OK, before you all shudder I appologise if this is blatently obvious and
staring me in the face.
I have read the doco and searched google but I still am not able to
understand some fundamental things about clamav.
1. clamav daemon runs - what does it actually do?
2. clamscan actually scans
Hi there!
One of our scanners printed this in its logfile:
/usr/share/doc/automake-stable-1.4p6/COPYING: COPYING FOUND
/usr/share/doc/common-licenses/GPL-2: COPYING FOUND
/usr/share/doc/common-licenses/GPL-2.0: COPYING FOUND
Why does clamav report those?
Mit freundlichen Grüssen
Steffen Breitbach
On Tue, 05 Oct 2004 at 9:23:31 +0200, Steffen Breitbach wrote:
Hi there!
One of our scanners printed this in its logfile:
/usr/share/doc/automake-stable-1.4p6/COPYING: COPYING FOUND
/usr/share/doc/common-licenses/GPL-2: COPYING FOUND
/usr/share/doc/common-licenses/GPL-2.0: COPYING FOUND
gillian wrote:
OK, before you all shudder I appologise if this is blatently obvious and
staring me in the face.
I have read the doco and searched google but I still am not able to
understand some fundamental things about clamav.
1. clamav daemon runs - what does it actually do?
2.
On Tuesday 05 October 2004 09:23, gillian wrote:
this, but none of the doc mentions having to do this. So what am I
missing here?
http://www.amavis.org
Maurizio
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
On Tuesday 05 October 2004 09:23, gillian wrote:
better, http://www.ijs.si/software/amavisd/
M.
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Hi!
I have installed Clamav 0.75-1 with enabled milter for sendmail on my RH8
box. I have read the install paper which comes with clamav source but I
don't know how to start clamd before sendmail and also do I have to start
it or do I need to start only clamav-milter as daemon.
I allready have
I have installed Clamav 0.75-1 with enabled milter for sendmail on my
RH8 box. I have read the install paper which comes with clamav source
but I don't know how to start clamd before sendmail and also do I have
to start it or do I need to start only clamav-milter as daemon.
I allready have
Thank you so much for your response, but boy, now I am confused. Are you
saying I should be using amavis not clamav? This is the 2nd response
with an amavis url in it.
On Tue, 2004-10-05 at 19:40, Maurizio Marini wrote:
On Tuesday 05 October 2004 09:23, gillian wrote:
better,
Thank you so much for your response, but boy, now I am confused. Are
you
saying I should be using amavis not clamav? This is the 2nd response
with an amavis url in it.
amavis/amavisd-new is used as kind of 'glue' between your MTA and
clamav (e.g.).
On Tuesday 05 Oct 2004 11:08, gillian wrote:
Thank you so much for your response, but boy, now I am confused. Are you
saying I should be using amavis not clamav? This is the 2nd response
with an amavis url in it.
If you're using sendmail there is no need for any other software.
-Nigel
--
Thank you so much for your response, but boy, now I am confused. Are you
saying I should be using amavis not clamav? This is the 2nd response
with an amavis url in it.
Hi again,
Gillian, the 2 pieces of software complement each other -
Amavis-new is a 'conduit' which passes stuff out to
On Oct 5, 2004, at 6:08 AM, gillian wrote:
Thank you so much for your response, but boy, now I am confused. Are
you
saying I should be using amavis not clamav? This is the 2nd response
with an amavis url in it.
Amavis is a program that can work in conjunction with ClamAV.
Most UNIX systems work
gillian wrote:
Thank you so much for your response, but boy, now I am confused. Are you
saying I should be using amavis not clamav? This is the 2nd response
with an amavis url in it.
Which method of virus scanning are you wishing to achieve?
1) Scanning emails coming through your MTA.
2)
Hi All;
I've followed qmailrocks.org's site to a t and got clamav working
properly, however, the clamav.log file does not update.
It's still at 0 bytes and at the original date when I touched the file.
The permissions seem right, and the configuration in freshclam.conf seems
okay.
Anyone have
Hi All;
I've followed qmailrocks.org's site to a t and got clamav working
properly, however, the clamav.log file does not update.
It's still at 0 bytes and at the original date when I touched the file.
The permissions seem right, and the configuration in freshclam.conf seems
okay.
Do you have a conf in /usr/local/etc also? If so, does it match what you
have in /etc/clamav.conf ?
