On 9/18/07, Dennis Peterson [EMAIL PROTECTED] wrote:
Build but don't install clamav. Edit the config.status file to add the
library references where appropriate (should be obvious). There are just
a few files that have regex.h included and can be found with
Or you can upgrade to latest SVN,
As always thanks to all:
Option 1)
replace *regex.h for pcreposix.h in all the following files:
# grep -l include.*regex\.h */*.c */*.h
clamav-milter/clamav-milter.c
clamscan/others.c
libclamav/regex_list.c
libclamav/phishcheck.h
#
We restart sendmail/clamd every morning. This morning this restart
failed on several servers. The startup hung when clamd was trying to
startup. I deleted everything in /var/lib/clamav (database files) and
everything started up just fine.
--
Roberto Ullfig - [EMAIL PROTECTED]
On 9/19/07, Roberto Ullfig [EMAIL PROTECTED] wrote:
We restart sendmail/clamd every morning. This morning this restart
failed on several servers. The startup hung when clamd was trying to
startup. I deleted everything in /var/lib/clamav (database files) and
everything started up just fine.
I
On 9/19/07, Roberto Ullfig [EMAIL PROTECTED] wrote:
We restart sendmail/clamd every morning. This morning this restart
failed on several servers. The startup hung when clamd was trying to
startup. I deleted everything in /var/lib/clamav (database files) and
everything started up just fine.
Rob MacGregor wrote:
On 9/19/07, Roberto Ullfig [EMAIL PROTECTED] wrote:
We restart sendmail/clamd every morning. This morning this restart
failed on several servers. The startup hung when clamd was trying to
startup. I deleted everything in /var/lib/clamav (database files) and
everything
Since we're treating clamav's detected phishes as spam, instead of
rejecting them (what we do with regular malware), we noticed that
the heuristic detection causes lots of false positives: in only a
few samples I detected legitimate paypal mails (and I know it's
legit because it's DomainKeys
Rob MacGregor writes:
Maybe you meant to include some actual technical details, like O/S,
version of clamav installed etc (and possibly why you restart sendmail
and clamd daily)?
it wasn't me that reported it, but i'm on the verge of doing the
same thing. here's why:
environment: solaris
On Wed, 2007-09-19 at 10:31 -0400, rick pim wrote:
Rob MacGregor writes:
Maybe you meant to include some actual technical details, like O/S,
version of clamav installed etc (and possibly why you restart sendmail
and clamd daily)?
it wasn't me that reported it, but i'm on the verge of
Rick,
I think sounds like the problem I had with regex in a previous post
Subject: clamscan does not terminate on specific HTMLfile
- down load and install PCRE I got it from freeware:
On Wednesday 19 September 2007 15:28, Roberto Ullfig wrote:
Rob MacGregor wrote:
On 9/19/07, Roberto Ullfig [EMAIL PROTECTED] wrote:
We restart sendmail/clamd every morning. This morning this restart
failed on several servers. The startup hung when clamd was trying to
startup. I deleted
Roberto Ullfig wrote:
Rob MacGregor wrote:
On 9/19/07, Roberto Ullfig [EMAIL PROTECTED] wrote:
We restart sendmail/clamd every morning. This morning this restart
failed on several servers. The startup hung when clamd was trying to
startup. I deleted everything in /var/lib/clamav
Trog writes:
You've taken note of the recent postings on trouble with the standard
Solaris regex library? And how to switch to using PCRE, which solves the
problem.
i have. i got this box mostly finished back in early august and then
took off on holidays before putting it into production.
Rick,
I guess your best bet is to switch off the PhishingScanURLs, if you
don't like the idea of using new code at this stage.
I am still testing the PCRE on a test server, and I still have my main
server running a crontab script which kills clamscan every now and then
when it has been
On 9/19/07, Jan-Pieter Cornet [EMAIL PROTECTED] wrote:
the heuristic detection causes lots of false positives: in only a
few samples I detected legitimate paypal mails (and I know it's
legit because it's DomainKeys signed),
please submit them as false-positives at
At 09:26 AM 9/19/2007, Jan-Pieter Cornet wrote:
Since we're treating clamav's detected phishes as spam, instead of
rejecting them (what we do with regular malware), we noticed that
the heuristic detection causes lots of false positives: in only a
few samples I detected legitimate paypal mails (and
rick pim wrote:
Trog writes:
You've taken note of the recent postings on trouble with the standard
Solaris regex library? And how to switch to using PCRE, which solves the
problem.
i have. i got this box mostly finished back in early august and then
took off on holidays before
Andrew Watkins wrote:
Rick,
I guess your best bet is to switch off the PhishingScanURLs, if you
don't like the idea of using new code at this stage.
