On 2/28/2011 7:08 AM, Mark Martinec wrote:
Bill,
I have been noticing for quite some time that amavisd-new logs test
results messages to the maillog differently at time. For example:
Feb 27 14:22:06 mail amavis[27931]: (27931-08) Passed CLEAN
Feb 27 14:22:56 mail ch4-03611-04)[3611]:
On 1/30/2011 4:52 AM, Michael Scheidell wrote:
On 1/30/11 5:46 AM, Peter Charles wrote:
Hi, I was advised to ask the questions below here after posting on
freespamfilter org Amavisd-new forum:
they should have sent you to 'alt.conspiracies'
as for why you were blacklisted, it is up to the
Hello folks,
I am using a combination of amavisd-new 2.6.4 - spamassassin - p0f -
dcc - razor2 - SPF - DKIM on FBSD box, with quite good results since
many years now.
I would like to know if anyone has already found a solution to fight
these scams as I am a little bit clueless to fight
Eric W. Bates wrote:
I have a mysterious problem. After upgrading amavisd-new to 2.6.2 on
FreeBSD (port version 2.6.2_3,1), it simply dies after about 20 seconds
with no errors or core dumps.
I cranked the debug level up to 5 and sent it all to syslog.
As far as I can tell, there is no
Jeff Grossman wrote:
If I make changes to SpamAssassin's local.cf file, do I need to restart
Amavis or does Amavis load the local.cf file during each mail delivery?
You need to reload amavisd, as it only reads local.cf on startup.
Bill
Mark Martinec wrote:
The second release candidate amavisd-new-2.6.3-rc2 is available at:
Mark, would you consider including the following perl modules as
additional Prerequisites in the INSTALL document:
Convert::BinHex
DBI
Even though I'm not using SQL, adding these perl modules
Mark Martinec wrote:
Bill,
Mark, would you consider including the following perl modules as
additional Prerequisites in the INSTALL document:
Convert::BinHex
fetch_modules: error loading optional module MIME/Decoder/BinHex.pm:
Can't locate Convert/BinHex.pm in @INC
The
Mark Martinec wrote:
First off, sorry for the previous inadvertent off-list reply.
Mark, would you consider including the following perl modules as
additional Prerequisites in the INSTALL document:
Convert::BinHex
fetch_modules: error loading optional module MIME/Decoder/BinHex.pm:
(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
# qr'^Zip archive data', # don't trust Archive::Zip
));
and it looks like sane security test #2 and 3 did fail if I don't do
this in amavisd.conf:
(uncomment out the qr'^MAIL'.
so, 'can be slow'. how slow is it? and is bill landry wrong
Henrik K wrote:
On Wed, Apr 08, 2009 at 02:43:00PM -0700, Bill Landry wrote:
Michael Scheidell wrote:
and it looks like sane security test #2 and 3 did fail if I don't do
this in amavisd.conf:
(uncomment out the qr'^MAIL'.
so, 'can be slow'. how slow is it? and is bill landry wrong saying
Sahil Tandon wrote:
On Fri, 27 Mar 2009, Mark Martinec wrote:
when is 2.6.3 due out?
No promises on dates, but I'd really like to do it pretty soon now,
and I'm trying to wrap up things these days. A matter of a week
or two I hope.
Not that you need to be told this, but take your time
Mark Martinec wrote:
Not that I know of, but there is a bug in Mail::DKIM 0.32 or earlier,
only triggered in marginal cases - yours may be one of them.
From release notes:
(btw, if testkeys fails and you believe your DNS is correctly serving
your DKIM public keys, you may need to
Patrick Wong wrote:
Yes Bill, I can confirm that 0.33 is available from CPAN cause I just
did it this morning after reading Mark's notes.
Not for me. Just now tried again:
cpan[1] install Mail::DKIM
CPAN: Storable loaded ok (v2.18)
Going to read /root/.cpan/Metadata
Database was generated
Mark Martinec wrote:
No, it's just his style of numbering versions.
The 0.33_6 will become 0.34 when released,
just as 0.32_6 now became a 0.33.
The 0.33_6 is dropping support for pre-standard DKIM.
