On 9/28/10 5:40 AM, Daniel McDonald wrote:
On 9/28/10 2:05 AM, Dennis Petersondenni...@inetnw.com wrote:
On 9/27/10 11:55 PM, Török Edwin wrote:
On Tue, 28 Sep 2010 04:36:15 +0200
If you want to reject by content, you can do that as well (only for
nonencrypted archives of course) by
On 9/27/10 1:24 PM, Alex wrote:
Hi,
In addition, there a brilliant Third-Party signature decoder here, which
will easily show you the content of the Third-Party signature,
just cut/paste or type in the signature name and it'll decode it:
http://www.sanesecurity.com/clamav/decodesigs.htm
On 9/21/10 9:55 PM, Nathan Gibbs wrote:
* Nathan Gibbs wrote:
I won't say that my implementation is the best way, it certainly isn't pretty,
but it works.
Now will the REAL C CODERS PLEASE STAND UP!
Do it right and show me how its done.
Better yet, just do it right the first time, and I
It builds and runs without weirdness on Solaris 9, Sparc, gcc 3.3.2, Solaris 10,
Sparc, gcc 3.4.2, Apple OS X Snow Leopard 32-bit, gcc 4.2.1, Snow Leopard Server
64-bit, gcc 4.2.1, and Red Hat Linux 5.4, gcc 4.1.2.
I'm happy here. And yes, 3.3.2 is getting pretty old and tired.
dp
On 9/22/10 6:58 AM, Nathan Gibbs wrote:
Those guys could do this better than me any day of the week. They could code
circles around me, but so far they won't. what does that tell you?
They have higher priorities.
dp
___
Help us build a
On 9/15/10 5:58 AM, cla...@pcez.com wrote:
Hello,
Let's try it again. I did not get a response last time so I will try it again
not trying to insult anyone with my stupidly.
I'm trying to use the whitelist file without much success. Could someone post
your clamav.whitelist file so I can see
On 9/15/10 7:47 AM, Tomasz Kojm wrote:
On Tue, 14 Sep 2010 09:22:48 -0700 Dennis Petersondenni...@inetnw.com
wrote:
Time tests of sigtool --find-sigs compared to grep. The output of either
sigtool or grep can be piped back in to sigtool --decode-sigs:
$ time sigtool --find-sigs
On 9/15/10 11:15 AM, Török Edwin wrote:
On Wed, 15 Sep 2010 10:05:02 -0700
Dennis Petersondenni...@inetnw.com wrote:
On 9/15/10 7:47 AM, Tomasz Kojm wrote:
On Tue, 14 Sep 2010 09:22:48 -0700 Dennis
Petersondenni...@inetnw.com wrote:
Time tests of sigtool --find-sigs compared to grep. The
On 9/15/10 10:02 AM, Jerry wrote:
On Wed, 15 Sep 2010 09:36:44 -0700
Dennis Petersondenni...@inetnw.com articulated:
Some of us see that request as a breach of etiquette as well as a
security risk. I really don't wish to publish my free pass info :)
So you enter random data in the fields. T
On 9/14/10 1:55 AM, Tomasz Kojm wrote:
On Mon, 13 Sep 2010 20:54:28 +0100 Steve Basford
steveb_cla...@sanesecurity.com wrote:
In addition, there a brilliant Third-Party signature decoder here, which
will easily show you the content of the Third-Party signature,
just cut/paste or type in the
Has any thought been given to allowing optional additional database directory
locations? I've never been real happy mixing the OFFICIAL signatures with the
UNOFFICIAL signatures, and there are some pragmatic reasons for avoiding
this intermingling.
Perhaps:
DatabaseDirectoryIncludePath
On 9/5/10 12:11 PM, Ted the insane wrote:
Hello,
How to exclude path form clamd?
And without Clamuko.
Thank you
Best regards
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Try
On 8/23/10 7:45 AM, Jean Jacques Siebrits wrote:
WARNING: Current functionality level = 44, recommended = 51
rpm -qi clamav
Sorry, I forgot to mention it was a source installation. Configuration
string was:
./configure --prefix=/usr --sysconfdir=/etc --datadir=/var/run/clamav
On 8/16/10 11:38 AM, Tomasz Kojm wrote:
Dear users,
ClamAV 0.96.2 was released on August 12, 2010. If you missed it check
it out here: http://www.clamav.net/download/sources. Highlights include:
It's compiled and runs fine in Solaris 9 and 10, and RHEL 5.4, here.
