes there are postfix users who like mailscanner and will continue to like it...until the first time they lose meail. 2. Reason to use postfix over sendmail? Compare vulnerability histories. Pertinent information? Maybe, but biased and completely overlooking security and technical issues. At least keep your quotes straight. Matt wrote the part about pertinent information, not me! For the rest of it, post on the MailScanner list if you want to discuss it with Postfix users, I didn't even recommend using Postfix here so we should agree on that even if your feelings were hurt. You gave a short warning that is proven wrong by many happy users, if you call that all the fancy things above it's your choice. You have a very short fuse Matt. Matt is very laid back compared to me. Yes, you're even more of a jackass. Write me offlist if you have a problem since this is off topic on this list. -- Robin Lynn Frank - Director of Operations - Paradigm-Omega, LLC Website: http://www.paradigm-omega.com/ RSS: http://paradigm-omega.blogspot.com/atom.xml Spamtraps: http://paradigm-omega.net/cgi-bin/custmail.cgi = In a perfect world there would be no random taglines. ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users -- /Peter Bonivart --Unix lovers do it in the Sun ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] Requesting Recommendations (clamav, amavis, spamassassin, sendmail, procmail, etc)
Matt wrote: I never said there weren't. Working, however, and working reliably in a consistent and permanent fashion, are completely seperate things. I have no dislike of MailScanner, but to recommend it to someone to use with a certain MTA when it is known to run the risk of losing|corrupting email with that MTA, however remote the chance, is stupidity and borderline negligent. I didn't recommend Postfix, I recommended Sendmail so I won't bother to answer your other remarks. Anyhow, back to my original point to the Lady who asked, MailScanner is perfectly happy with any other MTA. Amavis should work with any MTA. You also have Xamime, which will work with all except Qmail, as far as I know. Thanks for telling me even though I didn't ask. Anyhow, since you were the first one to do the handbag swinging, who has a certain software combination fetish and is the one being jugdemental? Handbag swinging? I didn't even reply to your post, but to hers so who's trying to pick a fight here? Out of the software she herself mentioned I think Sendmail and MailScanner makes the better pair but that doesn't mean I have a fetish for that combo. About being judgemental, that Postfix is the slowest MTA when used with MailScanner is well tested, much more so than the reliability problems. I also tried to explain why that is so, just so that I wouldn't come across judgemental and anti-Postfix which I'm not. And as for being a Postfix user, I am also an Exim and a Sendmail user. Ok, but I still didn't reply to your post so I'm not sure what that information is for. Grow up. I gave pertinent, and truthful, advice to the question, that is all. You gave a short warning that is proven wrong by many happy users, if you call that all the fancy things above it's your choice. You have a very short fuse Matt. -- /Peter Bonivart --Unix lovers do it in the Sun ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] Requesting Recommendations (clamav, amavis, spamassassin, sendmail, procmail, etc)
Diane Rolland wrote: Ken Matt; Thanks for the tips; this was exactly what I was looking for!!! MailScanner looks Extremely promising! (And it was a breeze to install). I think I'll still be ablt to use ProcMail for the business mail rules. Make sure to subscribe to the MailScanner list also, you can find it on the web site, it's a very friendly list where people ask questions about pretty much everything concerning a mail server. There's plenty of happy Postfix users running MailScanner, the Postfix author doesn't like the way MailScanner interacts with its queues and Postfix users who do not use MailScanner are quick to judge. Anyway, if you don't have a very good reason for using Postfix, stay with Sendmail since it's faster than Postfix with MailScanner. It has to do with Postfix using only one queue file per message and MailScanner having to rewrite the whole file. The ruleset feature in MailScanner is very powerful and might save you from using procmail. Almost every user of MailScanner also uses Clam so you will find your setup well supported. -- /Peter Bonivart --Unix lovers do it in the Sun ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] DNS behind a firewall
Sakshale eQuorian wrote: Correct - That was before I updated. I was simply showing that the proxy updates were working at that time. However, not that I've updated I get the error listed above; ERROR: Can't query current.cvd.clamav.net OK, what do you get when you issue freshclam -v? This is mine, note that I use a proxy too. # freshclam -v Current working dir is /usr/local/share/clamav Max retries == 3 ClamAV update process started at Thu Nov 11 14:09:46 2004 TTL: 900 main.cvd version from DNS: 27 Software version from DNS: 0.80 Connecting via proxy.xxx.xx main.cvd is up to date (version: 27, sigs: 23982, f-level: 2, builder: tomek) TTL: 900 daily.cvd version from DNS: 585 Connecting via proxy.xxx.xx daily.cvd is up to date (version: 585, sigs: 2485, f-level: 3, builder: trog) Freeing option list...done -- /Peter Bonivart --Unix lovers do it in the Sun ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] DNS behind a firewall
Sakshale eQuorian wrote: I was running 7.0 without any problems. I updated to 8.0, but it appears that the new DNS functions; DatabaseMirror database.clamav.net DNSDatabaseInfo current.cvd.clamav.net don't work with the proxy routines. -- freshclam daemon 0.80 (OS: solaris2.9, ARCH: sparc, CPU: sparc) ClamAV update process started at Wed Nov 10 13:50:18 2004 ERROR: Can't query current.cvd.clamav.net main.cvd is up to date (version: 27, sigs: 23982, f-level: 2, builder: tomek) ERROR: Can't query current.cvd.clamav.net daily.cvd is up to date (version: 584, sigs: 2477, f-level: 3, builder: trog) -- I have the following fields defined in the freshclam configuration file: # Proxy settings HTTPProxyServer proxy.example.com HTTPProxyPort 8080 HTTPProxyUsername username HTTPProxyPassword password -- These worked for getting updates with 7.0; -- Received signal 14, wake up ClamAV update process started at Tue Nov 9 20:36:18 2004 SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES main.cvd is up to date (version: 27, sigs: 23982, f-level: 2, builder: tomek) daily.cvd updated (version: 582, sigs: 2467, f-level: 3, builder: ccordes) WARNING: Your ClamAV installation is OUTDATED - please update immediately ! WARNING: Current functionality level = 2, required = 3 Database updated (26449 signatures) from database.clamav.net. Clamd successfully notified about the update. -- ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Looks like you're running an older version than you think you are, otherwise you shouldn't get: WARNING: Your ClamAV installation is OUTDATED - please update immediately ! Check for multiple installations at different locations. Did 0.80 install in a different place than 0.70? By the way, it's version 0.70 and 0.80, not 7.0 and 8.0. -- /Peter Bonivart --Unix lovers do it in the Sun ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] Notification E-mail
Jonathan Pitcher wrote: Is it possible to send a message onto the user that they had an e-mail blocked? Or to an admin stating that [EMAIL PROTECTED] had a virus sent to them? http://www.mailscanner.info -- /Peter Bonivart --Unix lovers do it in the Sun --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Scan time limits?