Yes, I see that now. I forced a cpan database update and was able to
install 0.33.
Thanks
Benny Pedersen wrote:
http://www.amavis.org/howto/ give me 403
could one tell me where it is if moved ?
If you're running amavisd-new, then you should be looking at:
http://www.ijs.si/software/amavisd/
instead of www.amavis.org.
Bill
Bill Landry wrote:
Benny Pedersen wrote:
http://www.amavis.org/howto/ give me 403
could one tell me where it is if moved ?
If you're running amavisd-new, then you should be looking at:
http://www.ijs.si/software/amavisd/
instead of www.amavis.org.
BTW, just out of curiosity, why
Benedict White wrote:
-Original Message-
From: Alexander Wirt [mailto:formo...@debian.org]
Sent: 24 February 2009 16:58
To: Benedict White
Cc: amavis-user@lists.sourceforge.net
Subject: Re: [AMaViS-user] URI/URl severs
Benedict White schrieb am Tuesday, den 24. February 2009:
deconya wrote:
Hi
User of mailing postfix list pass me this list if would be possible to help
me with my problem. Im upgrading and old version of amavisd-new (2.1.2
version) to the new 2.6.1. Im looking the README manual and installing all
perl modules but when I start amavisd in debug mode
Benedict White wrote:
One rule set I maintain for several servers is a list of spammy URLS.
I know there are URL blocklists that can be intergrated into spamassassin.
What I wanted to do was run my own, so I could quickly report bad URL's to it
and know that all the servers would score it
Mark Martinec wrote:
Here is a patch for this bug (against 2.6.2):
--- amavisd.orig 2008-12-15 01:50:09.0 +0100
+++ amavisd 2009-02-15 01:57:40.0 +0100
@@ -19993,4 +19993,5 @@
1;
} or do { $eval_stat = $@ ne '' ? $@ : errno=$! };
+
Michael Scheidell wrote:
Bill Landry wrote:
su amavis
bash-3.2$ clamscan --stdout --no-summary -r /home/amavis/*
/home/amavis/DESPACHO-4542008.exe: Trojan.Downloader-46121 FOUND
/home/amavis/postfix-2.5.5.tar.gz: OK
/home/amavis/test.com: Eicar-Test-Signature FOUND
/home/amavis/test.eml
Michael Scheidell wrote:
Hi List,
I am running:
amavisd -V
amavisd-new-2.6.2 (20081215)
ClamD recently crashed and I found entries in the mailq like the following:
Two things to check (and all mostly permissions)
As the user running amavisd, use 'clamscan' your $AMAVIS home/tmp
Clayton Keller wrote:
Bill Landry wrote:
Hi List,
I am running:
amavisd -V
amavisd-new-2.6.2 (20081215)
ClamD recently crashed and I found entries in the mailq like the
following:
-Queue ID- --Size-- Arrival Time -Sender/Recipient---
78F8763CE0111253 Fri Feb 13 10:33
Mark Martinec wrote:
Bill,
451 4.5.0 Error in processing,
id=29363-02, virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED:
ClamAV-clamscan av-scanner FAILED: Not a CODE reference at (eval 87)
line 403, GEN54 line 65.;
@av_scanners_backup = (
### http://www.clamav.net/ - backs
Per olof Ljungmark wrote:
Hi,
I am fiddling with Mail::SpamAssassin::Plugin::RelayCountry in our
Spamassassin config, and it seems to load ok from init.pre:
spamassain -D --lint:
[85215] dbg: plugin: loading Mail::SpamAssassin::Plugin::RelayCountry
from @INC
However, it does not show up
Max Matslofva wrote:
Hi
I have the same problem on a new server running amavisd-new-2.6.0 (from
ports) on FreeBSD 6.3 and /var/amavis/tmp on 512m ramdisk.
Bill Landry skrev:
Mark Martinec wrote:
What happens if you provide a username with an -u uption, e.g.:
# amavisd -u vscan reload
Mark Martinec wrote:
Max and Bill,
Upon further investigation, I found that this still happens here, as well:
However, for me, the odd things is this only happens when amavisd
reload or amavisd stop/start is executed from within my home directory.