9.6.1 did not put a notice
On 8/3/10 12:35 AM, Steve Basford wrote:
I've discontinued using them because of the lack of activity. I've also
shut off
SecuriteInfo and because of false positives, InetMsg signatures.
Hi Dennis,
If any FP's are reported here:
false_positive AT sanesecurity DOT me DOT uk
And surely the
On 8/6/10 6:20 PM, Bill Landry wrote:
On 8/6/2010 9:42 AM, Dennis Peterson wrote:
On 8/3/10 12:35 AM, Steve Basford wrote:
I've discontinued using them because of the lack of activity. I've also
shut off
SecuriteInfo and because of false positives, InetMsg signatures.
Hi Dennis,
If any
On 8/2/10 7:48 PM, Alex wrote:
Hi all,
I was thinking of implementing the MSRBL signatures, as they are
described on the sanesecurity site, but it appears they haven't been
updated in quite some time. I wouldn't have considered it, except that
they are listed on the sanesecurity site.
Are they
On 7/26/10 4:27 AM, Moray Henderson wrote:
Now that mobile telephones have become advanced (stupid?) enough to
require virus protection, can ClamAV be usefully run on a mobile? Or
can anyone recommend free AV software for mobile devices?
Virus protection is a heavy weight process that does
On 07/06/2010 09:38 AM, Chuck Swiger wrote:
Hi, JD--
So, the fedora distro people screwed up by setting it to level 44 in the
source code?
Is it possible you installed only a clam client and not the full suite?
So, should I be bringing this up with the fedora team?
Check first
On 07/06/2010 10:28 AM, Dennis Peterson wrote:
On 07/06/2010 09:38 AM, Chuck Swiger wrote:
Hi, JD--
So, the fedora distro people screwed up by setting it to level 44 in the
source code?
Is it possible you installed only a clam client and not the full suite?
You must
On 7/6/10 3:27 PM, JD wrote:
I ran:
$ sudo clamdscan -l /tmp/clamdscan.log /sda1
/sda1 is the mount point for my windows partition.
I got tons of error mssages like this one:
/sda1/WINDOWS/Installer/265ad74.msp: Can't create temporary directory ERROR
In what directory is clamdscan trying
On 7/6/10 5:31 PM, JD wrote:
On 07/06/2010 05:00 PM, Dennis Peterson wrote:
clamconf |grep TemporaryDir
$ clamconf |grep TemporaryDir
TemporaryDirectory = /var/tmp
TemporaryDirectory disabled
Is that what's causing it? The disabled setting?
Where do I enable it?
Now that we see you have
On 6/3/10 5:57 AM, Steve Basford wrote:
You can use 'sigtool -fPUA.HTML.Infected.WebPage' to find and print the
sigs, no need to unpack.
Also works for:
sigtool -fSanesecurity.Phishing.Fake.13780 | sigtool --decode-sigs
Could a --database type option be added to sigtool, for loading
On 5/25/10 7:51 AM, Tomasz Kojm wrote:
On Tue, 25 May 2010 16:27:48 +0200 Sarocetsaro...@gmail.com wrote:
Tomasz Kojm wrote:
This scenario makes no much sense to me. First of all, as I wrote in the
previous email the files you provided as example are almost identical
(they only differ in high
On 5/22/10 1:12 AM, Török Edwin wrote:
On 05/22/2010 08:34 AM, Dennis Peterson wrote:
Has the team explored the notion of checking MD5 hashes of signature
files before deciding to reload them?
