On Tuesday 03 May 2005 22:48, Jose Luis Hime wrote:
Excuse me for my misunderstanding, but is there any special configuration I
should do to use --external ?
I read the man page for clamav-milter and I have one doubt:
Hi All
I'm having a problem with the new Sober.P/O/Q whatever. I'm running
mostly Exim 4.43 and clamd 0.84.
Clamd starting up with my options:
Wed May 4 09:57:56 2005 - clamd daemon 0.84 (OS: freebsd4.8, ARCH:
i386, CPU: i386)
Wed May 4 09:57:56 2005 - Log file size limited to 10485760
On Wed, 2005-05-04 at 10:56 +0200, David Peall wrote:
Hi All
I'm having a problem with the new Sober.P/O/Q whatever. I'm running
mostly Exim 4.43 and clamd 0.84.
Clamd starting up with my options:
Wed May 4 09:57:56 2005 - clamd daemon 0.84 (OS: freebsd4.8, ARCH:
i386, CPU: i386)
Wed
What if you run clamdscan?
# clamdscan /usr/home/david/viruses/D.0IQD
/usr/home/david/viruses/D.0IQD: OK
--- SCAN SUMMARY ---
Infected files: 0
Time: 0.465 sec (0 m 0 s)
# clamscan /usr/home/david/viruses/D.0IQD
/usr/home/david/viruses/D.0IQD: Worm.Sober.P FOUND
Hi!
I've got a file that i've received as an attach, and it seems to be a
virus, but clamd didn't detect it as that.
That's the second time i ask for this kind of help, but i don't know if it
could be a problem of my old version of clamav (i tested it on 0.75 and
0.80).
Here i have the file
thus Alvaro Uría spake:
Hi!
I've got a file that i've received as an attach, and it seems to be a
virus, but clamd didn't detect it as that.
That's the second time i ask for this kind of help, but i don't know if it
could be a problem of my old version of clamav (i tested it on 0.75 and
Ok have fixed the problem. I had to add the folling to freshclam.conf
DatabaseDirectory ? Pointing to the wrong place.
NotifyClamd ? Not restarting Clamd.
Really stupid mistakes!
Thanks for your help.
David Peall :: Systems Administrator
e-Schools' Network :: http://www.esn.org.za/
Phone +27
Hi again,
On Wed, 04 May 2005 14:17:32 +0400
George Chelidze [EMAIL PROTECTED] wrote:
Hello,
You can use online scanner at
http://test-clamav.power-netz.de to scan this files in question.
Worm.Sober.P is found in provided example.
I didn't know that site. Thank you very much. And BTW,
On Tuesday 03 May 2005 22:09, Pete 'Wolfy' Hanson wrote:
Ah, and here's my startup command:
/usr/local/sbin/clamav-milter --dont-log-clean --headers --local
--pidfile=/var/clamav/clamav-milter.pid --quiet
/var/clamav/clamav-milter.sock
There is a current limitation: if you don't give the
I am still not catching this one on two of my four servers. Any
pointers to troubleshooting will be immediately pursued.
Data from one that doesn't work:
Definitions are current:
mail joe $ freshclam
ClamAV update process started at Wed May 4 08:27:53 2005
main.cvd is up to date (version: 31,
On Wed, 4 May 2005 09:00:41 -0500
Joe Kletch [EMAIL PROTECTED] wrote:
Yet clamscan does not:
mail joe $ clamscan account_info-text.zip
account_info-text.zip: OK
Nor does clamdscan:
mail joe $ clamdscan account_info-text.zip
/usr/home/joe/account_info-text.zip: OK
--- SCAN
clamscan -V
ClamAV devel-20050504/866/Tue May 3 21:02:33 2005
~/virus freshclam
ClamAV update process started at Wed May 4 16:16:19 2005
main.cvd is up to date (version: 31, sigs: 33079, f-level: 4, builder: tkojm)
daily.cvd is up to date (version: 866, sigs: 1070, f-level: 4, builder: arnaud
On May 4, 2005, at 9:09 AM, Bowie Bailey wrote:
From: Joe Kletch [mailto:[EMAIL PROTECTED]
I am still not catching this one on two of my four servers. Any
pointers to troubleshooting will be immediately pursued.
Data from one that doesn't work:
Definitions are current:
mail joe $ freshclam
ClamAV
Joe,
Thanks for the problem resolution. I was in the same boat and I made both
DatabaseDirectory directive in the freshclam.conf and clamd.conf the same.