If executed anywhere outside of my home
Mark Martinec wrote:
Upon further investigation, I found that this still happens here, as
well: However, for me, the odd things is this only happens when amavisd
reload or amavisd stop/start is executed from within my home directory.
If executed anywhere outside of my home directory, no errors
Mark Martinec wrote:
Bill,
I recently upgraded to amavisd-new-2.6.0 and all appears to be running
fine. However, when executing a reload, I am seeing the following
errors reported:
# amavisd reload
Daemon [24965] terminated by SIGTERM, waiting for dust to settle...
becoming a new
I recently upgraded to amavisd-new-2.6.0 and all appears to be running
fine. However, when executing a reload, I am seeing the following
errors reported:
# amavisd reload
Daemon [24965] terminated by SIGTERM, waiting for dust to settle...
becoming a new daemon...
fetch_modules: error loading
Voytek Eymont wrote:
whilst in the past clamd has proven extremely reliable, in the last few
weeks I had clamd die maube on 3 ocassions for some reason (perhaps
related to the additional third party signature downloads getting
corrupted?);
so I was thinking of some sort of deamon monitor,
Voytek Eymont wrote the following on 11/8/2007 6:43 PM -0800:
On Fri, November 9, 2007 12:05 am, Bill Landry wrote:
Are you testing third-party signature files before moving them into
production? There are several scripts available for downloading, testing,
and utilizing third-party
Mark Martinec wrote:
Bill,
Mark, are there any changes beyond what I am currently running that you
would like me to test? If so, let me know and I would be happy to test.
Otherwise, everything appears to be running great here with the latest
patch and subroutine change you made and I
Mark Martinec wrote:
Bill, (any anybody else using SpamAssassin 3.2.3),
This should provide backwards compatibility for third-party plugins
which were not adapted by my patch in 5589.
I applied the subroutine above to AsyncLoop.pm after applying a clean
patch and all looks great now.
I
Adam65535 wrote:
On 10/9/07, Pelletier, Robert [EMAIL PROTECTED] wrote:
I'm using ClamAV. It's a perfect match with Amavis, it's fast and get's
high in the reviews.
In my experiences clamav/clamd is much slower than other mail scanners (even
when up against command line scanners like
Adam65535 wrote:
On 10/10/07, *Bill Landry* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
wrote:
Adam65535 wrote:
On 10/9/07, Pelletier, Robert [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote:
I'm using ClamAV. It's a perfect match with Amavis, it's fast and
get's
Clifton Royston wrote the following on 10/10/2007 5:20 PM -0800:
On Wed, Oct 10, 2007 at 05:07:52PM -0400, Adam65535 wrote:
On 10/10/07, Rob MacGregor [EMAIL PROTECTED] wrote:
I've never yet seen clamd take anything close to that on emails. I
have to add SpamAssassin to the process
Mark Martinec wrote the following on 10/7/2007 7:02 PM -0800:
Bill,
Mark, I had also applied the jumbo patch, as well. However, I noticed
that there were additional changes to AsyncLoop.pm in the jumbo patch
found at http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5589, so
I
Mark Martinec wrote the following on 10/7/2007 5:53 AM -0800
[9016] dbg: asn: asn.routeviews.org.: lookup result packet:
'14.198.114.38.asn.routeviews.org. 356 IN TXT 40156 38.114.198.0 24'
Use of uninitialized value in hash element
at
Bill Landry wrote the following on 10/7/2007 9:31 AM -0800:
Mark Martinec wrote the following on 10/7/2007 5:53 AM -0800
[9016] dbg: asn: asn.routeviews.org.: lookup result packet:
'14.198.114.38.asn.routeviews.org. 356 IN TXT 40156 38.114.198.0 24'
Use of uninitialized value in hash
I am running:
amavisd -V
amavisd-new-2.5.2 (20070627)
---
spamassassin -V
SpamAssassin version 3.2.3
running on Perl version 5.8.8
I've been trying to figure out why some messages are failing DNS based
tests are failing during normal e-mail delivery processing. With
amavisd running is
:
set_response_packet: PANIC - mismatched id 50907/ovulex.com/SOA/IN, at
/usr/lib/perl5/site_perl/5.8.8/Mail/SpamAssassin/AsyncLoop.pm line 364.
