--- Nigel Horne [EMAIL PROTECTED] wrote:
On Saturday 18 Sep 2004 13:24, Sandeep Agarwal
wrote:
hello list,
I have recently installed ClamAV on my Linux box,
it
is working fine, but when i tested my mail server
against virus attach (http://www.testvirus.org/),
it
successfully
The MIME vulnerabilities (last two tests) are an MTA issue not a clamav
issue.
Depending on your MTA (sendmail, exim , qmail, etc) there are different
ways of dealing with that.
The eximscan patch for exim, for example, includes a mime ACL you can use
to reject them, and it's included in the
On Monday 20 Sep 2004 07:57, Sandeep Agarwal wrote:
24 and 25 contains no virus but the mail i received
for these virus says:
For test #24
snip
For test #25
snip
Indeed it does. But (1) notice is says mail server not AV software
and (2) just because you read it on a web site doesn't make
--- Scott Call [EMAIL PROTECTED] wrote:
The MIME vulnerabilities (last two tests) are an
MTA issue not a clamav
issue.
Depending on your MTA (sendmail, exim , qmail, etc)
there are different
ways of dealing with that.
The eximscan patch for exim, for example, includes a
mime ACL
On Mon, 20 Sep 2004 at 1:44:20 +0200, Tomasz Kojm wrote:
On Mon, 20 Sep 2004 01:00:42 +0200
[EMAIL PROTECTED] wrote:
By the way - do You interested also in old ms-dos viruses not
No, we are not. We currently only focus on W32 malware (and it's still
a LOT to do).
Personally, I wouldn't
Hi,
I've installed the clamav (clamav clamav-base clamav-deamon
clamav-freshclean alibclamav1) debian packages taken from
www.clamav.net/binary.html
At the end of the installation/configuration I've tried as root
#clamd PING
in the document I've read the clamav deamon should answer with
Hi all,
I've been trying to get ClamAV to log via multilog so that I can
generate reports via mrtg. I followed the instructions here:
http://www.clamav.net/doc/0.75.1/clamd_supervised/clamd-daemontools-guide.txt
but logging still goes to syslog.
Have there been changes to this since the doc was
agenteo wrote:
Hi,
I've installed the clamav (clamav clamav-base clamav-deamon
clamav-freshclean alibclamav1) debian packages taken from
www.clamav.net/binary.html
At the end of the installation/configuration I've tried as root
#clamd PING
in the document I've read the clamav deamon should
Hello,
It looks possible to have clamd running on a separate box, running
clamdscan locally. However, the man page doesn't seem to indicate how
to get clamdscan to contact the remote clamd. Also, the config files
for the latest 0.75 version recommend running the daemon only in local
mode (using
On 9/20/2004 4:32 PM +0200, Matt Gourley wrote:
Hi all,
I've been trying to get ClamAV to log via multilog so that I can
generate reports via mrtg. I followed the instructions here:
http://www.clamav.net/doc/0.75.1/clamd_supervised/clamd-daemontools-guide.txt
Here are my relevant clamav.conf
Niek wrote:
On 9/20/2004 4:32 PM +0200, Matt Gourley wrote:
Hi all,
I've been trying to get ClamAV to log via multilog so that I can
generate reports via mrtg. I followed the instructions here:
http://www.clamav.net/doc/0.75.1/clamd_supervised/clamd-daemontools-guide.txt
Here are my relevant
- Original Message -
From: Nigel Horne [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, September 14, 2004 11:23 AM
Subject: Re: [Clamav-users] kernel: Out of Memory:Killed process x
(clamd).
On Tuesday 14 Sep 2004 06:30, Meni Shapiro wrote:
Hi Fajar,
Thanks for you
Thomas Lamy wrote:
RTFM (in /usr/share/clamav or on http://www.clamav.net/). And install
the package clamav-testfiles
As much as I would generally agree with the read the documentation reply
as a rule, the clamd options, i.e: PING, are not clearly explained in the
documentation, and could
On Sep 20, 2004, at 12:41 PM, Matt Gourley wrote:
Niek wrote:
On 9/20/2004 4:32 PM +0200, Matt Gourley wrote:
Hi all,
I've been trying to get ClamAV to log via multilog so that I can
generate reports via mrtg. I followed the instructions here:
Daniel Alberto Cañas wrote:
On Sep 20, 2004, at 12:41 PM, Matt Gourley wrote:
Niek wrote:
On 9/20/2004 4:32 PM +0200, Matt Gourley wrote:
Hi all,
I've been trying to get ClamAV to log via multilog so that I can
generate reports via mrtg. I followed the instructions here:
We have Clam Av installed and running. It is blocking virus e-mails
but is not generating any notification.
Is it possible to send a message onto the user that they had an e-mail
blocked? Or to an admin stating that [EMAIL PROTECTED] had a virus sent to
them?
Thanks in advance.
Hi
We have Clam Av installed and running. It is blocking virus e-mails but
is not generating any notification.
Right. clamav is just a virus scanner. It's sole purpose is to detect virii.
So, how are you passing your mails to clamav? That component or your mail
server could do that.