Sean Hafeez wrote: I have a 384k line and someone is trying to send me a 100mb pdf. Can I set the time line higher or set it to just let the file thru? Mail wasn't meant for file transfer and certainly not for those sizes. Have them put the file on a web server so you can download it from there. -- /Peter Bonivart --Unix lovers do it in the Sun --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 13. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] freshclam wont work
david thompson wrote: If you type echo $PATH you will see that the search path is not the same for you as an ordinary user and you as super user. I typed echo $path and got a blank. That's why I wrote PATH, with caps, not path. # echo $path # echo $PATH /sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin -- /Peter Bonivart --Unix lovers do it in the Sun --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] freshclam wont work
david thompson wrote: I typed the correct echo... and got linux:/home/david # echo $PATH /usr/sbin:/bin:/usr/bin:/sbin:/usr/X11R6/bin Do I need to change or move the freshclam to /usr/bin or can I add to the above 'echo $PATH'? If I can add to the $PATH how is this done? If you compare that with my search path you see that you lack /usr/local/bin and that's why you can't start freshclam by just typing freshclam alone. Type the complete path and the problem is solved. You should run freshclam from cron anyway. Type man crontab to learn more about that. This really has nothing to do with Clam since it seems to work for you. You need to bump up your Unix skills a couple of notches. There's plenty of online material that help with this kind of stuff. -- /Peter Bonivart --Unix lovers do it in the Sun --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Some help for a newbie regarding configuration files
Dana Millaway wrote: Many thanks to those who responded my question on and off-list. I seem to have gotten the right file edited although I cannot be positive until I see some of my normal mail from TechRepublic that was getting snagged. I stand corrected as to our anti-spam package. We are running MailScanner that only pulls in SpamAssassin if the sender is on 2 or more RBL's, if I have interpreted the MailScanner.conf file correctly. The section that had the HTML Forms was in the Anti-virus setting portion but that appears to be the only place I needed to tweak. There were a lot of new options added to this version of ClamAV compared to the version we were running. Have you asked on the MS list? You seem a little confused about how MS and Clam works together. Ask on that list instead, almost every MS user also uses Clam so you will get better help for your setup I think. -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.32.5, SpamAssassin 2.64 + DCC 1.2.50, ClamAV 0.75.1 + GMP 4.1.2, Vispan 1.4 --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] freshclam wont work
david thompson wrote: I have just installed clamav-0.75 on SuSE 9. I have tested it by scanning the clamav-0.75 dir, and it found the test viruses-everything seemed ok. This was until I I su'd and typed freshclam. Bash reports that the command freshclam cannot be found. Freshclam is found when run as ordinary user, but of cause you cant update like this. If you type echo $PATH you will see that the search path is not the same for you as an ordinary user and you as super user. Find the freshclam binary by using locate freshclam or this: # rpm -qa | grep clam clamav-0.75.1-1mdk # rpm -ql clamav-0.75.1-1mdk | grep freshclam /usr/bin/freshclam Note that you might have several different Clam packages and they may be named differently on your system, mine is Mandrake. -- /Peter Bonivart --Unix lovers do it in the Sun --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Idea for more timely virusdb updates
Jeremy Kitchen wrote: or scrap the whole idea all together :) Maybe the best thing written on the subject today! ;-) j/k But really, what's the problem? Shouldn't big time folks complain to the commercial companies to whom they pay for service and still they got updates later than Clam? Instead hundreds of mails are written here with one solution more far out than the other. Please, I *think* you might have caught the attention of the developers by now so please let them think about this for a moment. They still beat everyone else so I just want to say thank you. Everything works great! In combination with MailScanner which checks inside zip files and blocks executables I stopped all the viruses even before Clam was updated. From what I have seen from reading this list for some time many of you seem to rely to heavily on too few layers of protections. Maybe that's why you must have the updates immediately with no regard to server load or maybe I missed the solution that took care of that one too in the flood of mail. Premium servers for a fee is the best solution I have seen so far. No offence meant to anyone in particular. -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.32.5, SpamAssassin 2.63 + DCC 1.2.50, ClamAV 0.75.1 + GMP 4.1.2, Vispan 1.4 --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Another upgrade question.