Bill
Bill Landry wrote the following on 10/6/2007 9:33 AM -0800:
I am running:
amavisd -V
amavisd-new-2.5.2 (20070627)
---
spamassassin -V
SpamAssassin version
Adam Gibson wrote:
Gary V wrote:
(have not tried it though). Make sure your update script is a recent
one that tests the downloads before employing them and consider
This is one of the most important steps IMHO. I would make sure the
script tests the dat files before copying them into
Adam Gibson wrote:
Bill Landry wrote:
Adam Gibson wrote:
Gary V wrote:
(have not tried it though). Make sure your update script is a recent
one that tests the downloads before employing them and consider
This is one of the most important steps IMHO. I would make sure the
script tests
John Beaver wrote:
I'm still getting a few ZIPs, PDF, etc. getting though. I just noticed
this scoring in one of the headers. Note the score for the
sanesecurity=0.1:
Res, score=5.819 tagged_above=2 required=4
tests=[AV:Email.Stk.Gen592.Sanesecurity.07071801.pdf=0.1, BAYES_99=3.5,
tests=[AV:Email.Stk.Gen592.Sanesecurity.07071801.pdf=0.1, BAYES_99=3.5,
DKIM_POLICY_SIGNSOME=0, TVD_SPACE_RATIO=2.219]
I am using amavisd-new with clamav 91.1. Where can I adjust this
scoring?
Bill Landry writes:
That depends on whether you are using a spamassassin .cf file
Andres wrote:
I have made no changes at all, and today amavis stopped to work, so my
mail server (Postfix) is not delivering email, this is the log file:
ul 23 10:50:03 pc009 amavis[11600]: (11600-01) ClamAV-clamscan
av-scanner FAILED: /usr/bin/clamscan unexpected exit 50,
output=LibClamAV
Michael Scheidell wrote the following on 7/7/2007 7:48 AM -0800:
Seems if you use dkim to sign outgoing email through amavisd-new policy
bank and forward-method, the 'disclaimer' added to message does not pass
the body test. since it seems to sign the message before the disclaimer
is added.
Gregorics Tamás wrote the following on 6/18/2007 7:01 AM -0800:
Hi!
I'm having a slight problem with my amavisd-new installation. I'm using
the nod32 av scanner with amavis, and sometimes mails generate such
error logs:
Jun 18 11:26:32 zeusz amavis[9766]: (09766-07) (!!) run_av (ESET
McDouglas wrote the following on 6/18/2007 7:38 AM -0800:
Bill Landry wrote:
If you set amavisd to send the raw e-mail to nod32, do you still see
the error?
Bill
How do I set that? And what else will change with that setting?
(concerned about the spamassassin/banned files
Michael Scheidell wrote the following on 6/15/2007 12:27 PM -0800:
Well, an attachment, a 0 day virus.
How do we block an exe insite a .doc?
Maybe hackers/spammers have found a way around Anti-Virus software, or
at least, attachment blocking.
Spam came in, with a 'proforma invoice'
Michael Scheidell wrote the following on 6/15/2007 12:54 PM -0800:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
Of Bill Landry
Sent: Friday, June 15, 2007 3:51 PM
To: amavis-user@lists.sourceforge.net
Subject: Re: [AMaViS-user] Someone missed
[EMAIL PROTECTED] wrote the following on 6/5/2007
8:33 AM -0800:
Hallo Mark,
Op dinsdag 05 juni 2007 schreef Mark Martinec aan
amavis-user@lists.sourceforge.net:
Actually, I did it both ways: amavis added to group clamav and
clamav added to group amavis. [...] This certainly solved
Paweł Leśniak wrote the following on 5/28/2007 1:32 AM -0800:
Hello,
I'm using Amavisd-new with SpamAssassin between two sendmail deamons -
incoming and outgoing.
I've set up quarantine level, so some spammy emails go to single
mailbox called spams. Now once for a while (daily mostly) I'm
Mark Martinec wrote the following on 5/22/2007 10:04 AM -0800:
Bill,
Okay, then is there any reason to have amavisd-new break e-mail messages
up for individual parts scanning?