However,
Jonathan Pitcher wrote:
Is it possible to send a message onto the user that they had an e-mail
blocked? Or to an admin stating that [EMAIL PROTECTED] had a virus sent to
them?
http://www.mailscanner.info
--
/Peter Bonivart
--Unix lovers do it in the Sun
On Mon, 20 Sep 2004, Lucky Leavell wrote:
We are a small ISP suffering from repeated SYN Flood DoS/DDoS type
attacks. After putting a bridging firewall in place and using a packet
sniffer, we are certain the attacks are coming from within our own
network with machine A attacking machine B, both
From: agenteo I've installed the clamav (clamav clamav-base clamav-deamon
clamav-freshclean alibclamav1) debian packages taken from
www.clamav.net/binary.html
Are you also using amavisd-new?
_
FREE pop-up blocking with the new MSN
Dear ClamAV users,
the development version of ClamAV is ready for general testing! New
mechanisms have already proved very nasty to Internet worms
successfully protecting against the new versions R, S, T, U, V and W
of the infamous Mydoom worm and detecting them as Worm.Mydoom.Gen before
they
Steffen Heil wrote:
Hi
We have Clam Av installed and running. It is blocking virus e-mails
but
is not generating any notification.
... PLEASE only send a notification to the
intended user, NOT to the author. This would cause lot of
collateral damage.
With one caveat.
It is perfectly
On Mon, 20 Sep 2004, Jonathan Pitcher wrote:
Is it possible to send a message onto the user that they had an e-mail
blocked? Or to an admin stating that [EMAIL PROTECTED] had a virus sent to
them?
Yes.
It is also a bad idea.
Since most viruses forge the From: address, you will not be
On Tue, 21 Sep 2004, Luca Gibelli wrote:
-) clamd
+ new directive ScanHTML (enables HTML normalisator and ScrEnc decoder)
+ new directive ScanPE (win32 executable analyser and decompressor)
+ new directive DetectBrokenExecutables (try to detect broken
executables and
I'm just playing about with this and I can't seem to get it to work
quite the way I expect. I've created two signatures, to match the jpeg
exploit we discussed recently. My idea is that although the signature
is very small it minimises false positives by being restricted to
graphics files and
Christopher X. Candreva said:
On Mon, 20 Sep 2004, Jonathan Pitcher wrote:
Is it possible to send a message onto the user that they had an e-mail
blocked? Or to an admin stating that [EMAIL PROTECTED] had a virus sent to
them?
Yes.
It is also a bad idea.
Since most viruses forge the
hi,
just starting to play with this ...
config as:
./configure \
--prefix=/usr/local/clamav080rc \
--mandir=/usr/local/man \
--enable-shared \
--enable-static \
--with-user=clamav \
--with-group=clamav \
--with-tcpwrappers
fails @ make with:
On Tue, 21 Sep 2004 01:06:23 +0100
Kevin Spicer [EMAIL PROTECTED] wrote:
I'm just playing about with this and I can't seem to get it to work
quite the way I expect. I've created two signatures, to match the
jpeg exploit we discussed recently. My idea is that although the
signature is very
With one caveat.
It is perfectly acceptable to place an explanatory message in an SMTP
REJECT message.
Something like
EHLO (hi)
MAIL FROM (ok)
RCPT TO (ok)
DATA (can't accept for delivery, contains the EICAR virus!)
If the mail is being sent by a virus, the virus will usually just give
On Mon, 20 Sep 2004 17:50:45 -0700
OpenMacNews [EMAIL PROTECTED] wrote:
results in a DIFFERENT failed make @:
then mv -f .deps/dns.Tpo .deps/dns.Po; else rm -f
.deps/dns.Tpo; exit 1; fi dns.c: In function `txtquery':
dns.c:53: error: `C_IN' undeclared (first use in
hi tomasz,
results in a DIFFERENT failed make @:
then mv -f .deps/dns.Tpo .deps/dns.Po; else rm -f
.deps/dns.Tpo; exit 1; fi dns.c: In function `txtquery':
dns.c:53: error: `C_IN' undeclared (first use in this
This problem can be fixed with --disable-dns
h. tried that
Matt Gourley wrote:
Hi all,
I've been trying to get ClamAV to log via multilog so that I can
generate reports via mrtg.
$ pkg_info | grep clamav
clamav-0.75Free Virus Scanner
$ cat /etc/supervise/clamd/run
#!/bin/sh
exec 21
exec /usr/local/sbin/clamd
$ cat /etc/supervise/clamd/log/run
On 2004/09/21, at 11:08, OpenMacNews wrote:
results in a DIFFERENT failed make @:
then mv -f .deps/dns.Tpo .deps/dns.Po; else rm -f
.deps/dns.Tpo; exit 1; fi dns.c: In function `txtquery':
dns.c:53: error: `C_IN' undeclared (first use in this
This problem can be fixed with
[EMAIL PROTECTED] wrote:
Hi,
Is there any reason why Windows port of clamav exists only based on
cygwin ?
Regards
Boguslaw Brandys
Hi,
There will be one soon !
This is the first time I talk about it. UScanIT is about to be ready in a
few week. It uses ClamDB and is not based on cygwin
Luca Gibelli wrote:
-) clamd
+ clamav.conf was renamed clamd.conf
Um, this has got the one of the most annoying change for me in the
history of clamav
(the other ones was the change of libclamav.so.1.0.3 to libclamav.so.1.0.4,
and the now-missing ThreadTimeout option.)
Tomasz, can you
The attached patch will fix.
ok!
i can verify that Masaki's patch (removing the check for resolv.h) does the trick and
allows a successful make with:
./configure \
--prefix=/usr/local/clamav080rc \
--mandir=/usr/local/man \
--enable-shared \
--enable-static \
36 matches
Mail list logo