Ken Goods wrote: I'm running Sendmail, Mailscanner, Spamassasin, and Clamav (0.70rc-1). I would like to upgrade Clamav. Tried yum but it continues to tell me there are no updates available. So on to plan two. I'm going to install from the RPMs but wasn't exactly sure of the process. This is my plan. 1. Stop Mailscanner (which will effectively stop Sendmail and Clamav, correct?) 2. Save my current clamav.conf to /tmp 3. rpm -e clamav 4. rpm -Uvh new clamav-db rpm package 5. rpm -Uvh new clamav package 6. copy clamav.conf back to /etc 6. restart Mailscanner You could stop just MS and let Sendmail run so your server still receives mail if you want to. If the packages are two different builds you're correct about removing the old one completely. Remember to compare the two clamav.conf files so you don't miss any options in the new one by overwriting it with your old one. By the way, clamav.conf is only used by clamd which you're not using with MS. Concentrate on freshclam.conf instead. Should be a simple five minute upgrade. Post on the MS list if you need more help. -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.32.5, SpamAssassin 2.63 + DCC 1.2.50, ClamAV 0.75.1 + GMP 4.1.2, Vispan 1.4 --- This SF.Net email is sponsored by OSTG. Have you noticed the changes on Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now, one more big change to announce. We are now OSTG- Open Source Technology Group. Come see the changes on the new OSTG site. www.ostg.com ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] clamav problems
charles x.morrissey wrote: thanks for the reply, isn't this the current release? freshclam daemon 0.74 (OS: darwin7.4.0, ARCH: ppc, CPU: powerpc) clam daemon 0.74 (OS: darwin7.4.0, ARCH: ppc, CPU: powerpc) friday... i don't see a newer version available. can someone help? It's the current *stable* release, I think he meant that you should try the current snapshot. Go here and download the latest one: http://www.clamav.net/snapshot/ -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.31.6, SpamAssassin 2.63 + DCC 1.2.50, ClamAV 0.73 + GMP 4.1.2, Vispan 1.4 --- This SF.Net email sponsored by Black Hat Briefings Training. Attend Black Hat Briefings Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Lib GNU MP on Solaris
Thomas Jackson wrote: According to the FAQ and the configure script I need to install GNU MP on my Solaris 8 system so that clam will support digital signatures. I've installed GMP 2.0.2, 3.1, and 4.1.3 on test systems and none will satisfy the configure script. What am I missing? Did you set ABI to 32 so you didn't compile in 64 bit mode, if so Clam can't find it. It's mentioned in the docs. -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.29.7, SpamAssassin 2.63 + DCC 1.2.45, ClamAV 0.70 + GMP 4.1.2, Vispan 1.4 --- This SF.Net email sponsored by Black Hat Briefings Training. Attend Black Hat Briefings Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Any idea??? Clamav MailScanner are not rejecting viruses!
Alfredo Rivera wrote: - Clamav seems to be working, if I download an infected file to any directory on my server and scan with clamscan, it is detected Then it's not a Clam problem since MS uses Clam in the simplest possible way. - Mailscanner spamassassin seem to be working since the number of spam messages now is very small. When I type top I can see from time to time MailScanner running. You should have several (at least two depending on configuration) MailScanner processes running at all times. Check with ps -ef | grep MailScanner. Two questions, what would be the name of the clamav service that I should see when typing top? How do I start it? Clamscan is invoked just in time for scanning of attachments, if you're server is not busy chances are you will never see clamscan listed with top. MS doesn't use any virus scanner in daemon mode so you don't have to start anything. Check your mail log to see what's going on when you send those test messages. Thank you very much for any help that you guys can give me. I'm going crazy trying to properly configure this!! It's easier if you post on the MS list. ;-) -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.29.7, SpamAssassin 2.63 + DCC 1.2.45, ClamAV 0.70 + GMP 4.1.2, Vispan 1.4 --- This SF.Net email is sponsored by the new InstallShield X. From Windows to Linux, servers to mobile, InstallShield X is the one installation-authoring solution that does it all. Learn more and evaluate today! http://www.installshield.com/Dev2Dev/0504 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Any idea??? Clamav MailScanner are notrejecting viruses!
Nigel Horne wrote: On Friday 11 Jun 2004 23:28, Marcelo Mujica wrote: Hi: How to verify clam is ok in sendmail. I installed from rpm ( binary packages and ports) and I got same result ??. Is necessary to add additionals lines to sendmail.cf?? Download the source from www.clamav.net and follow the instructions in .../clamav-milter/INSTALL But if he's using MailScanner he should join that list if clamscan works from the command line. www.mailscanner.info -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.29.7, SpamAssassin 2.63 + DCC 1.2.45, ClamAV 0.70 + GMP 4.1.2, Vispan 1.4 --- This SF.Net email is sponsored by the new InstallShield X. From Windows to Linux, servers to mobile, InstallShield X is the one installation-authoring solution that does it all. Learn more and evaluate today! http://www.installshield.com/Dev2Dev/0504 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Clamav 0.72 on Solaris 9: Bus Error on zip files?
Alex S Moore wrote: On Fri, 11 Jun 2004 16:22:34 +0200 [EMAIL PROTECTED] (Christer Mort Boräng) wrote: I've installed clamav 0.72 on our new shiny SunFire 880 running Solaris 9, but for some reason it gives a Bus Error when trying to read zip files. clamav is compiled using /opt/SUNWspro/bin/cc as a compiler, libz is the standard that Sun provides (1.1.4). I do not know why you have this error. What I do know is that my shiny new V210 (much smaller budget:) with Solaris 9 4/04 and the recommended patches from last month works fine. At least, it seems to. I sent myself the test virus with the eicar virus for both password protected zip file and within a zip. Clamav found both virus. If you have a specific virus email that you can send me, I would be glad to let it run through and see what happens. I also built clamav with Sun's compiler, Studio 8 to be exact. However, I am using the libz and libbz2 libraries from blastwave.org. I doubt that will matter, since I have used Sun's libraries in the past. I build the clamav pkg for that group, so you are welcome to give that a try. I have also compiled it with Solaris 9. I used gcc though. -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.29.7, SpamAssassin 2.63 + DCC 1.2.45, ClamAV 0.70 + GMP 4.1.2, Vispan 1.4 --- This SF.Net email is sponsored by The 2004 JavaOne(SM) Conference Learn from the experts at JavaOne(SM), Sun's Worldwide Java Developer Conference, June 28 - July 1 at the Moscone Center in San Francisco, CA REGISTER AND SAVE! http://java.sun.com/javaone/sf Priority Code NWMGYKND ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Do I need anything else to reject viruses?