This might be useful if partial reloads would be supported, but see below.
clamd checks
On 5/13/10 11:46 PM, Török Edwin wrote:
On 05/14/2010 08:19 AM, Jason Haar wrote:
On 05/14/2010 02:52 PM, Dennis Peterson wrote:
On 5/13/10 7:10 PM, Jason Haar wrote:
Why is Sourcefire allowing a third-party to use their brandname (and
linking to their site) when it doesn't use ClamAV code
On 5/21/10 12:16 AM, Török Edwin wrote:
On 05/21/2010 08:40 AM, Dennis Peterson wrote:
On 5/20/10 10:27 PM, Dennis Peterson wrote:
While testing my build of 0.96.1 today I was alerted by a screen message
on starting clamd that I had two bytecode files - compressed and
uncompressed. I removed
On 5/21/10 7:17 AM, Török Edwin wrote:
On 05/21/2010 05:15 PM, Dennis Peterson wrote:
This is Solaris 9 on Sparc.
OK, I'll do some tests on Solaris9/Sparc.
Is everything OK on Solaris10/Sparc?
Haven't built that one yet. I'm still trying to understand what happened here.
dp
On 5/21/10 7:17 AM, Török Edwin wrote:
On 05/21/2010 05:15 PM, Dennis Peterson wrote:
I don't get this error, what OS/arch is this?
ERROR: Failed to load new database: Malformed database
This message was in freshclam's log though, right?
This is Solaris 9 on Sparc.
OK, I'll do some
On 5/21/10 8:14 AM, Shawn Bakhtiar wrote:
If your using wget:
form the man pages under -c option
Note that you don’t need to specify this option if you just want the current
invocation of Wget to retry downloading a file should the connection be lost
midway through. This is
On 5/21/10 8:33 AM, Freddie Cash wrote:
It may not have happened on your network, but it's (filtering outbound
traffic) saved our bacon several times over the years, especially back in
the Code Red/Nimda days. And, in an educational setting (I work for a
school district now), you definitely do
On 5/21/10 8:22 AM, Török Edwin wrote:
-lmalloc? That looks like something related to the memory allocation
failure? Can you try without it?
And I'll try to see if I can reproduce the problem with -lmalloc.
Yep it fails with -lmalloc here.
Please remove that from LDFLAGS, and it should
On 5/21/10 9:28 PM, ClamAV List wrote:
Hi,
I upgraded to 0.96.1. Whenever I restart clamd, it will prompt me the error
below.
Starting Clam AntiVirus Daemon: LibClamAV Warning: Detected duplicate
databases /var/clamav/main.cvd and /var/clamav/main.cld, please manually
remove one of them
Has the team explored the notion of checking MD5 hashes of signature files
before deciding to reload them? Is it even possible to reload only those that
have changed since the last reload?
dp
___
Help us build a comprehensive ClamAV guide: visit
On 5/10/10 8:43 AM, Eddie Ekwo wrote:
Hello Everyone.
I am new to using ClamAV and I have searched through the mail archives for
help/pointers on setting up a tired freshclam update environment.
I have got a server that has access to the internet on port 80, so updates from
internet are not
On 5/13/10 7:54 AM, Cliff Hayes wrote:
Hello,
I am a system administrator who manages many servers and need a way to
programatically ping clamd on a server and get a response which I can
interpret to mean clamd is ok or the engine needs to be updated.
Unfortunately, I often get overwhelmed and
On 5/12/10 12:59 PM, Shawn Bakhtiar wrote:
ClamWin Free Antivirus is based on ClamAV engine and uses GNU General Public
License by the Free Software Foundation, and is free (as in freedom) software.
To find out more about GNU GPL, please visit the following link: Philosophy of
the GNU
On 5/13/10 7:10 PM, Jason Haar wrote:
On 05/13/2010 01:57 AM, Bowie Bailey wrote:
No, ClamAV for Windows currently does not use the ClamAV engine
(although there is talk of adding it in). It instead uses Immunet's
cloud-based antivirus.
http://www.immunet.com/protect
Huh? That comes as a
On 5/13/10 10:19 PM, Jason Haar wrote:
On 05/14/2010 02:52 PM, Dennis Peterson wrote:
On 5/13/10 7:10 PM, Jason Haar wrote:
Why is Sourcefire allowing a third-party to use their brandname (and
linking to their site) when it doesn't use ClamAV code itself? It
supports other AV vendor products
On 5/12/10 3:58 PM, Wolfgang Breyha wrote:
Hi!