Several virus scanners are not able to decode a MIME structure,
or do a poor job at it, or can not decode
Mark Martinec wrote the following on 5/21/2007 5:06 PM -0800:
Bill,
I've noticed that when multiple message parts match different clamav
signatures, *all* the signature names must be listed in
@virus_name_to_spam_score_maps for it to be considered spam.
Yes, as documented in
Noel Jones wrote the following on 5/21/2007 9:32 PM -0800:
At 09:55 PM 5/21/2007, Bill Landry wrote:
Mark, can you tell me why the Email.Malware are still not detected
without enabling /^MAIL$/? I would like to keep virus scan processing
to a minimum, but if I disable /^MAIL
Charlie Farinella wrote the following on 5/16/2007 11:33 AM -0800:
Is anyone using amavisd with postfix and dkfilter? I need to attach
domain keys to my outgoing mail and am getting confused. dkfilter wants
to be a content_filter and if I'm seeing this correctly, it seems that
postfix
I have been exchanging e-mails with Steve Basford of SaneSecuirty
regarding malware e-mails that are not detected and quarantined by
amavisd-new, yet are detected fine when scanned directly by clamdscan.
Here is my amavisd.conf entries for SaneSecurity and MSRBL signature
detection:
Mark Martinec wrote the following on 5/18/2007 11:52 AM -0800:
Bill,
[ qr'^(Email|HTML)\.(Phishing|Spam|Scam[a-z0-9]?)\.'i = 0.1 ],
[ qr'^(Email|Html)\.Malware\.Sanesecurity\.'= undef],
[ qr'^(Email|Html)(\.[^., ]*)*\.Sanesecurity\.' = 0.1 ],
[ qr'^(MSRBL-Images/|MSRBL-SPAM\.)'
Mark Martinec wrote the following on 5/18/2007 12:46 PM -0800:
Bill,
[ qr'^(Email|HTML)\.(Phishing|Spam|Scam[a-z0-9]?)\.'i = 0.1 ],
[ qr'^(Email|Html)\.Malware\.Sanesecurity\.'= undef],
[ qr'^(Email|Html)(\.[^., ]*)*\.Sanesecurity\.' = 0.1 ],
[ qr'^(MSRBL-Images/|MSRBL-SPAM\.)'
Bill Landry wrote the following on 5/18/2007 12:54 PM -0800:
Mark Martinec wrote the following on 5/18/2007 12:46 PM -0800:
Bill,
[ qr'^(Email|HTML)\.(Phishing|Spam|Scam[a-z0-9]?)\.'i = 0.1 ],
[ qr'^(Email|Html)\.Malware\.Sanesecurity\.'= undef],
[ qr'^(Email|Html
Noel Jones wrote the following on 5/18/2007 3:14 PM -0800:
At 04:49 PM 5/18/2007, Bill Landry wrote:
Well, this was not a good solution:
@keep_decoded_original_maps = (new_RE(
qr'^MAIL$', # retain full original message for virus checking (can
be slow)
as this had the effect
Noel Jones wrote the following on 5/18/2007 3:37 PM -0800:
At 05:28 PM 5/18/2007, Bill Landry wrote:
Noel Jones wrote the following on 5/18/2007 3:14 PM -0800:
At 04:49 PM 5/18/2007, Bill Landry wrote:
Well, this was not a good solution:
@keep_decoded_original_maps
mouss wrote the following on 5/10/2007 1:26 PM -0800:
it is recommended to pass outbound mail through a virus checker. one way
to do this is to tell amavisd-new to listen on two ports (10024 and
10586 for instance) and use
... FILTER amavis:[127.0.0.1]:10586
for outbound mail
Gary V wrote the following on 5/10/2007 2:31 PM -0800:
Bill wrote:
Gary V wrote the following on 5/10/2007 2:21 PM -0800:
Bill wrote:
mouss wrote the following on 5/10/2007 1:26 PM -0800:
it is recommended to pass outbound mail through a virus checker.