Alfredo Rivera wrote: I have a question, I've installed Clamav 0.72 and Mailscanner on my linux server but it is still accepting viruses. Do I need anything else to reject them? Please join the MailScanner list if you think you're problem is there (if Clam can scan eicar.com locally it is). One more question (not related to clamav but I'd appreciate any hand on this), I try to stop the e-mail service by typing service sendmail stop but I get the message sendmail service unrecognized. What other name would use my sendmail service? If you used the RPM installation you control everything with service MailScanner -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.29.7, SpamAssassin 2.63 + DCC 1.2.45, ClamAV 0.70 + GMP 4.1.2, Vispan 1.4 --- This SF.Net email is sponsored by: GNOME Foundation Hackers Unite! GUADEC: The world's #1 Open Source Desktop Event. GNOME Users and Developers European Conference, 28-30th June in Norway http://2004/guadec.org ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Problems with clamav-0.71 and Digital Sigs
Darren Honeyball [ML] wrote: On Solaris 9... I've downloaded, compiled and installed gmp-4.1.3 but doing a ./configure on clamav-0.71 gives: checking for __gmpz_init in -lgmp... no checking for mpz_init in -lgmp... no WARNING: GNU MP 2 or newer NOT FOUND - digital signature support will be disabled ! Thoughts/Comments? Did you compile GMP as 32 bit? Otherwise it will not match Clam (if you can't compile that in 64 bit mode). Set ABI=32 when you configure GMP. -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.29.7, SpamAssassin 2.63 + DCC 1.2.45, ClamAV 0.70 + GMP 4.1.2, Vispan 1.4 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Question regarding virus detection
Jim Maul wrote: There is something that is causing clamav to not be able to detect this virus after the message has been bounced and now forwarded. Damaged bounces are not dangerous. Why bother making signatures for them when you don't make money showing how many viruses you detect? -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.29.7, SpamAssassin 2.63 + DCC 1.2.45, ClamAV 0.70 + GMP 4.1.2, Vispan 1.4 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149alloc_id=8166op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Clamav and microsoft exchange.
Bora wrote: Peter, I know that mailscanner has documentation for everything except with qmail, do know where I can find it? I think these are the guys who added support for qmail to MailScanner, they package the whole thing also: http://opencomputing.sourceforge.net/ -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.29.7, SpamAssassin 2.63 + DCC 1.2.39, ClamAV 0.70 + GMP 4.1.2, Vispan 1.3 --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] clamav...
bruce wrote: we're new to clamav and trying to get a better understanding. we've looked through the clamav docs and from our understanding, the app appears to be a mail server oriented spam/virus app. is this pretty much the case..?? Clam's primary target is mail servers, yes. we're looking for an open source app that can be used to do virus/trojan/etc protection for the linux/windows desktop... kind of like mcafee/symantec/norton/etc... The only open source and up to date virus scanner is Clam. Several of the commercial alternatives have free versions for personal use but I guess that will not work for you. Look here for work going on to broaden the reach of Clam: http://www.clamav.net/3rdparty.html#pagestart -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.29.7, SpamAssassin 2.63 + DCC 1.2.39, ClamAV 0.70 + GMP 4.1.2, Vispan 1.3 --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] w32.netsky.x
Daniel Corbe wrote: Today, my users are getting hammered with W32.Netsky.X and I don't see that clamav's virus definitions have this one even after I do a freshclam. Netsky is called Somefool in Clam. http://article.gmane.org/gmane.comp.security.virus.clamav.virusdb/302 It's easy to find from here (link on Clams web site): http://news.gmane.org/gmane.comp.security.virus.clamav.virusdb You can sign up on that mailing list also to be updated. -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.29.7, SpamAssassin 2.63 + DCC 1.2.39, ClamAV 0.70 + GMP 4.1.2, Vispan 1.3 --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] SMTP proxy
WipeOut wrote: I am guessing you are meaning something to sit in front of your SMTP server that will scan the mail for viruses and then if clean pass the mail onto the mail server.. I am looking for the same thing but so far I haven't found anything to do it.. It seems that everything wants to integrate with the mail server.. http://www.mailscanner.info Works great! -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.29.7, SpamAssassin 2.63 + DCC 1.2.39, ClamAV 0.70RC + GMP 4.1.2, Vispan 1.3 --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] virus names (any reference?)
Henry Harvey wrote: I'm looking at the ClamAV website and can't find info. Where do I check how ClamAV calls these viruses? The best place right now is the archive for the virus db update list. You can search there for the Clam name, often names of commercial products are mentioned there. http://news.gmane.org/gmane.comp.security.virus.clamav.virusdb There's also work being done on a web site with just the info you're requesting. -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.29.7, SpamAssassin 2.63 + DCC 1.2.39, ClamAV 0.70RC + GMP 4.1.2, MailStats 0.25 --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Virus Names
Diego d'Ambra wrote: And that is what we'll (try to) do in the future (if a common name has been established). But that would break statistics. I don't mind if the name is different as long as it can be cross-referenced. Someone was working on a web site with just that but I haven't heard of any news for some time. -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.67 + GMP 4.1.2, MailStats 0.25 --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Re: Application to generate CLAMAV report
Craig Daters wrote: Okay, I discovered that all of the logging is being done in /var/log/maillog as opposed to /var/log/messages, and once I pointed grep to the right file, then all has become well in the universe. I wouldn't have dared posting about that. ;-) -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.67 + GMP 4.1.2, MailStats 0.25 --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Time of signature in Virus DB Search
I just noticed the new Virus DB Search function on the web site. That's great, I will use that often but could you add the date and time (GMT) the signature was added. I often get asked by managers when Clam added a signature for comparison with other scanners and it would make it real easy to find. Thanks! -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.67 + GMP 4.1.2, MailStats 0.25 --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] New varient of password compressed virus
Michael Torrie wrote: In another escalation of the arms war, the latest variant of password-encrypted archive virus now distributes itself in an encrypted rar file, and the password is an attached bitmap to eliminate the possibility of using the password in the body of the message to open the archive in antivirus programs. WinZip can't open rar, can it? That means very few desktop users will be able to get to the virus. I will gladly block all rar files since I have never seen them used for anything else than cracked games and so on. At his rate, I give e-mail another year of usefulness. So much for the usefulness of attachments too. Thanks a lot spammers and virus writers. The good news is we'll have to replace SMTP with a better, more robust, and more secure system. I'm sure Microsoft is ready to provide us with something new. ;-) -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.67 + GMP 4.1.2 --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] segmentation fault on clamav-0.67 on Solaris