I am still testing the PCRE on a test server, and I still have my main
server running a crontab script which kills clamscan every now and
I have a logrotate.d/clamav-daemon setup to rotate my clamav logs as
shown below:
/var/log/clamav/clamav.log {
rotate 5
daily
compress
delaycompress
create 640 clamav adm
postrotate
/etc/init.d/clamav-daemon reload-log /dev/null
endscript
}
It
micah wrote:
I have a logrotate.d/clamav-daemon setup to rotate my clamav logs as
shown below:
Whereas before the logrotation the log contained a lot more clamav
information, including what viruses were caught.
Is there a better way to rotate the log?
Are you sending clamd a SIGHUP
On Wed, 19 Sep 2007 10:51:16 -0700, Dennis Peterson wrote:
micah wrote:
I have a logrotate.d/clamav-daemon setup to rotate my clamav logs as
shown below:
Whereas before the logrotation the log contained a lot more clamav
information, including what viruses were caught.
Is there a
On Wed, 19 Sep 2007 18:37:13 +, micah wrote:
The logrotate.d/clamav does this:
1. Moves clamav.log to clamav.log.1
2. runs: /etc/init.d/clamav-daemon reload-log, which is effectively a
kill -1 (ie. HUP).
I've got the following associated config lines in clamd.conf:
LogSyslog false
Are there any signals I can send to clamd to tell it to reload its config
files? I've tried -HUP, -USR1 and -USR2, and I don't see anything in clamd
(8) about a command that clamd can take to reload configs (only reloading
database files).
Do I really need to interrupt the clamav scanning
Hi All,
Just a couple of updates, people who were having problems with ClamAV
restarts today and use SaneSecurity
signatures (or other Third-Party sigs for that matter) should have a
quick peek here:
http://sanesecurity.blogspot.com/2007/09/sanesecurity-news-corrupt-signatures.html
Sorry for
Quoting rick pim [EMAIL PROTECTED]:
so: i have three alternatives. in more or less the order of increasing
amount of work:
Forth alternative: use current SVN code, which has it's own regex code to
overcome platform issues.
-trog
___
Help us build
micah wrote:
Are there any signals I can send to clamd to tell it to reload its config
files? I've tried -HUP, -USR1 and -USR2, and I don't see anything in clamd
(8) about a command that clamd can take to reload configs (only reloading
database files).
Do I really need to interrupt the
Bill Landry wrote:
micah wrote:
Are there any signals I can send to clamd to tell it to reload its config
files? I've tried -HUP, -USR1 and -USR2, and I don't see anything in clamd
(8) about a command that clamd can take to reload configs (only reloading
database files).
Do I really need
On Wed, 19 Sep 2007 13:06:11 -0700, Bill Landry wrote:
Bill Landry wrote:
micah wrote:
Are there any signals I can send to clamd to tell it to reload its
config files? I've tried -HUP, -USR1 and -USR2, and I don't see
anything in clamd (8) about a command that clamd can take to reload
micah wrote:
On Wed, 19 Sep 2007 18:37:13 +, micah wrote:
The logrotate.d/clamav does this:
1. Moves clamav.log to clamav.log.1
2. runs: /etc/init.d/clamav-daemon reload-log, which is effectively a
kill -1 (ie. HUP).
I've got the following associated config lines in clamd.conf:
On Wed, Sep 19, 2007 at 07:44:08PM +0300, Török Edvin wrote:
See bug #551 about that.
Ew. The discussion there only makes me want to make the disabled
heuristic setting permanent.
On Wed, Sep 19, 2007 at 12:11:10PM -0500, Noel Jones wrote:
I think it would be insane to reject or discard mail
micah wrote:
On Wed, 19 Sep 2007 13:06:11 -0700, Bill Landry wrote:
Bill Landry wrote:
micah wrote:
Are there any signals I can send to clamd to tell it to reload its
config files? I've tried -HUP, -USR1 and -USR2, and I don't see
anything in clamd (8) about a command that clamd can take
31 matches
Mail list logo