Hi all,
here's what happened to my installation yesterday :
@19:01, for apparently no reason, clamd died logging :
Wed May 4 19:01:42 2005 - Segmentation fault :-( Bye..
@ the same time, in '/var/tmp/clamav/', instead of archiving a virus mail
like it uses to, it created an *empty* directory
On Thu, 2005-05-05 at 11:25 +0200, Silvio - Network Operations wrote:
Box is FreeBSD 5.2.1-RELEASE, clamav version is 0.83, running smoothly for
3 months in a row, before this ...
Upgrade.
-trog
signature.asc
Description: This is a digitally signed message part
* Silvio - Network Operations [EMAIL PROTECTED] [20050505 12:26]: wrote:
Hi all,
here's what happened to my installation yesterday :
@19:01, for apparently no reason, clamd died logging :
Wed May 4 19:01:42 2005 - Segmentation fault :-( Bye..
@ the same time, in '/var/tmp/clamav
Rick Macdougall wrote:
You could adopt a policy that yes, password-protected zip files can
be assumed to be viruses with the following clamd.conf option:
Yes, I understand that but I don't think a 2 should be returned for a
password protected zip file, 2 can be returned for any error, and
Hello, all.
I think, it's not a clamd or clamav-milter error.
Probably it's a Sendmail 8.12.X and higher Milter API interface
features/bugs. I don't see this error with 8.11.7
I saw this problem with another milters and not only clamav-milter.
BTW, try search in google timeout before data
Mike Nolan wrote:
Since upgrading to 0.84 the other day, my system usage has gone through the
roof, usually running between 4 and 8 but occasionally well over 12.
According to 'top', virtually all of the time is being spent in
clamav-milter with most of the rest in sendmail.
Is it possible
On Wed, 2005-05-04 at 16:24 +0100, Nigel Horne wrote:
On Wednesday 04 May 2005 16:16, [EMAIL PROTECTED] wrote:
Man that never gets old. hahahaha not funny.
I have no control over this warning.
Yes you do. Use a hotmail/yahoo/gmail account.
At our company, all webmail is blocked and
[EMAIL PROTECTED] wrote:
On Wed, 2005-05-04 at 16:24 +0100, Nigel Horne wrote:
On Wednesday 04 May 2005 16:16, [EMAIL PROTECTED] wrote:
Man that never gets old. hahahaha not funny.
I have no control over this warning.
Yes you do. Use a hotmail/yahoo/gmail account.
At our company,
Daniel J McDonald wrote:
as it is harder to scan those messages for viruses
Nonsense. Mail is mail. If you are running a mailserver, it should be
able to cope with all types of mail, irrelevant of (creation|submission)
method.
Matt
___
On Thu, 5 May 2005, Daniel J McDonald wrote:
At our company, all webmail is blocked and policy forbids it's use, as
it is harder to scan those messages for viruses (and the last time we
got hit by a mass-mailing worm - Melisa - was due to a person using
web-mail.)
We still sell Unix shell
Slightly off topic, but has anyone noticed some numpty, (mentioning no
names), replying to their posts with a test message?
Matt
___
http://lurker.clamav.net/list/clamav-users.html
thus Daniel J McDonald spake:
On Wed, 2005-05-04 at 16:24 +0100, Nigel Horne wrote:
On Wednesday 04 May 2005 16:16, [EMAIL PROTECTED] wrote:
Man that never gets old. hahahaha not funny.
I have no control over this warning.
Yes you do. Use a hotmail/yahoo/gmail account.
At our
thus Randal, Phil spake:
[EMAIL PROTECTED] wrote:
On Wed, 2005-05-04 at 16:24 +0100, Nigel Horne wrote:
On Wednesday 04 May 2005 16:16, [EMAIL PROTECTED] wrote:
Man that never gets old. hahahaha not funny.
I have no control over this warning.
Yes you do. Use a hotmail/yahoo/gmail
thus Matt Fretwell spake:
Daniel J McDonald wrote:
as it is harder to scan those messages for viruses
Nonsense. Mail is mail. If you are running a mailserver, it should be
able to cope with all types of mail, irrelevant of (creation|submission)
method.
partly agreed. if they want to
On May 5, 2005, at 8:02 AM, Matt Fretwell wrote:
Daniel J McDonald wrote:
as it is harder to scan those messages for viruses
Nonsense. Mail is mail. If you are running a mailserver, it should be
able to cope with all types of mail, irrelevant of
(creation|submission)
method.