Piotr Kasztelowicz wrote: I attempt to compile clamav-0.67 on Solaris 2.7 on sparc wirh newest gmp, gcc-3.2 and zlib. The compilation was going without problems, but the software does not work. If I was attempting to try 'freshclam' or 'clamscan' the effect was 'segmentation fault' My question - what is wrong If you run ldd /usr/local/freshclam you will see that a couple of needed libs are missing, like libclam and libgmp. They are located in /usr/local/lib, you need to include /usr/local/lib in your LD_LIBRARY_PATH. -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.67 + GMP 4.1.2 --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356alloc_id=3438op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Couple of questions regarding ClamAV
Jason wrote: Couple of questions about ClamAV. Can someone give me a run down on stability of ClamAV? Is it pretty much just set it up and let it run? Reliability? Performance. A daemonized version of software was very important to me, that is why im looking at ClamAV. I recommend you take a look at MailScanner, it's a framework that handles unpacking MIME attachments and sends batches of attachments to Clam (or any combination of around 20 supported scanners) so Clam is only used in it's most basic and robust mode which is pure file scanning. It's great and very configurable. There are ports for FreeBSD as well. I recommend plugging in SpamAssassin also. http://www.mailscanner.info It's actually much easier than what you're doing now and it scales with your needs. -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.67 + GMP 4.1.2 --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356alloc_id=3438op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Virus listing
David Gregg wrote: Does anybody know how/where to obtain a listing of all viruses that ClamAV 'knows' about? sigtool -l -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.67 + GMP 4.1.2 --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356alloc_id=3438op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Virus List
Chris A wrote: Is there a way to display a list of virii that the current pattern files protect against? sigtool --list-sigs -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.67 + GMP 4.1.2 --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356alloc_id=3438op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Re: clamav-devel-20040217.tar.gz build error on Solaris
Amos wrote: I got the 64-bit CFLAGS settings from when compiled gmp, and they worked for 0.65. Try compiling GMP in 32-bit mode (mentioned in Clam docs) and you should be OK. -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.67 + GMP 4.1.2 --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356alloc_id=3438op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Postfix gateway to clamav
Guillaume JULLIEN wrote: Trying to install clamav on a Debian, what gateway should I use : Amavisd-new, IVS-Milter, Mailscanner, Sagator or clamdmail ? I have only used MailScanner but I have no need investigating others since it rocks! I haven't set it up on Debian but on other Linuxes and it works just fine. Here are the official packages for Debian: http://packages.debian.org/unstable/mail/mailscanner.html The web site for MailScanner is: http://www.mailscanner.info If you have specific MailScanner questions you can sign up on that list. -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.67 + GMP 4.1.2 --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356alloc_id=3438op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] GNU MP 3
FreshClam wrote: Do you know where I can find RH 7.3 package of GNU MP 3? Thanks! ftp://speakeasy.rpmfind.net/linux/redhat/7.3/en/os/i386/RedHat/RPMS/gmp-4.0.1-3.i386.rpm ftp://speakeasy.rpmfind.net/linux/redhat/7.2/en/os/i386/RedHat/RPMS/gmp-3.1.1-4.i386.rpm -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.67 + GMP 4.1.2 --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356alloc_id=3438op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Freshclam and Daemontools
Jason Frisvold wrote: Because I like the way I can control qmail and clamd via daemontools... And freshclam stopping is, to me, a major issue. If it stops and I'm unaware that it has stopped, then I run the risk of missing a vital virus definition update... Try reading my posts again and you might see what I mean. Are you aware that you can run freshclam as a daemon or not as a daemon? If you choose not to run it as a daemon and instead run it from crontab it can never stop because it's launched when it's supposed to do it's job, therefore you don't have to monitor it. I still can't see the benefit of running it as a daemon. -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.67 + GMP 4.1.2 --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356alloc_id=3438op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Freshclam and Daemontools
Odhiambo Washington wrote: * Jason Frisvold [EMAIL PROTECTED] [20040218 19:00]: wrote: Hi all! Is there a way to set up Daemontools to monitor and run freshclam? Similar to how clamd is set up with daemontools? I want to ensure that freshclam never dies for no apparent reason... Why do I feel that that would be outrageous? Are you saying that you want freshclam permanently connected to the db servers? How are you looking at it? Running it in daemon mode and monitoring that the daemon is still running doesn't mean you're connected to the db servers at all time. Where did you get that from? But it does seem strange that Jason is afraid of the daemon stopping and want to monitor that, why not just run it from crontab? What's the benefit of running the daemon? -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.67 + GMP 4.1.2 --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356alloc_id=3438op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Freshclam and Daemontools
Jason Frisvold wrote: Why use daemontools to keep qmail or clamd running? There's always that off chance that something might cause the daemon to die unexpectedly... An obscure bug perhaps... And if it happens, I want to ensure that the daemon is brought back up automatically. At least, I *thought* that's what daemontools was for... Am I mistaken? (I'm rather new to daemontools) No, in your original post you wrote about using daemontools for the freshclam daemon. I understand perfectly that you want to be sure qmail and clamd are running, but freshclam? It has been known to stop and why implement another system to keep it running when you can run it from crontab? Just don't run it at 0 minutes like everyone else. ;-) -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.67 + GMP 4.1.2 --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356alloc_id=3438op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] ClamAV versions
Doug Hardie wrote: I have been running with devel-20040209 for a week or so since 0.65 didn't meet my needs. The development version does. However, 0.66 has now been released. Is it based on 0.65 or the development branch? The development branch. It should be like 20040211. Remember though that it was forced out early due to security concerns so it had some new code disabled (OLE2 and Dazuko). -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.66 + GMP 4.1.2 --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356alloc_id=3438op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] 0.66