I then restarted clam and checked the version, all is good. I then checked
the logs and clam caught 10 Worm.Sober.P in 3 minutes.
Thanks,
Redhat 8.0, currently running clamav 0.70rc-1. Trying to upgrade to
0.83 to match the other MX, then I'll move them both to 0.84 in the next
couple weeks.
/home/sysadmin/clamav-0.83/freshclam/dns.c:55: undefined reference to
`__res_query'
/home/sysadmin/clamav-0.83/freshclam/dns.c:62:
On Wed, 4 May 2005 10:03:36 -0500
Jon Dossey [EMAIL PROTECTED] wrote:
Redhat 8.0, currently running clamav 0.70rc-1. Trying to upgrade to
0.83 to match the other MX, then I'll move them both to 0.84 in the
next couple weeks.
0.83 is no longer supported.
--
oo. Tomasz
thats why he upgraded to 0.84 ;)=
-Original Message-
Tomasz Kojm
On Wed, 4 May 2005 10:03:36 -0500
Jon Dossey [EMAIL PROTECTED] wrote:
Redhat 8.0, currently running clamav 0.70rc-1. Trying to upgrade to
0.83 to match the other MX, then I'll move them both to 0.84 in the
On Wed, 4 May 2005 17:08:10 +0200
Dörfler Andreas [EMAIL PROTECTED] wrote:
thats why he upgraded to 0.84 ;)=
No, he didn't. Read carefully what that lame Sunday school admin has
written.
--
oo. Tomasz Kojm [EMAIL PROTECTED]
(\/)\.
On Wed, May 04, 2005 at 10:03:36AM -0500, Jon Dossey said:
/home/sysadmin/clamav-0.83/freshclam/dns.c:55: undefined reference to
`__res_query'
/home/sysadmin/clamav-0.83/freshclam/dns.c:62: undefined reference to
`__dn_expand'
/home/sysadmin/clamav-0.83/freshclam/dns.c:77: undefined reference
thus Nigel Horne spake:
On Wednesday 04 May 2005 16:02, [EMAIL PROTECTED] wrote:
. If you have received this
communication in error, please notify me immediately by telephone or fax
But you haven't given your telephone and fax number, so how can you expect
anyone to do that?
sometimes i
Man that never gets old. hahahaha not funny.
I have no control over this warning.
CONFIDENTIALITY WARNING: The information in the e:mail is confidential and
privileged. It is intended only for the use of the individual or entity it
is addressed to. If the reader of this message is not the
On Wednesday 04 May 2005 16:15, Tomasz Kojm wrote:
All those people currently running clamav 0.70rc-1 (dated on Mon Mar
15 20:53:10 CET 2004) and trying to upgrade to 0.83 when 0.84 is out
are throwing me off balance.
That's because you're not getting any sleep because of all those Tiger
On Wednesday 04 May 2005 16:16, [EMAIL PROTECTED] wrote:
Man that never gets old. hahahaha not funny.
I have no control over this warning.
Yes you do. Use a hotmail/yahoo/gmail account.
--
Nigel Horne. Arranger, Composer, Typesetter.
NJH Music, Barnsley, UK. ICQ#20252325
[EMAIL
on a fresh clean e-mail, send me the output of the following commands.
ls -lsa /usr/lib
+++
ls -lsa /usr/local/lib
___
http://lurker.clamav.net/list/clamav-users.html
From: Dale Walsh [mailto:[EMAIL PROTECTED]
on a fresh clean e-mail, send me the output of the following commands.
ls -lsa /usr/lib
+++
ls -lsa /usr/local/lib
Before I paste this in, my libresolv lives in /lib
[EMAIL PROTECTED] lib]# ls -l libr*
-rwxr-xr-x1
Nigel,
Unfortunately, we have web surfing policies that watch total usage. Though
it is valid, it is not worth mentioning. With the mailing list being so
active I could miss out on alot of threads and great information..
Gord
CONFIDENTIALITY WARNING: The information in the e:mail is
By now some of you have tried building ClamAV to get an updated
version running because you found the 0.81 and the lack of digital
signature support to be displeasing.
You are now experiencing build issues and find that even selecting
gcc3.3 as the default compiler it still wont build.