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 05, 2004 8:18 AM
To: ClamAV users ML
Subject: [Clamav-users] Log File 0 Bytes
Hi All;
I've
Sasa Stupar wrote:
I don't know how to start clamd before sendmail and also do I have
to start it or do I need to start only clamav-milter as daemon.
It's been a l-o-n-g time since I messed with Linux, and I know nothing
about SYSV-style startups. I have always used rc.local for packages that
I
Hi all
I just run a few mail test from www.gfi.com/emailsecuritytest and my clam
antivirus failed miserably.
I too ran the tests from testvirus.org, this second test was ok, only two
got through.
Could someone please share some help with this,
Kind Regards
Brent Clark
On Tuesday 05 Oct 2004 14:11, Brent Clark wrote:
Hi all
I too ran the tests from testvirus.org, this second test was ok, only two
got through.
Two will get through (24 and 25), but since they don't contain any virus there's
nothing to find and therefore nothing to stop.
Brent Clark
-Nigel
On Tuesday 05 Oct 2004 14:11, Brent Clark wrote:
Hi all
I just run a few mail test from www.gfi.com/emailsecuritytest and my clam
antivirus failed miserably.
You haven't said what version of clamAV you're using, so I can't advise you.
Brent Clark
-Nigel
--
Nigel Horne. Arranger,
Hi, I use 0.75.1 .. test with testvirus.org are full ok but with
gfi.com/emailsecuritytest are failed eicar.com and hide.hta in fact the attached pass
through mail server and it arrive on mail client, but the file but gfi-test.txt not is
created on pc.
--
Salvatore.
On Tuesday 05 Oct 2004 14:11, Brent Clark wrote:
Hi all
I just run a few mail test from www.gfi.com/emailsecuritytest and my clam
antivirus failed miserably.
What do you mean by failed miserably. I can only assume you mean that 100%
of the emails got through.
I've just tried this test. Some
Hi
mail:~# clamscan -V
clamscan / ClamAV version 0.75-1
mail:~#
Im using this with my Exim Mail server
Thanks for your help
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Hi,
I've setted up the clamd this is the clamav.conf file:
#Automatically Generated by clamav-daemon postinst
#To reconfigure clamd run #dpkg-reconfigure clamav-daemon
LocalSocket /var/run/clamav/clamd.ctl
FixStaleSocket
User root
AllowSupplementaryGroups
ScanMail
ScanArchive
ArchiveMaxRecursion 5
Brent Clark wrote:
Hi
mail:~# clamscan -V
clamscan / ClamAV version 0.75-1
mail:~#
Im using this with my Exim Mail server
Remember that a lot of the GFI tests are for Outlook vulnerablities, no
malicious code per se. How many did you trap?
Matt
Remember that a lot of the GFI tests are for Outlook vulnerablities, no
malicious code per se. How many did you trap?
Only 6
Which I suppose aint to bad, but still.
But your right, because 5 were (more an Exim issue):
Brent Clark wrote:
Hi all
I just run a few mail test from www.gfi.com/emailsecuritytest and my clam
antivirus failed miserably.
I too ran the tests from testvirus.org, this second test was ok, only two
got through.
Could someone please share some help with this,
Both gfi and antivirus.org have
I just ran it against mine (.80rc3) and it worked pretty good...I did
have the 2 come through...however I had 5 of them that I was getting the
stream: Bad format or broken data ERROR message on them and my server
was rejecting with a Milter: data, reject=451 4.3.2 Please try again
later...
Shane Wise wrote:
I just ran it against mine (.80rc3) and it worked pretty good...I did
have the 2 come through...however I had 5 of them that I was getting the
stream: Bad format or broken data ERROR message on them and my server
was rejecting with a Milter: data, reject=451 4.3.2 Please
Brent Clark wrote:
Only 6
Which I suppose aint to bad, but still.
But your right, because 5 were (more an Exim issue):
There are five that I know of which should definitely be picked up by
virus scanning, so that's about right. The rest are down to scanning, by
some other means, for
Just like to say, by the way, the new ML server is great. It's lovely
to see the mails within a short while of posting :) Thanks chaps.
Matt
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
I upgraded from .65 to .80rc3 on fedora core 2
machine(rpm from site), and I was told by a user of a
system I admin this morning, hours and hours later,
that clamav was using 100% cpu/ram.
I did ps auxw |grep clamav and saw the following
ps aux |grep clam
root 5616 0.0 0.1 3808 552 ?