In the last week I noticed several times that freshclam needs up to 30
minutes using a full CPU to update safebrowsing database.
Most of the time the next update shows
Empty script safebrowsing-20426.cdiff, need to download entire database
What's
On 5/4/10 1:25 PM, Freddie Cash wrote:
Add the volatile repo to /etc/apt/sources.list, if it's not already there.
Then it's a simple:
aptitude update
aptitude install clamav-daemon clamav-freshclam
aptitude will install everything else automatically.
Does it first uninstall the
On 5/4/10 8:01 PM, eric wrote:
Strange, clamav has been update, but still cannt found Virus.MSExcel.Agent.c
, Any idea will be appreciate.
It's there. It isn't called Virus.MSExcel.Agent.c:
X97M.Escape:0:*:74696d6576616c7565{-14}22737461727475702e786c732179636f7022*6f6e2e73746172747570
dp
On 5/4/10 5:56 PM, Freddie Cash wrote:
On Tue, May 4, 2010 at 5:11 PM, Dennis Petersondenni...@inetnw.com wrote:
On 5/4/10 1:25 PM, Freddie Cash wrote:
Add the volatile repo to /etc/apt/sources.list, if it's not already there.
Then it's a simple:
aptitude update
aptitude install
On 5/3/10 12:09 AM, Mark wrote:
On Apr 27, 2010, at 3:23 PM, Sarocet wrote:
The ClamAV team didn't design the AV to stop on getting a special
signature. That signature could exist due to a bug that you decided
not to fix (by not updating/patching). It was a clever use of a bug
to disable the
On 5/3/10 8:45 AM, Alex wrote:
Hi,
Dennis Peterson wrote:
Rsync is able to transfer only the differences between two files provided a
version of the file being
transferred exists on the source and the destination. In addition, rsync will
not transfer anything if it
determines
On 5/3/10 8:45 AM, Simon Hobson wrote:
It's actually more efficient than that !
It uses something similar to a rolling checksum to find throughout the
file. So in principal, you can add a short bit to the front of a large
file, or even chop a file up into chunks and rearrange them, and it will
On 5/2/10 8:14 AM, Tom Shaw wrote:
Trying now let you know in about 10
10.5.8 right now. 10.6 after we get this working
Tom
I was able to compile .96 in Snow Leopard with no modification.
dp
___
Help us build a comprehensive ClamAV guide: visit
On 5/2/10 9:59 AM, Alex wrote:
Hi,
Why are some of the databases duplicated in the clamav root dir and
also in the unofficial-dbs/ss-dbs directory, such as
winnow_malware.hdb?
The rsync protocol only downloads the changes between the local and remote
files, so the local file much be
On 4/29/10 7:06 AM, Adam Stephens wrote:
That error doesn't come from the mirrors; it comes from freshclam - the
message is in manager.c, and it's triggered by this check in mirman.c:
if(mdat-dbflevel (mdat-dbflevel flevel) (mdat-dbflevel -
flevel 3))
if(time(NULL) - mdat-mirtab[i].atime
Hi,
I've done some research on the best way to integrate it, but hoped
someone could point me to a current document that outlines how to do
this and help me answer some of my questions.
The best way to integrate them is to follow the instructions at Steve's
web site (Sane Security).
On 4/26/10 6:01 PM, Mark wrote:
Hello,
I just upgraded to clamav 0.96.1 on FreeBSD 7. Everyhing seemed to be
running fine, except that I suddenly got this message in my freshclam log:
WARNING: Clamd was NOT notified: Can't find or parse configuration file
yes
It used to say Clamd
On 4/24/10 6:36 AM, Stephen Gran wrote:
On Fri, Apr 23, 2010 at 05:02:07PM -0700, Chris Knight said:
On Fri, Apr 23, 2010 at 1:39 PM, Christopher X. Candreva
ch...@westnet.com wrote:
On Fri, 23 Apr 2010, Simon Hobson wrote:
So, it still runs the software it used to run ? Yes
It's running
On 4/23/10 8:41 AM, Jim Preston wrote:
Just a question, but what time is freshclam running? Most of the time a
majority of people run freshclam at the top of the hour which means you
are in heavy competition for resources. I have mine set to run via cron
at ten minutes after the hour.