Fajar A. Nugraha wrote: Yes, quite right. I'm surprised you still remember that. :-) BTW, what cc do you use? Sun cc or gcc? Whatever it is, you had to install a c-compiler first, right? standard Solaris with no addition whatsoever can not build clamav. I find acceptable if I had to get something first to build clamav (in this case : gcc, zlib, gmp, and gnu shutils). I use gcc and I'm fine with adding *documented* requirements (like GMP for example which adds a feature if present). This, however, is not documented and it doesn't really need an add-on to work. I find it NOT acceptable if I have to hack the source code personally before compiling. That's how it is now. That's why I'm not complaining about id -u. You don't have to, a couple of us did though and... That's what I think anyway. Although a fix in source-code (or Makefile) to be solaris-id compatible wouldn't hurt either :) ...the developers listened and are going to change it to a truly portable solution using sed. Thank you devs and thank you too, Fajar, for providing Solaris packages. -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.66 + GMP 4.1.2 --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356alloc_id=3438op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES
Mário Luis Ghoneim wrote: What does it means? It means it can't check the digital signatures. It downloads the updates anyway but you can't be sure they have not been compromised. How can I to solve it? Download GMP here: http://www.swox.com/gmp -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.66 + GMP 4.1.2 --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id56alloc_id438op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] 0.66
Fajar A. Nugraha wrote: Scratch that. It is fixed on devel-20040213. It compiles OK on Solaris, AIX, and OSF now. Thanks :) I have to disagree. The id -u problem with Solaris is still in that snapshot, I just tried it. I think you mentioned earlier that you use GNU id and you probably have that in your path so it works but for the rest of us it doesn't. I would like /usr/xpg4/bin/id to be used when it's compiled on Solaris. It's standard and it supports -u. It's the Makefiles in the database directory that contains the problematic id commands. If I edit them to /usr/xpg4/bin/id I can run make install with no errors. -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.66 + GMP 4.1.2 --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356alloc_id=3438op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Re: Clamav-users digest, Vol 1 #385 - 17 msgs
[EMAIL PROTECTED] wrote: my clamd is in /usr/local/sbin/, but I will try to install first then change the path. Thanks. Did you just send us a 700+ line mail to add those lines? Have you heard of trimming the original? -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.66 + GMP 4.1.2 --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356alloc_id=3438op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Error during make install of 0.66
I upgraded to 0.66 yesterday and during make install I noticed a problem regarding the id command, it complained about not supporting the -u option. I have had no problems though, so I'm not really sure what it was used for. Clamscan and freshclam, which is what I use, works just fine. But could you on Solaris use /usr/xpg4/bin/id instead? That one supports -u. -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.63 + DCC 1.2.30, ClamAV 0.66 + GMP 4.1.2 --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356alloc_id=3438op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] 0.66?
I have been happy with my 0.65 so far but it seems on this list that the new dailys catch more viruses than the latest stable so I'm interested in upgrading but can I trust the dailys? How stable are they, can they be broken like the CVS? Is there a date for the release of 0.66 yet? How about a simple roadmap on the web site for future versions of Clam, main features you want in every release and an estimated release time? -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.61 + DCC 1.2.21, ClamAV 0.65 + GMP --- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Mailscanner, sendmail 8.12, split input queues
Kevin Spicer wrote: Peter, I'm going to have to slightly disagree with you on that, certainly as far as my MailScanner Mandrake boxes are concerned. The bahaviour I see is that mail sent by programs that call sendmail directly (as opposed to having their own SMTP engine) is queued in the clientmqueue (on Mandrake, maybe thats mqueue-client on other systems) before being picked up by the incoming sendmail, which in turns queues it in mqueue.in (where it is picked up by MailScanner). As far as I can see the incoming (i.e. listening) sendmail keeps an eye on the clientmqueue and grabs anything it finds there. You're correct, I tried to over-simplify it to the point where it got wrong. -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.61 + DCC 1.2.21, ClamAV 0.65 + GMP --- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Mailscanner, sendmail 8.12, split input queues
Bill James wrote: Mailscanner directly edits the mail queues is why it needs this I personally use Postfix and it is NOT recommended to use Mailscanner is it is known to truncate mails, or loose them all together in Postfix as it also directly manages Postfix mail queues. Even the setup for Mailscanner with Postfix requires a second Postfix instance and queue structure (Same as Sendmail) Personally, anything that makes changes directly to mail queues should do it via smtp (Just my feelings) I have heard that it works in Sendmail and it doesn't work in Sendmail (depends on who you want to listen to) Bill This is the wrong list to continue this discussion. I'll just say that you're misinforming people by your comments. Anyone who wants to know more about how MailScanner works with different MTA:s can visit http://www.mailscanner.info or even mail me off-list. Better that than posting on this list. -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.61 + DCC 1.2.21, ClamAV 0.65 + GMP --- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Multiple stability problems on Solaris 9
Jon R. Kibler wrote: 1) freshclam, run as a daemon, crashes without sending a notify. freshclam appears to die anytime it finds a problem with a database update instead of just reporting the error and keep on running to try again later. Run freshclam from crontab, works like a charm. No daemon that can die. 2) something is causing clamd to die. this just started Monday. the only indication of a problem is that mimedefang starts reporting all sorts of strange errors. in mimedefang, we are using clamdscan instead of clamd directly, as it appears to catch some problems that are missed when running clamd directly under the control of mimedefang (which I view as a mimedefang problem, not a clamav problem). Use MailScanner, it scans files in batches with clamscan so no performance loss. No daemon that can die. http://www.mailscanner.info -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.61 + DCC 1.2.21, ClamAV 0.65 + GMP --- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Mailscanner, sendmail 8.12, split input queues
Leif Neland wrote: How does this fit in with sendmail 8.12 already having two queues, mqueue and mqueue-client? You really should have posted this on the MailScanner list since nothing of this is Clam related. However the mqueue-client does not have a physical queue, instead it's a way of picking up local mail transmitting them through your MTA. It does not affect MailScanner at all, everyone using Sendmail has 8.12 (except for some heavily patched 8.11 that comes with older Linux systems). And how do I do this with Debian's /etc/mail/sendmail.conf? There are Debian ports that I think do the job for you. Check it out on the web site under downloads. http://www.mailscanner.info -- /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.61 + DCC 1.2.21, ClamAV 0.65 + GMP --- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] MD5 error ?