But...if they're
thus Daniel J McDonald spake:
On Thu, 2005-05-05 at 14:12 +0200, Timo Schoeler wrote:
thus Daniel J McDonald spake:
On Wed, 2005-05-04 at 16:24 +0100, Nigel Horne wrote:
On Wednesday 04 May 2005 16:16, [EMAIL PROTECTED] wrote:
Man that never gets old. hahahaha not funny.
I have no
Hello.
Is it not implemented ?
-- Forwarded Message --
Subject: Re: [clamd/clamscan (?)] Oversized.RAR false positives
Date: Monday 29 November 2004 01:37
From: Tomasz Kojm tkojm * clamav.net
To: Sergey Y. Afonin asy * kraft-s.ru
On Sat, 27 Nov 2004 10:42:04 +0400
Sergey Y.
On Thu, 5 May 2005 14:00:17 +0100
Sergey [EMAIL PROTECTED] wrote:
Hello.
Is it not implemented ?
Yes, it isn't.
--
oo. Tomasz Kojm [EMAIL PROTECTED]
(\/)\. http://www.ClamAV.net/gpg/tkojm.gpg
\..._
Bart Silverstrim said:
On May 5, 2005, at 8:02 AM, Matt Fretwell wrote:
Daniel J McDonald wrote:
as it is harder to scan those messages for viruses
Nonsense. Mail is mail. If you are running a mailserver, it should be
able to cope with all types of mail, irrelevant of
thus Dennis Peterson spake:
Bart Silverstrim said:
On May 5, 2005, at 8:02 AM, Matt Fretwell wrote:
Daniel J McDonald wrote:
as it is harder to scan those messages for viruses
Nonsense. Mail is mail. If you are running a mailserver, it should be
able to cope with all types of mail,
Dennis Peterson wrote:
as it is harder to scan those messages for viruses
Nonsense. Mail is mail. If you are running a mailserver, it should
be able to cope with all types of mail, irrelevant of
(creation|submission)
method.
But...if they're using webmail, it bypasses your mail
On Thu, 2005-05-05 at 14:51 +0100, Matt Fretwell wrote:
Dennis Peterson wrote:
as it is harder to scan those messages for viruses
Nonsense. Mail is mail. If you are running a mailserver, it should
be able to cope with all types of mail, irrelevant of
(creation|submission)
Matt Fretwell said:
Dennis Peterson wrote:
as it is harder to scan those messages for viruses
Nonsense. Mail is mail. If you are running a mailserver, it should
be able to cope with all types of mail, irrelevant of
(creation|submission)
method.
But...if they're using webmail, it
Exactly. Whatever numpty would have a web based application sending mail
directly, bypassing your smtp,
Yahoo, gmail, etc
(No, their web mail applications work as they're supposed to, sending mail to
their pool of MTA's.)
--
John Madden
UNIX Systems Engineer
Ivy Tech State College
Daniel J McDonald wrote:
Right, so they should be blocked.
The likes of those webmail systems are no worse that admins who do not
configure their outgoing smtp to scan for virii. An outbreak can originate
from any poorly configured mail system, regardless of type.
Did you read the original
John Madden said:
Exactly. Whatever numpty would have a web based application sending
mail
directly, bypassing your smtp,
Yahoo, gmail, etc
(No, their web mail applications work as they're supposed to, sending mail
to
their pool of MTA's.)
If they were running their systems
Dennis Peterson wrote:
If they were running their systems properly we wouldn't be having this
conversation. The clients of those systems are able to retrieve mail and
attachments straight to local storage while by-passing local filters
(and policy). Not very different from browsing ftp sites
On May 5, 2005, at 9:40 AM, Dennis Peterson wrote:
Bart Silverstrim said:
On May 5, 2005, at 8:02 AM, Matt Fretwell wrote:
Daniel J McDonald wrote:
as it is harder to scan those messages for viruses
Nonsense. Mail is mail. If you are running a mailserver, it should
be
able to cope with all types
thus Matt Fretwell spake:
Dennis Peterson wrote:
If they were running their systems properly we wouldn't be having this
conversation. The clients of those systems are able to retrieve mail and
attachments straight to local storage while by-passing local filters
(and policy). Not very
If they were running their systems properly we wouldn't be having this
conversation. The clients of those systems are able to retrieve mail and
attachments straight to local storage while by-passing local filters (and
policy). Not very different from browsing ftp sites in that regard, and
Matt Fretwell said:
Dennis Peterson wrote:
If they were running their systems properly we wouldn't be having this
conversation. The clients of those systems are able to retrieve mail and
attachments straight to local storage while by-passing local filters
(and policy). Not very different
Hello.