Jim
On 4/23/10 10:46 AM, Dennis Peterson denni...@inetnw.com wrote:
On 4/23/10 8:41 AM, Jim Preston wrote:
Just a question, but what time is freshclam running? Most of the time a
majority of people run freshclam at the top of the hour which means you
are in heavy competition
On 4/21/10 11:08 PM, Steve Holdoway wrote:
Alienating those 'asshat whiners' will revert them to being windows
admins, and our career prospects dwindle ever further.
I'm over that, too. It means I'll always have a job if there is no competition.
I don't have any notion of ever being a
On 4/21/10 11:16 AM, Stephen Gran wrote:
Faced with an old release of software that will die if the team uses
new functionality due to a known bug, and people who will not upgrade
to the version that fixes this bug, and a reasonably urgent need to use
the new functionality, what exactly would
On 4/21/10 12:10 PM, Francesco Peeters wrote:
http://www.engadget.com/2010/04/21/mcafee-update--shutting-down-xp-machines/?sms_ss=email
:-þ
Received from McAfee earlier today:
Folks,
I have been collecting information as it has been flowing across the
wire on my side. If you are not the
On 4/21/10 8:03 PM, Steve Wray wrote:
I believe that best practice with this sort of thing is to only issue
warnings and not to actually force a potentially harmful change without
*express* consent of the user.
Suggest at least one way to inform all the users successfully that obsolete
On 4/21/10 8:20 PM, Dennis Peterson wrote:
know way of knowing
What the hell? Did I write that? :)
dp
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
On 4/21/10 10:06 PM, Eric Rostetter wrote:
Quoting Jim Preston jimli...@commspeed.net:
Read what I said. *functional* not security. Like, for example, php is
at 5.2.6 on lenny, unless you configure is differently. That's the whole
point of releases.
There are distros that release functional
On 4/21/10 10:31 PM, Steve Holdoway wrote:
Personally I'd like to see the masses catered for.
There's your problem. The masses are stump stupid. Ever was it so. It is no
accident that 'exceptional' means not typical. Exceptional does not include the
masses. If the best we shoot for is to
On 4/19/10 9:22 AM, Jim Preston wrote:
But on a more serious note, what method would you like to have had them
take to make you aware of the impending failure?
The question wasn't directed to my but I'd like to see them be more selective as
to who should be allowed to use this product.
On 4/19/10 1:17 PM, Dan wrote:
Really, a mission-critical
product such as ClamAV needs to be watched by the sysadmin, not left for
someone else to do it for you.
You've passed the IQ test.
Next.
dp
___
Help us build a comprehensive ClamAV guide:
On 4/18/10 1:27 PM, Spiro Harvey wrote:
Shame you haven't talked to to others - like havp for example - before
doing this.
The announcement to EOL the old releases was made at the start of
october last year. If people using clam as an integral part of their
software don't read announcements,
On 4/18/10 3:11 PM, Hauke Duden wrote:
OK. Sorry for the confusion.
Shouldn't this be in the FAQ (or was I just too blind to find it?)? I'd
hate to think that I am the only one making this mistake.
ClamAV is an antivirus tool. It is reasonable to expect it will be used on file
systems
On 4/17/10 9:03 PM, Jim Preston wrote:
I whole heartedly agree Dan. However I have been slandered today being
called arrogant and ignorant, so what do I know?
Yutz on the left, mench on the right. This EOL process has been a test. It was a
simple test to separate yutz from mench. If you
On 4/16/10 8:05 AM, Giampaolo Tomassoni wrote:
Was the 'stop gap' really useful? To which purpose? Did the ClamAV team
meant to stop old installations to work, in order to silence competitors?
Perhaps to teach to clamav users about the very complex nature of today
systems and services?
On 4/15/10 11:33 AM, James Kinter wrote:
Thanks Edwin.
I think I get them from Dag, but Ill check and email the appropriate
offenders :-)
I setup a YUM repo to point to somewhere, so every update comes from the
same place every time.