Isn't it time to stop supporting the old db format? Version 0.65 has been out for two months now and lot's of people seem to have problems when they keep both the db and the cvd files. Is there a reason not to install 0.65 or a newer snapshot? /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.61 + DCC 1.2.21, ClamAV 0.65 + GMP Tomasz Kojm wrote: Unfortunately there must have been some error in our db distribution system, probably connected with a huge load of the main site after update (clamav.sf.net), generated by OLD CLAMAV VERSIONS (= 0.60, and there are still thousands of them). --- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] problem in updating virus db
He's running Solaris... /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.61 + DCC 1.2.21, ClamAV 0.65 + GMP Daniel J McDonald wrote: You also need libgmp-devel, or whatever the development library package is called on your distribution (on Mandrake it is libgmp3-devel) . After that is installed you have to recompile the freshclam binary. --- This SF.net email is sponsored by: Perforce Software. Perforce is the Fast Software Configuration Management System offering advanced branching capabilities and atomic changes on 50+ platforms. Free Eval! http://www.perforce.com/perforce/loadprog.html ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Retract -- clamav, gmp, Solaris, gcc
Works fine here. Just remember to set ABI to 32 before configure ; make ; make install. Then it should not give you any problems when configuring Clam. /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.61 + DCC 1.2.21, ClamAV 0.65 + GMP Christopher X. Candreva wrote: Has anyone gotten clamav / gmp to work on Solaris / Sparc ? --- This SF.net email is sponsored by: Perforce Software. Perforce is the Fast Software Configuration Management System offering advanced branching capabilities and atomic changes on 50+ platforms. Free Eval! http://www.perforce.com/perforce/loadprog.html ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Retract -- clamav, gmp, Solaris, gcc
It's mentioned in bold in the docs but who reads them... ;-) /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.61 + DCC 1.2.21, ClamAV 0.65 + GMP Christopher X. Candreva wrote: In fairness though, gmp is NOT mentioned in the 0.65 README file, and FAQ is rather sparse. README says a change to the mirrors system is noted in the full pdf docs, but doesn't mention a change to the build process. Unless I've missed something, in which case I apologize, new required libraries would be a good thing to add under changes in the README for future releases. --- This SF.net email is sponsored by: Perforce Software. Perforce is the Fast Software Configuration Management System offering advanced branching capabilities and atomic changes on 50+ platforms. Free Eval! http://www.perforce.com/perforce/loadprog.html ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] problem in updating virus db
I'm just wondering if you have GMP on your machine? It's needed to verify the signatures of the new database files introduced with 0.65. /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.61 + DCC 1.2.21, ClamAV 0.65 + GMP Abyot Asalefew wrote: ClamAV update process started at Mon Jan 12 05:06:38 2004 ERROR: Malformed CVD header detected. ERROR: Can't read main.cvd header from database.clamav.net (212.162.12.159) ClamAV update process started at Mon Jan 12 05:08:56 2004 --- This SF.net email is sponsored by: Perforce Software. Perforce is the Fast Software Configuration Management System offering advanced branching capabilities and atomic changes on 50+ platforms. Free Eval! http://www.perforce.com/perforce/loadprog.html ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] type of viruses being added to database
Are you subscribed to clamav-virusdb? If not, try that first. /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.61 + DCC 1.2.21, ClamAV 0.65 + GMP jef moskot wrote: Well, yes, obviously, but could you maybe take a recent representative update and give us an idea of what the added viruses are like? Just so that we get an approximate feeling of what's going on. For example, you mentioned that the newest threats are added the most quickly, but I don't know if the last time you added an ancient virus was today or six months ago. I'm not asking for precise figures, just something a little more concrete than we add old and new viruses. --- This SF.net email is sponsored by: Perforce Software. Perforce is the Fast Software Configuration Management System offering advanced branching capabilities and atomic changes on 50+ platforms. Free Eval! http://www.perforce.com/perforce/loadprog.html ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] pretty basic question - clamscan vs clamdscan
Hasn't there been problems with the stability of clamd for a long time? Are those problems solved now? I use MailScanner and it sends batches of files to scan so the speed difference is negligible and I don't have to worry about if clamd has stopped. Anyway, I find that it takes more time for SpamAssassin to check a message than it takes to virus scan it. /Peter Bonivart --Unix lovers do it in the Sun Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14, SpamAssassin 2.61 + DCC 1.2.21, ClamAV 0.65 + GMP [EMAIL PROTECTED] wrote: thanks for your reply - and to the others who posted in this thread as well. i have a much better understanding now of all this. and it sure is great to no longer be faced with throwing even more iron at the problem! --- This SF.net email is sponsored by: Perforce Software. Perforce is the Fast Software Configuration Management System offering advanced branching capabilities and atomic changes on 50+ platforms. Free Eval! http://www.perforce.com/perforce/loadprog.html ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Re: Forward del messaggio di Nikolaj Wicker riguardo a clamav-milter