Give me the output of the following commands (without changing them)
because I am looking for correlations.
ls -lsa /isr/lib
+
ls -lsa /lib
___
http://lurker.clamav.net/list/clamav-users.html
On Wednesday 04 May 2005 16:03, Jon Dossey wrote:
Redhat 8.0, currently running clamav 0.70rc-1. Trying to upgrade to
0.83 to match the other MX, then I'll move them both to 0.84 in the next
couple weeks.
/home/sysadmin/clamav-0.83/freshclam/dns.c:55: undefined reference to
`__res_query'
On Wednesday 04 May 2005 16:40, Phillip Salzman wrote:
Hello,
I just put clamav (and clamav-milter) into production on two fairly
large Sendmail servers. Before doing this, I tested it on a box and
didn't have any problems.
It seems that I'm having a couple possibly unrelated issues.
On Wednesday 04 May 2005 16:03, Jon Dossey wrote:
Redhat 8.0, currently running clamav 0.70rc-1. Trying to upgrade to
0.83 to match the other MX, then I'll move them both to 0.84 in the
next
couple weeks.
/home/sysadmin/clamav-0.83/freshclam/dns.c:55: undefined reference
to
It could be, but the -STABLE we're running is from over a year after the
fix.
Thanks,
Phillip Salzman
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Trog
Sent: Wednesday, May 04, 2005 10:57 AM
To: ClamAV users ML
Subject: Re: [Clamav-users] clamav
Hello.
I compiled Clamav .83 from the .gz download. When I found that .84 was
available in RPM from SuSE (my OS is SuSE 9.1) I downloaded the RPM and
attempted to install same after shutting down clamd and freshclamd, etc. and
removing all of what I could find of the .83 files. The RPM seemed
should I note that I just realized this is happening every 5 minutes
(give or take a few seconds) ?
May 4 15:35:00 lora clamav-milter: ClamAv: accept() returned invalid
socket (Result too large), try again
May 4 15:39:51 lora clamav-milter: ClamAv: accept() returned invalid
socket (Result too
followup from yesterday.
some of the responses i received yesterday suggesting increasing
the -m (max-children) switch on clamav-milter. i was running
with:
clamav-milter -PHl --postmaster=root -m 64
i increased this to:
clamav-milter -PHl --postmaster=root -m 96
and restarted clam late
On May 04, 2005, at 11:44, Nigel Horne wrote:
On Wednesday 04 May 2005 16:35, Dale Walsh wrote:
I asked Tomasz to place an installer on his webpage so you Mac OSX/
Tiger fans can update to the latest version with digital signature
support without too much difficulty but at the moment he doesn't
On Wed, 4 May 2005 12:15:42 -0400 in
[EMAIL PROTECTED] Mike Blonder
[EMAIL PROTECTED] wrote:
Hello.
I compiled Clamav .83 from the .gz download. When I found that .84 was
available in RPM from SuSE (my OS is SuSE 9.1) I downloaded the RPM
and attempted to install same after shutting down
On Wednesday 04 May 2005 17:30, Dale Walsh wrote:
If it will help and you'll cover the cost of shipping, I'll send you
Original Apple 10.4 Server install CD's, I have several extras.
Thanks for the offer, I have a laptop so I wonder if the server version
will do any good. Perhaps another
On Wed, 04 May 2005 17:15:40 +0200 in [EMAIL PROTECTED]
Timo Schoeler [EMAIL PROTECTED] wrote:
But you haven't given your telephone and fax number, so how can you
expect anyone to do that?
sometimes i think lawyers must be screaming of pain (caused by their
stupidity/silliness)... :D
On Wednesday 04 May 2005 17:27, rick pim wrote:
both clamd and clamav-milter processes were still running.
two things:
- i have freshclam running via cron at xx:37 -- this failure started
about ten minutes after a freshclam run. yesterday's failure also
started about ten
Thanks Brian.
I could not get the rpm upgrade to work and, hence, proceeded to another
SuSE box on the LAN and installed, mounted directories and it is working.
Thanks
Mike
On 5/4/05, Brian Morrison [EMAIL PROTECTED] wrote:
On Wed, 4 May 2005 12:15:42 -0400 in
[EMAIL PROTECTED] Mike
On 5/4/05, Nigel Horne [EMAIL PROTECTED] wrote:
There is a current limitation: if you don't give the --external option, you
must
use --max-children, otherwide clamav-milter will fail to start.