Getting them from the same place is no guarantee that
One of my customers in Eastern Washington just got some mail blocked because of
this non-Clamav pattern:
:INetMsg.SpamDomain-2w.gonzaga_edu:4:*:(2e|2f|40|20|3c|5f)676f6e7a6167612e656475(27|22|20|2f|3d|5f|3e|0a|0d)
No way I'm telling the Zag's they're not getting their mail :)
Point being is
On 4/9/10 2:49 PM, Michael Swank wrote:
Please take me off the email list for now. Thank you.
mikesw...@aol.com
Instructions on how to do that are in every email header this list sends.
dp
___
Help us build a comprehensive ClamAV guide: visit
On 3/24/10 7:31 AM, Del Monte Paolo wrote:
Hi Giampaolo,
Are you sure that I can download the upgrade from a window server and put it
in a second time on a hpux server. The automatic upgrade don't depend on the
platform on witch I configure freshclam?
The clam scanners (clamd, clamscan) don't
On 3/16/10 2:38 PM, Nathan Gibbs wrote:
* Steve Holdoway wrote:
On Sat, 2010-03-13 at 08:25 -0500, Nathan Gibbs wrote:
I get those errors with these clamd settings
CommandReadTimeout 120
ReadTimeout 900
This is with the milter load balancing across 5 nodes.
Cheap, Fast, Right, pick two.
On 3/16/10 6:01 PM, Steve Holdoway wrote:
So I'm stuck in this situation, with a clamd server at the same dc, but
connecting over tcp port 3310 just times out. I've sent the requestor a
tcpdump ( brave man and thanks! ), but am not too thrilled at posting it
publicly, as in anonymizing it I
On 3/7/10 3:06 PM, Robert S wrote:
I have been getting these messages in my logs when a message is detected as
a virus:
Mar 8 08:44:56 mypc clamav-milter[6112]: Message o27LiRP8029635 from
UNKNOWN to UNKNOWN with subject 'Important notice: Google'
message-id 'UNKNOWN' date 'UNKNOWN' infected by
On 3/2/10 7:58 AM, Nathan Gibbs wrote:
Question.
Why does freshclam suggest checking
http://www.clamav.net/support/mirror-problem
for possible problems with a a LOCAL MIRROR when it KNOWS that its
checking a local mirror.
There is nothing on that page that is inappropriate for debugging
On 3/2/10 10:14 AM, Nathan Gibbs wrote:
Not functional issues, just a couple rough edges that could use sanding.
You have an idea and the source code - implement it and submit the change. If
there is a pent up demand to prevent that lying SOB (freshclam) from spinning
yarns in the logs then
On 2/26/10 8:59 AM, Jerry wrote:
On Fri, 26 Feb 2010 12:14:50 +1300
Steve Holdowayst...@greengecko.co.nz articulated:
You what? In the last case I had a problem, it was a networked pc
infected with a trojan spewing spam out. Just *how* does SMTP Auth
stop this?
Your lack of knowledge is
On 2/25/10 6:09 AM, Steven Stern wrote:
If you're sending mail directly from your client to Google's SMTP
servers, your ISP isn't touching it as the connection to Google is
encrypted. What are you using for an SMTP server? For example, I'm
typing this in Thunderbird and the smtp server for
On 2/24/10 6:52 AM, Steven Stern wrote:
On 02/24/2010 08:06 AM, Jason (spot) Brower wrote:
It seems that some emails couldn't be checked. Encrypted Zip files in
particular. It seems that when I try to send them from Evolution
(Ubuntu 9.10) I get this message sent to my recipients. Is there
On 2/24/10 8:38 AM, Jerry wrote:
On Wed, 24 Feb 2010 10:33:09 -0500
Kris Deugaukdeu...@vianet.ca articulated:
Steven Stern wrote:
Checking outgoing mail is pointless. Why bother?
So you can reduce malware propagation? (And as a result, maybe not
end up on everyone's local blacklist for
On 2/24/10 9:15 AM, Jim Preston wrote:
No Dennis, you would just know they are coming from the spammer and not
zombies. Then again, there would be far fewer zombies if people took
personal responsibility for their computers
There are relatively few end points on the Internet that send mail out
On 2/24/10 10:10 PM, Erwan David wrote:
Le Wed 24/02/2010, Dennis Peterson disait
There are relatively few end points on the Internet that send mail
out without going through an ISP's gateway.