Title: Can I add message to end of email
Hi
Just finishing install on a Raq4 and would like to add a message
At the end of each mail checked to say it was scanned ok
Is this possible if so please can you let me know how
Thanks
Richard
Richard Owen wrote:
Hi
Just finishing install on a Raq4 and would like to add a message
At the end of each mail checked to say it was scanned ok
Is this possible if so please can you let me know how
What software are you using to scan the email?
Matt
On Tuesday 05 Oct 2004 16:27, Shane Wise wrote:
May have been...looked like it was like eicar 1/5 through 5/5
I am uploading *TEST* code to handle this to CVS as we speak.
-Nigel
--
Nigel Horne. Arranger, Composer, Typesetter.
NJH Music, Barnsley, UK. ICQ#20252325
[EMAIL PROTECTED]
On Tuesday 05 Oct 2004 16:36, Richard Owen wrote:
Just finishing install on a Raq4 and would like to add a message
At the end of each mail checked to say it was scanned ok
With the --sign and/or --sigature-file option of clamav-milter
Richard
-Nigel
--
Nigel Horne. Arranger, Composer,
John H. wrote:
I upgraded from .65 to .80rc3 on fedora core 2
machine(rpm from site), and I was told by a user of a
system I admin this morning, hours and hours later,
that clamav was using 100% cpu/ram.
I did ps auxw |grep clamav and saw the following
ps aux |grep clam
root 5616 0.0 0.1
I wrote:
I am uploading *TEST* code to handle this to CVS as we speak.
Yes, before anyone says it, I know I've been maintaining for sometime that
(a) it's not possible and (b) it's not the job of clamAV anyway. But I had a
brainwave on how to do it...
It is EXPERIMENTAL code, not compiled by
No, I do not.
I used the RPM from qmailrocks.org.
Do you have a conf in /usr/local/etc also? If so, does it match what you
have in /etc/clamav.conf ?
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Hello,
man clamav-milter
[...]
--sign, -S
Add a hard-coded signature to each scanned file.
--signature-file, -F
Location of file to be appended to each scanned message.
Overrides -S.
[...]
Best regards
hug
On Tue, 5 Oct 2004, Richard Owen wrote:
Hi
Just finishing install on a
Hi.
I have installed clamav 0.80rc3 on my system (Slackware 10.0).
Now I want to update my virus database. But after starting freshclam I
become this error message.
ClamAV update process started at Mon Oct 4 19:11:23 2004
ERROR: Can't get information about db.de.clamav.net host.
ERROR:
On Tue, 05 Oct 2004 18:27:13 +0200 in
[EMAIL PROTECTED] Marcus Habermehl
[EMAIL PROTECTED] wrote:
ClamAV update process started at Mon Oct 4 19:11:23 2004
ERROR: Can't get information about db.de.clamav.net host.
ERROR: Connection with ??? failed.
What happens if you try:
dig
Am Dienstag, den 05.10.2004, 17:32 +0100 schrieb Brian Morrison:
On Tue, 05 Oct 2004 18:27:13 +0200 in
[EMAIL PROTECTED] Marcus Habermehl
[EMAIL PROTECTED] wrote:
ClamAV update process started at Mon Oct 4 19:11:23 2004
ERROR: Can't get information about db.de.clamav.net host.
ERROR:
On Tue, 05 Oct 2004 18:41:53 +0200 in
[EMAIL PROTECTED] Marcus Habermehl
[EMAIL PROTECTED] wrote:
Am Dienstag, den 05.10.2004, 17:32 +0100 schrieb Brian Morrison:
On Tue, 05 Oct 2004 18:27:13 +0200 in
[EMAIL PROTECTED] Marcus Habermehl
[EMAIL PROTECTED] wrote:
ClamAV update process
my system is not messed up, and I did not install a
3rd party package. I clearly explained the contents
of clamnightly, which simply runs clamscan and
freshclam every night
cat /etc/cron.daily/clamnightly
/usr/bin/freshclam --quiet -l /var/log/clam-update.log
/usr/bin/clamscan -r -i -l
I've built about half a dozen versions and ports of libgmp and
'configure' is *still* bitching. I even found a port called
'libgmp-freebsd'...
GNU MP is a library for arbitrary precision arithmetic...
[SNIP]
Note: This package contains version the the library just before it was
removed from
Scott Rothgaber wrote:
I've built about half a dozen versions and ports of libgmp and
'configure' is *still* bitching. I even found a port called
'libgmp-freebsd'...
GNU MP is a library for arbitrary precision arithmetic...