Jeremy Laidman wrote the following on 5/10/2007 3:40 PM -0800:
Bill Landry wrote:
smtpd_recipient_restrictions =
...
check_client_access pcre:/etc/postfix/filter_outbound
permit_mynetworks
permit_sasl_authenticated
check_client_access pcre:/etc/postfix
Mark Martinec wrote the following on 5/10/2007 4:27 PM -0800:
On Friday May 11 2007 00:51:14 Bill Landry wrote:
So explain a situation where the first filter would *not* apply. As
written, it applies to everything and anything after
check_client_access pcre:/etc/postfix/filter_outbound
Mark Martinec wrote the following on 3/21/2007 6:51 AM -0800:
Bob,
ah, does SA get any indication that clamav thinks the email is a phish?
No, currectly not. An artificial header field could be inserted I guess,
but for the moment I don't think it is really needed, these phishing
Mark Martinec wrote the following on 3/21/2007 12:51 PM -0800:
Bill,
I like the artificial header idea. If you could at least make it an
optional flag that would be great. Would be nice to be able to add a
few SA points if ClamAV detects phish, image, scam, etc., messages,
otherwise it
I am running amavisd-new-2.4.5 (20070130). I'm wondering if there a way
to change how amavis logs to the syslog, in particular, a way to keep it
from truncating part of the log entry? For example:
Mar 14 09:34:24 mail amavis[1881]: (01881-05)
MrC wrote the following on 3/14/2007 4:20 PM -0800:
I am running amavisd-new-2.4.5 (20070130). I'm wondering if
there a way to change how amavis logs to the syslog, in
particular, a way to keep it from truncating part of the log
entry? For example:
Bill,
These entries are
Jason Gauthier wrote the following on 3/9/2007 9:39 AM -0800:
Greetings,
This is a very nubile question, and I realize that. However, I
cannot find exactly what I'm looking for in the documentation. (Or it's
answered in a way I am not understanding)
I would like to actually stop email
Nicklas Bondesson wrote the following on 2/6/2007 11:10 AM -0800:
When I look at my log file from amavisd some/all IP adresser are printed in
reverse.
Passed CLEAN, [44.33.22.11] should be printed Passed CLEAN,
[11.22.33.44]
This makes it a bit harder to trace and parse the logfile.
Are
Shaun T. Erickson wrote the following on 1/1/2007 9:39 AM -0800:
Has anyone come up with a clean way of starting and stopping p0f
p0f-analyzer? On my CentOS 4.4 system, there is an init.d script for
p0f, but that's to use it standalone, logging to a file. I haven't
been able to figure out how
Does anyone have any suggestions on how to start p0f/p0f-analyzer.pl
automatically at system boot time with Fedora? I have tried using an
init script with chkconfig and that presented strange results. I also
tried adding the following to /etc/rc.local:
/bin/sh /usr/bin/nohup /bin/p0f.sh
Peter Matulis wrote the following on 12/20/2006 5:00 PM -0800:
--- Bill Landry [EMAIL PROTECTED] wrote:
Does anyone have any suggestions on how to start p0f/p0f-analyzer.pl
automatically at system boot time with Fedora? I have tried using an
init script with chkconfig
Shaun T. Erickson wrote:
... but I see no evidence of it, in the headers.
I can run spamassassin in debug mode as the amavis user and it appears
to me that razor2 is configured properly and being checked. So far,
none of the mail that's come through since I set it up has been spam,
so razor
- Original Message -
From: Mark Martinec [EMAIL PROTECTED]
[SNIP]
Mark, is amavisd-new missing anything that I should be concerned about by
having mail injected via SMTP vs. ESMTP? I noticed that Postfix delivers
to Amavisd via ESMTP, but the smtpclient delivers via SMTP.
Since you
- Original Message -
From: Gary V [EMAIL PROTECTED]
Bill wrote:
I am wondering how people handle system messages and how best to keep
them
from being spam filtered and possibly designated as spam. Here are the
full
headers from one of my LogWatch messages that got designated as
- Original Message -
From: Gary V [EMAIL PROTECTED]
Bill wrote:
Is there a way to direct these system messages so that they bypass spam
filtering?