var/spool/exim/scan/1DTkDH-000McG-5o/1DTkDH-000McG-5o-0.zip: Input/Output
error ERROR
I've never seen this error before in the log. Yesterday I've upgraded
clamav from 0.83 to 0.84.
mailto:[EMAIL PROTECTED]
. 230-69-34, 295-03-65, 461-97-10
ICQ: 195165907
Bart Silverstrim wrote:
My webmail is configured to use our standard smtp servers for all
inbound/outbound mail. It really isn't all that difficult.
My understanding was that we were talking about people accessing Yahoo
or Hotmail from work, not your own internal mail servers with a
. wrote:
Hello.
var/spool/exim/scan/1DTkDH-000McG-5o/1DTkDH-000McG-5o-0.zip: Input/Output
error ERROR
I've never seen this error before in the log. Yesterday I've upgraded
clamav from 0.83 to 0.84.
Hi,
Most likely a password protected zip file. I'm trying to find a
solution to that
On Thu, 5 May 2005 17:39:06 +0300
ó×ÅÔÌÏ× á.á [EMAIL PROTECTED] wrote:
Hello.
var/spool/exim/scan/1DTkDH-000McG-5o/1DTkDH-000McG-5o-0.zip:
Input/Output error ERROR I've never seen this error before in the log.
Yesterday I've upgraded clamav from 0.83 to 0.84.
I've already answered this.
Tomasz Kojm wrote:
On Thu, 5 May 2005 17:39:06 +0300
ó×ÅÔÌÏ× á.á [EMAIL PROTECTED] wrote:
Hello.
var/spool/exim/scan/1DTkDH-000McG-5o/1DTkDH-000McG-5o-0.zip:
Input/Output error ERROR I've never seen this error before in the log.
Yesterday I've upgraded clamav from 0.83 to 0.84.
I've already
On Thu, 2005-05-05 at 09:32 -0500, John Madden wrote:
If they were running their systems properly we wouldn't be having this
conversation. The clients of those systems are able to retrieve mail and
attachments straight to local storage while by-passing local filters (and
policy). Not very
Dennis Peterson wrote:
Very true - but policy is far less expensive than new hardware, and
there are no licensing fees. I'd have to see the business reason to go
there.
The one business reason I can think of offhand, which is irrespective of
any other consideration, is stupidity. People
Daniel J McDonald wrote:
Maybe, but we have blocked
web-based-outside-e-mail-such-as-yahoo-or-msn-or-gmail-that-doesn't-use
-our-MTA (Hopefully that is explicit enough for the nit-pickers who
can't read context)
Explicit, but terrible punctuation :)
Matt
thus Daniel J McDonald spake:
On Thu, 2005-05-05 at 09:32 -0500, John Madden wrote:
If they were running their systems properly we wouldn't be having this
conversation. The clients of those systems are able to retrieve mail and
attachments straight to local storage while by-passing local
Hello.
Yesterday, I upgrade 0.83 to 0.84, in the Clamav logs appeared the
following text:
Thu May 5 08:23:24 2005 - /tmp/clamav-f328f9feb1dd7c70/msg.Hlx9fg:
Worm.Sober.P FOUND
LibClamAV Warning: Not reloading database until idle
LibClamAV Warning: Not accepting inputs at the moment
LibClamAV
On Thu, 2005-05-05 at 16:53, Dario Ale wrote:
Hello.
Yesterday, I upgrade 0.83 to 0.84, in the Clamav logs appeared the
following text:
Thu May 5 08:23:24 2005 - /tmp/clamav-f328f9feb1dd7c70/msg.Hlx9fg:
Worm.Sober.P FOUND
LibClamAV Warning: Not reloading database until idle
LibClamAV
LibClamAV Warning: Not accepting inputs at the moment
I had the same problem. Since I started using --external, I never more got
this error. I am not sure it was a coincidence or not, but you may try it.
Regards,
Jose Hime
___
Matt Fretwell wanted us to know:
as it is harder to scan those messages for viruses
Nonsense. Mail is mail. If you are running a mailserver, it should be
able to cope with all types of mail, irrelevant of (creation|submission)
method.
Nonsense. A user clicks on a webmail message, opens the
Todd Lyons said:
Matt Fretwell wanted us to know:
as it is harder to scan those messages for viruses
Nonsense. Mail is mail. If you are running a mailserver, it should be
able to cope with all types of mail, irrelevant of (creation|submission)
method.