Haven't followed the thread but I assume he's talking about some Linux RPM package, many on these lists take for granted you run Linux. Milter should be in the distribution tarball from sendmail.org. Sun doesn't compile in TLS support either, not even in the more security oriented Solaris 9, so I'm not surprised they don't enable milter either. Try compiling it from source. http://sendmail.org/compiling.html http://www.milter.org/ /Peter Bonivart --Unix lovers do it in the Sun Nigel Horne wrote: Where did you get the sendmail-devel package from which includes milter support? (Solaris 2.8 out of the box doesn't support it). - -Nigel - -- Nigel Horne. Arranger, Composer, Typesetter. NJH Music, Barnsley, UK. ICQ#20252325 [EMAIL PROTECTED] http://www.bandsman.co.uk --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [clamav-users] clamd / clamav-milter crashes
I let MailScanner handle the mail. It uses ClamAV as a simple file scanner and doesn't seem to cause any problems there. You can also use SpamAssassin as an addition to the attachment filtering built into MailScanner. Nothing has to be changed in your Sendmail configuration. Pretty complete I would say. http://www.sng.ecs.soton.ac.uk/mailscanner/ /Peter Bonivart --Unix lovers do it in the Sun Tomasz Kojm wrote: Hi, I' m testing clamav-0.60 on a Solaris 8 box with clamav-milter as a mail scanner for sendmail. When I start clamd and clamav-milter they work fine for a while. After some time clamd or clamav-milter crashes and coredumps. Hi Margit, this is a known problem - our mail scanning engine isn't perfect :(( If you have caught a problematic mail please send it to Nigel - njh at bandsman dot co dot uk. Thanks ! Best regards, Tomasz Kojm - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [clamav-users] virus.db2 checksum
Strange, I get another checksum than you do, but still different from the correct one. The files have the same timestamp on the ftp server so it's not that one file is old, more likely someone just made a mistake. It will probably be fixed tomorrow. Don't worry, ClamAV isn't your only defense, is it? :) [EMAIL PROTECTED] tmp]# more viruses2.md5 797f09be551cee8324f93c50d9372b71 /studinfo/tk/clamav/share/clamav/viruses.db2 [EMAIL PROTECTED] tmp]# md5sum viruses.db2 6cd7a88e4af1d67d328b5829a723e0f6 viruses.db2 viruses.db2 23-Jun-2003 10:4288k viruses2.md523-Jun-2003 10:42 1k /Peter Bonivart --Unix lovers do it in the Sun Ted Fines wrote: You can calculate MD5 checksums yourself, on Linux systems anyway. The command is just 'md5sum filename'. The checksum I get for viruses.db2 is: [EMAIL PROTECTED] root]# md5sum viruses.db2 55955463c72c1ef803ef05c8a3cc9aa2 viruses.db2 I don't know what good this does us, however. You could go into the source code and recompile freshclam to ignore the md5 checksum, but that is a REALLY bad idea. Either the viruses.db2 file needs to be updated on the web site, or the md5 checksum does. Unfortunately we can't do either. Ted - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [clamav-users] Antivirus
Have you checked that clamscan detects the eicar file? In the log it looks like it doesn't. # clamscan eicar.com eicar.com: Eicar-Test-Signature FOUND --- SCAN SUMMARY --- Known viruses: 8531 Scanned directories: 0 Scanned files: 1 Infected files: 1 Data scanned: 0.00 Mb I/O buffer size: 131072 bytes Time: 0.320 sec (0 m 0 s) /Peter Bonivart --Unix lovers do it in the Sun Claudio wrote: hi i'm a newbie. I have this problem: i send an e-mail with attached the file EICAR.COM but the clamav don't stop it. Why? I use postfix-2.0.9, amavis-0.3.12, clamav-0.54, pavcl 6. Jun 21 20:00:29 principal amavisd[1371]: Using clamav Jun 21 20:00:32 principal amavisd[1371]: /var/amavis/amavis-14392938/parts/msg-1371-1.txt: OK /var/amavis/amavis-14392938/parts/msg-1371-2.EXE: OK --- SCAN SUMMARY --- Known viruses: 7286 Scanned directories: 1 Scanned files: 2 Infected files: 0 Data scanned: 0.00 Mb I/O buffer size: 131072 bytes Time: 2.594 sec (0 m 2 s) Jun 21 20:00:32 principal amavisd[1371]: Using clamd Jun 21 20:00:32 principal amavisd[1371]: Virus scanner failure: Clamd - can't connect to daemon - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [clamav-users] am I understanding this right?
I was speaking of MailScanner which can be configured to do several things to spam and virus. You don't need another program to delete infected files, MailScanner can do that for you. But if you feel comfortable delivering disinfected attachments you do need another program than ClamAV. I need timely updates of signatures a lot more than disinfection which I would never trust anyway. ClamAV works for us and we have Sophos on the clients if something slips in. By the way, on the MailScanner mail list Sophos problems seems to outnumber all the other 14 supported virus scanners combined... /Peter Bonivart --Unix lovers do it in the Sun On Mon, 2003-06-09 at 17:56, Raymond Norton wrote: If we're talking MailScanner with ClamAV you can choose what to do but most deliver the message with the infected attachment replaced by a message. The attachments are stored on the mail server for closer inspection. Basically, everything that is not infected is deliverd I am trying to see how this is a benefit to run over sophos. It seems we still need to either delete, or disinfect the file, so I would need another program to do this. Presently, we are running sophos, but I am trying to find an open source solution, so I don't have to spend a chunk of change each year per server, or user. I need to cover 500 + mailboxes, so even a few bucks per user is a big deal.. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [clamav-users] pardon me if this has been covered
Maybe you have an old version of MailScanner but they fully support ClamAV now together with 14 other scanners. http://www.sng.ecs.soton.ac.uk/mailscanner/readme.shtml You just have to change this line in MailScanner.conf from sophos to clamav: Virus Scanners = clamav /Peter Bonivart --Unix lovers do it in the Sun On Thu, 2003-06-05 at 21:04, Raymond Norton wrote: First, is there a searchable version of the mailing list? Presently I use mailscanner with sendmail, and have configured it to use sophos. This works very nice, but not free. Can clamav be incorporated to work in mailscanner, or is there another way to scan all user mailboxes? Almost all users are accessing their mail from windows, using outlook express. Any docs on the exacts of getting this done would be great. Thanks in advance Raymond - Defeat is a matter of choice. --God - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]