[SNIP]
Note: This package contains version the the library
Am Dienstag, den 05.10.2004, 17:45 +0100 schrieb Brian Morrison:
On Tue, 05 Oct 2004 18:41:53 +0200 in
[EMAIL PROTECTED] Marcus Habermehl
[EMAIL PROTECTED] wrote:
Am Dienstag, den 05.10.2004, 17:32 +0100 schrieb Brian Morrison:
On Tue, 05 Oct 2004 18:27:13 +0200 in
[EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] wrote:
| Hi All;
|
| I've followed qmailrocks.org's site to a t and got clamav working
| properly, however, the clamav.log file does not update.
|
| It's still at 0 bytes and at the original date when I touched the file.
|
| The
On Tue, 05 Oct 2004 19:00:43 +0200 in
[EMAIL PROTECTED] Marcus Habermehl
[EMAIL PROTECTED] wrote:
I execute freshclam like this
su -c freshclam
root password
Perhaps is this wrong?
Not sure, but it might be.
I run freshclam as a daemon from an /etc/rc.d/init script, so it is
running
Brian Morrison wrote:
On Tue, 05 Oct 2004 19:00:43 +0200 in
[EMAIL PROTECTED] Marcus Habermehl
[EMAIL PROTECTED] wrote:
I execute freshclam like this
su -c freshclam
root password
Perhaps is this wrong?
Not sure, but it might be.
I run freshclam as a daemon from an
Thank you for the answer.
This is the way that I am starting it now but in the docs it is specified
to start milter and clamd before sendmail and rc.local is started at the end.
Anyone with the knowledge of sysv style startup (redhat)?
Reagrds,
Sasa
At 09:02 5.10.2004 -0400, you wrote:
Sasa
I am running a clamav-milter with sendmail 8.13.0. I have made a test at
www.testvirus.org and two tests passed thru: #24 and #25.
In explanation it says that it should detect it but it doesn't.
Any comment on that?
Regards,
Sasa Stupar
___
Just forgot to mention that I am running Clamav 0.75.1.
At 20:34 5.10.2004 +0200, you wrote:
I am running a clamav-milter with sendmail 8.13.0. I have made a test at
www.testvirus.org and two tests passed thru: #24 and #25.
In explanation it says that it should detect it but it doesn't.
Any
Sasa Stupar wrote:
Just forgot to mention that I am running Clamav 0.75.1.
At 20:34 5.10.2004 +0200, you wrote:
I am running a clamav-milter with sendmail 8.13.0. I have made a
test at www.testvirus.org and two tests passed thru: #24 and #25.
In explanation it says that it should detect it
On Tuesday 05 Oct 2004 19:34, Sasa Stupar wrote:
I am running a clamav-milter with sendmail 8.13.0. I have made a test at
www.testvirus.org and two tests passed thru: #24 and #25.
There is no signature to detect, so nothing to stop.
In explanation it says that it should detect it but it
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Nigel Horne
Sent: Tuesday, October 05, 2004 2:02 PM
To: ClamAV users ML
Subject: Re: [Clamav-users] Detection problem?
On Tuesday 05 Oct 2004 19:34, Sasa Stupar wrote:
I am running a clamav-milter
Am Dienstag, den 05.10.2004, 19:09 +0100 schrieb Matt:
Brian Morrison wrote:
On Tue, 05 Oct 2004 19:00:43 +0200 in
[EMAIL PROTECTED] Marcus Habermehl
[EMAIL PROTECTED] wrote:
I execute freshclam like this
su -c freshclam
root password
Perhaps is this wrong?
After closer inspection of the logs I found the entry
Mon Oct 4 01:06:39 2004 - Client disconnected
and have tracked the problem back to clamd/others.c. If I replace others.c with
the version from rc2 the problem disappears.
diff of the 2 files is:
141d140
#undef HAVE_POLL /* temporarily
Hello again,
I am still getting the below message after starting clamd clamav-milter and
sendmail in that order. clamd and clamav-milter start without any errors
being reported in either clamd.log or /var/log/messages. When I start
sendmail, which starts without error itself I get the error
At 14:17 5.10.2004 -0500, you wrote:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Nigel Horne
Sent: Tuesday, October 05, 2004 2:02 PM
To: ClamAV users ML
Subject: Re: [Clamav-users] Detection problem?
On Tuesday 05 Oct 2004 19:34, Sasa Stupar
62 matches
Mail list logo