Bill
http://www200.pair.com/mecham/spam/bypassing.html#11
Thanks Gary, however, the issue I run into with this option is that I
- Original Message -
From: Gary V [EMAIL PROTECTED]
Bill wrote:
Is there a way to direct these system messages so that they bypass spam
filtering?
http://www200.pair.com/mecham/spam/bypassing.html#11
Thanks Gary, however, the issue I run into with this option is that I
run
I am wondering if there is a way to configure amavisd-new to allow SA to add
the following sample x-header to all messages:
X-Spam-Relay-Country: US CN RU
I have added the following entry to my SA local.cf file, but then realized
that amavisd-new does all header markup, not SA:
- Original Message -
From: Mark Martinec [EMAIL PROTECTED]
Ok, a little refinement to not include a space after a virus name,
and to match a '+' literally. Here are the latest avast entries:
### http://www.avast.com/
['avast! Antivirus daemon',
\ask_daemon, # greets with 220,
- Original Message -
From: Mark Martinec [EMAIL PROTECTED]
Bill,
Has anyone created an amavisd.conf entry for Avast AV scanning support?
If so, would you be willing to share the entry?
Responding to my own post, for anyone interested, the command line entry
for the Avast virus
- Original Message -
From: Mark Martinec [EMAIL PROTECTED]
Bill,
(08400-01-2) ask_av (Avast! Antivirus daemon):
/var/amavis/tmp/amavis-20060213T104403-08400/parts INFECTED:
Win32:Beagle-HZ
[Wrm
What modification can I make to:
qr/[\t]\[+\]/, qr/[\t]\[L\][\t]/,
- Original Message -
From: Bill Landry [EMAIL PROTECTED]
Has anyone created an amavisd.conf entry for Avast AV scanning support?
If so, would you be willing to share the entry?
Responding to my own post, for anyone interested, the command line entry for
the Avast virus scanner
Has anyone created an amavisd.conf entry for Avast AV scanning support? If
so, would you be willing to share the entry?
TIA,
Bill
---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop!
- Original Message -
From: Max Matslofva [EMAIL PROTECTED]
Hi
I just installed BitDefender bdc from FreeBSD ports.
BDC/FreeBSD 5.x-Console (v7.0-2545) (i386) (Dec 22 2004 19:56:57)
Copyright (C) 1996-2004 SOFTWIN SRL. All rights reserved.
amavisd-new is version 2.3.3
I got an error
- Original Message -
From: Max Matslofva [EMAIL PROTECTED]
Hi
I just installed BitDefender bdc from FreeBSD ports.
BDC/FreeBSD 5.x-Console (v7.0-2545) (i386) (Dec 22 2004 19:56:57)
Copyright (C) 1996-2004 SOFTWIN SRL. All rights reserved.
amavisd-new is version 2.3.3
I got an error
- Original Message -
From: Vernon A. Fort [EMAIL PROTECTED]
While on the bitdefender topic, I've had to disable this scanner on
several server due system load. I use gentoo on most servers, standard
setup...
postfix+amavisd-new+clamav+spamassassin
I tipically use 2-3 scanners
I am using custom log reporting ($log_temp1) in my amavisd.conf; however, I
am having a difficult time trying to come up with the proper syntax to
report virus scanners detecting a virus and the virus name the scanner
reported. I am looking for a format as follows:
Scanner1 detected
- Original Message -
From: Daniel Bentley [EMAIL PROTECTED]
We're currently dealing with one of these at my work, a Barracuda 300 box.
I'll have to say, it seems to be doing an okay filtering job for spam it
receives.
-However-, I'm not sure how other boxes do things, but there's a
- Original Message -
From: Ed Walker [EMAIL PROTECTED]
A request for a small change for the next version of amavisd:
We'd like to log slightly more detailed info of the messages. We use
log_recip_templ, and it would be nice if we could store the score reported
by spam assassin with
- Original Message -
From: MJ [EMAIL PROTECTED]
Hi,
Can someone help with following error?
Check the path to your clamd socket in clamd.conf and amavisd.conf. They
need to point to the correct location of the socket and they both need to
match.
Look for this section in your
95 matches
Mail list logo