Thank, you Nigel. Interestingly, clamav-milter *was* starting and
running for extended periods, and
On Wednesday 04 May 2005 17:27, rick pim wrote:
some of the responses i received yesterday suggesting increasing
the -m (max-children) switch on clamav-milter. i was running
with:
clamav-milter -PHl --postmaster=root -m 64
i increased this to:
clamav-milter -PHl --postmaster=root -m 96
Hi,
I noticed today that clamdscan exits with an exit code of 2 instead of 0
when it encounters a password protected zip file, even with
ArchiveBlockEncrypted commented out.
Is this the recommended exit code, or have I encountered a bug ?
If this is the recommended exit code, where might I find
On May 4, 2005, at 11:12 AM, Nigel Horne wrote:
On Wednesday 04 May 2005 16:02, [EMAIL PROTECTED] wrote:
. If you have received this
communication in error, please notify me immediately by telephone or
fax
But you haven't given your telephone and fax number, so how can you
expect
anyone to do
Bart Silverstrim wrote:
On May 4, 2005, at 11:12 AM, Nigel Horne wrote:
On Wednesday 04 May 2005 16:02, [EMAIL PROTECTED] wrote:
. If you have received this
communication in error, please notify me immediately by telephone or fax
But you haven't given your telephone and fax number, so how can
Bart Silverstrim said:
I've always wondered...why do people put confidentiality notices saying
if this is not meant for you, erase it, yadda yadda... at the END of
the message, so you already know what you're not supposed to know?
I mean, they do know that these disclaimers haven't been
Rick Macdougall wrote:
I noticed today that clamdscan exits with an exit code of 2 instead of 0
when it encounters a password protected zip file, even with
ArchiveBlockEncrypted commented out.
Is this the recommended exit code, or have I encountered a bug ?
If this is the recommended
Rick Macdougall wrote:
René Berber wrote:
man clamdscan:
[snip]
RETURN CODES
0 : No virus found.
1 : Virus(es) found.
2 : An error occured.
Thanks,
One place I didn't look that I should have but still, is a password
protected zip file considered an error ? I
Rick Macdougall wrote:
One place I didn't look that I should have but still, is a password
protected zip file considered an error ? I can't really allow scans
that return a 2 to pass through (well I can but I don't think it's a
good idea).
It has been discused before that clamav can detect
I've read about increasing the limits when trouble with chpst / softlimit.
Increasing more and more changes nothing.
softlimit -a 4000 /usr/sbin/clamd = ok
softlimit -s 4000 /usr/sbin/clamd = ok
softlimit -l 4000 /usr/sbin/clamd = ok
softlimit -d 4000 /usr/sbin/clamd = ok
On May 04, 2005, at 14:41, Brad Koehn wrote:
I've just upgraded to Mac OS X Server, which according to all the
literature includes clamav... version 0.81! Upon downloading
clamav-0.84,
I discovered that I cannot build it successfully.
During ./configure, I get the following warning:
configure:
[EMAIL PROTECTED] wrote:
Rick Macdougall wrote:
René Berber wrote:
man clamdscan:
[snip]
RETURN CODES
0 : No virus found.
1 : Virus(es) found.
2 : An error occured.
Thanks,
One place I didn't look that I should have but still, is a password
protected zip file considered an error
René Berber wrote:
Rick Macdougall wrote:
One place I didn't look that I should have but still, is a password
protected zip file considered an error ? I can't really allow scans
that return a 2 to pass through (well I can but I don't think it's a
good idea).
It has been discused before that
Rick Macdougall wrote:
Yes, I understand that but I don't think a 2 should be returned for a
password protected zip file, 2 can be returned for any error, and a
password protected zip file should not be an error. It should be 0
for regular use, or 1 if I enable ArchiveBlockEncrypted, it
Rick Macdougall wrote:
So you are saying it is safe to pass on mail with an exit code of 2 ?
No.
I'll never get an exit code of 2, if say the hd fills up, or clamd is
running as a user without permissions to read the files or fails for
some other reason ?
You'll get code 2 for any error.
Since upgrading to 0.84 the other day, my system usage has gone through the
roof, usually running between 4 and 8 but occasionally well over 12.
According to 'top', virtually all of the time is being spent in
clamav-milter with most of the rest in sendmail.
Is it possible that the latest
57 matches
Mail list logo