Nonsense. A user clicks on a webmail
Thanks for your answer the questions, clamav-milter run with this options:
/usr/local/sbin/clamav-milter --quiet --dont-wait -N -d -l -o -f
/var/run/clmilter.sock
Are you needing more data? Thanks.
pd: sorry, my english not is good...
Cordialmente,
Dario Ale
Telpin Ltda. - Area Internet
Tel.:
Thanks, now I am going to proved it.
Cordialmente,
Dario Ale
Telpin Ltda. - Area Internet
Tel.: +54 (2254) 40-9800
Jose Luis Hime wrote:
LibClamAV Warning: Not accepting inputs at the moment
I had the same problem. Since I started using --external, I never more got
this error. I am not sure it
this Dennis Peterson spake:
Todd Lyons said:
Matt Fretwell wanted us to know:
as it is harder to scan those messages for viruses
Nonsense. Mail is mail. If you are running a mailserver, it should be
able to cope with all types of mail, irrelevant of (creation|submission)
method.
Nonsense.
On Thursday 05 May 2005 17:26, Dario Ale wrote:
Thanks for your answer the questions, clamav-milter run with this options:
/usr/local/sbin/clamav-milter --quiet --dont-wait -N -d -l -o -f
/var/run/clmilter.sock
Are you needing more data? Thanks.
There is a multi-threading bug here, and
On May 5, 2005, at 10:45 AM, Matt Fretwell wrote:
Bart Silverstrim wrote:
My webmail is configured to use our standard smtp servers for all
inbound/outbound mail. It really isn't all that difficult.
My understanding was that we were talking about people accessing Yahoo
or Hotmail from work, not
Bart Silverstrim wrote:
This is actually two separate scenarios.
That was Daniel's fault instigated by his being vague :)
To which someone replied that in a *PROPER* network that is *well
managed* this isn't a worry because we block all external mail hosts
and use a proxy for web
Hello,
Am currently looking into integrating clamav with the openwebmail project and
have been asked to find out if it is possible to install the clamav on
different / selected virtual sites eg. one of 3 virtual sites would be
unprotected until protection is requested. If it is possible then
On May 5, 2005, at 2:38 PM, Matt Fretwell wrote:
Bart Silverstrim wrote:
This is actually two separate scenarios.
That was Daniel's fault instigated by his being vague :)
Now, a clever man would put the poison into his own goblet, because he
would know that only a great fool would reach for what
Now, a clever man would put the poison into his own goblet, because he
would know that only a great fool would reach for what he was given. I
am not a great fool, so I can clearly not choose the wine in front of
you. But you must have known I was not a great fool, you would have
counted
Where can we get a built for clamav for Tiger?
Dale Walsh schrieb:
[Stuff deleted]
The issues with zziplib are based on incorrect syntax, the only reason
it flew before was that gcc3.3 wasn't as strict and would allow
improper syntax to pass unless it was fatal.
I've been able to get it
Bart Silverstrim wrote:
On May 5, 2005, at 2:38 PM, Matt Fretwell wrote:
Bart Silverstrim wrote:
This is actually two separate scenarios.
That was Daniel's fault instigated by his being vague :)
Now, a clever man would put the poison into his own goblet, because he
would know that only a great
What causes the following log entries:
LibClamAV Warning: Not reloading database until idle
LibClamAV Warning: Not accepting inputs at the moment
The 2nd message repeats several hundred times.
This happened the other day and local mail delivery ground to a complete halt
(I think outbound mail
Mike Nolan wrote:
LibClamAV Warning: Not reloading database until idle
LibClamAV Warning: Not accepting inputs at the moment
This question was asked, and advised upon, less than four hours ago.
Check the archives.
Matt
___
On Thu, 5 May 2005, Mike Nolan wrote:
LibClamAV Warning: Not reloading database until idle
LibClamAV Warning: Not accepting inputs at the moment
The 2nd message repeats several hundred times.
This happened the other day and local mail delivery ground to a complete halt
(I think outbound mail
What OS? What version of ClamAV? What MTA? If sendmail, are you using
the milter? If you're using the milter, are you using --external or any
other interesting flags?
It happened again at around 7AM this morning, I gave up and rebooted
the machine again at 2PM this afternoon.
This question was asked, and advised upon, less than four hours ago.
Check the archives.
Matt, I don't think that thread got to me, I certainly don't recall
having seeing it, and I've been watching the list closely because this
problem has been bugging me for several days.
Moreover, it
Mike Nolan wrote:
This question was asked, and advised upon, less than four hours ago.
Check the archives.
Matt, I don't think that thread got to me, I certainly don't recall
having seeing it, and I've been watching the list closely because this
problem has been bugging me for several days.
Mike Nolan wrote:
This question was asked, and advised upon, less than four hours ago.
Check the archives.
Matt, I don't think that thread got to me, I certainly don't recall
having seeing it, and I've been watching the list closely because this
problem has been bugging me for several
In the end, make fails with:
In file included from ./zziplib/zzip.h:21,
from zziplib/zzip-dir.c:18:
./zziplib/zziplib.h:91: error: parse error before zzip_ssize_t
./zziplib/zziplib.h:91: warning: data definition has no type or storage class
./zziplib/zziplib.h:194: error: parse
Hi There,
This is probably an idiots question but i've only just got my new MTA
working 2 days before 0.84 was released an I dont want to mess up days
of hard work by doing anything wrong.
Basically to upgrade from .83 to .84 i should do the following:
Download new tarball.
Backup existing
On Thursday 05 May 2005 20:23, Mike Nolan wrote:
What causes the following log entries:
LibClamAV Warning: Not reloading database until idle
LibClamAV Warning: Not accepting inputs at the moment
The 2nd message repeats several hundred times.
This happened the other day and local mail
On Thursday 05 May 2005 21:11, Mike Nolan wrote:
This question was asked, and advised upon, less than four hours ago.
Check the archives.
Matt, I don't think that thread got to me, I certainly don't recall
having seeing it, and I've been watching the list closely because this
problem has
Andy Loates wrote:
Hi There,
This is probably an idiots question but i've only just got my new MTA
working 2 days before 0.84 was released an I dont want to mess up days
of hard work by doing anything wrong.
Basically to upgrade from .83 to .84 i should do the following:
Download new
On Thu, 2005-05-05 at 23:17 +0100, Andy Loates wrote:
Hi There,
This is probably an idiots question but i've only just got my new MTA
working 2 days before 0.84 was released an I dont want to mess up days
of hard work by doing anything wrong.
Basically to upgrade from .83 to .84 i should
Hello all,
I'm not trolling with this thread, so don't worry :)
Would any of you AIX system chaps out there happen to have a spare set of
OS discs which you would be willing to 'donate'?
I have an AIX capable machine for forwarding to one of the dev's so they
can work on the AIX support.
On 5/5/05, Josh Ansbridge Rutland ICT [EMAIL PROTECTED] wrote:
Hello,
Am currently looking into integrating clamav with the openwebmail project and
have been asked to find out if it is possible to install the clamav on
different / selected virtual sites eg. one of 3 virtual sites would be
On Thu, 2005-05-05 at 17:31 -0500, Daniel J McDonald wrote:
On Thu, 2005-05-05 at 23:17 +0100, Andy Loates wrote:
Hi There,
This is probably an idiots question but i've only just got my new MTA
working 2 days before 0.84 was released an I dont want to mess up days
of hard work by doing
Andy Loates wrote:
Shouldn't something like this be in the ClamAV docs?
Theoretically, it is. What are the archives, if not documentation?
Matt
___
http://lurker.clamav.net/list/clamav-users.html
Andy Loates said:
Hi There,
This is probably an idiots question but i've only just got my new MTA
working 2 days before 0.84 was released an I dont want to mess up days
of hard work by doing anything wrong.
Basically to upgrade from .83 to .84 i should do the following:
Download new
I haven't tried 10.4 yet, but Fink claims they have 0.84 working in their
source-based distibutions for 10.4
http://fink.sourceforge.net/pdb/search.php?summary=clam
Fink puts everything in a /sw directory, so it shouldn't interfere with anything
you've already installed elsewhere.
-Dan
Uwe
That won´t work at all! The SOURCE distribution has to be compiled. That
we still have the compile problem with Tiger !
A binary distribution on fink would be needed!
Greetings, Uwe
Daniel Mons schrieb:
I haven't tried 10.4 yet, but Fink claims they have 0.84 working in
their source-based
My silly university spent $0.5M on a commercial product to perform spam
and virus filtering (they have the if it costs that much, it MUST be
good mentality). And, just after they put it into production, Sober.P
came out and knocked it flat. After a couple days with multi-hour email
delays,
77 matches
Mail list logo