I'm not so sure about this. Compaies do not use ISP gateways...
Count the companies vs end users
On 2/3/10 11:29 AM, Lesiak, Stephen wrote:
We auth through LDAP and I noticed there was a piece in the install that
allowed for specifying a UID and GID.
I created clamav as a user and group in our instance of LDAP:
-sh-3.2# id clamav
uid=20722(clamav) gid=1045(clamav)
On 1/23/10 10:12 PM, John Rudd wrote:
removes MSRBL (as it's no longer being updated)
Did they declare themselves to be defunct, or are you declaring it for
them (without any actual announcement from them)?
The most recent news from them is Jan of this year:
http://msrbl.blogspot.com/
They
On 12/15/09 10:11 PM, dev.ad...@ntlworld.com wrote:
Hi,
I know this is an old topic that seems to have caused
some problems in the past and has apparently been fixed
in version .3, but I still can't get it to work.
I'm using OSX and I would like to scan the boot volume
but one of the
On 12/12/09 7:21 PM, Jason Frisvold wrote:
Hi all,
I seem to be having some problem with clamd and logrotate. Logrotate reloads
clamd after rotating the logfile and creating a new one, but clamd fails
reload with the following :
Reloading log file:
Mark Gregory wrote:
Hi,
If clamdscan calls clamd when it is run as a scheduled task is there a
reason for having clamd running as a windows service? It appears that it
would be loaded and using RAM for no reason.
If you are not in a hurry or not concerned with your scanning process spending
lists wrote:
Dennis, to give you some idea (if you did not already know) how cheap
Barracuda Networks are, they advertise for staff on Craigslist - because
it is free:
I am truly stunned you are so wound around Barracuda. I don't give a rip one way
or the other about them and I've not even
lists wrote:
On Thu, 2009-12-03 at 19:32 -0800, Dennis Peterson wrote:
http://www.barracudanetworks.com/ns/legal/
It's so good that TrendMicro thought it worth going to court to stop it.
It is good - and thanks to Dennis for pointing it out. The Barracuda
link is synonymous with the fact
lists wrote:
On Fri, 2009-12-04 at 08:31 -0800, Dennis Peterson wrote:
lists wrote:
On Thu, 2009-12-03 at 19:32 -0800, Dennis Peterson wrote:
http://www.barracudanetworks.com/ns/legal/
It's so good that TrendMicro thought it worth going to court to stop it.
It is good - and thanks to Dennis
Robin wrote:
Jan Pieter: Thanks for balancing out the arguments!
I have been trying to convince the upper end folks to accept clamav so
I was looking for some good use cases compared to McAfee CommandLine
Scanner, since this would be the product I would use from the
corporate standard of
Thomas Harold wrote:
On 12/3/2009 10:32 PM, Dennis Peterson wrote:
I quoted viruses above because much of what is found is actually
blacklisted URL's, scams, spam, etc. Very few true viruses show up
anymore.
That seems to be true if you're doing DNSBLs that block the dynamic
address
Tom Shaw wrote:
I'm running ClamAV on a Mac, Sun Sparc with Solaris, and Linux. I'll
soon have it running on a Mac Mini Server though on that system the
case issues will be corrected. Anyway - it works fine on a Mac.
Actually, Dennis, it comes preinstalled on Mini Server it just located
steve wrote:
... one of my other servers is under attack!
I've reverted to 0.95.2 - both build with
./configure --enable-milter --disable-clamuko
and is all running fine again. Can anyone suggest where to start with
sorting this one out?? Any config file changes I've missed, for example?
Taylor wrote:
Well, I've just published my 1st novel!
This would be more difficult if all our return addresses were cloaked by the
list server software or otherwise hidden from non-members.
dp
___
Help us build a comprehensive ClamAV guide: visit
Dan Irwin wrote:
I am wondering what is the best way to mirror database updates.
Use freshclam and a custom freshclam.conf file that places the downloaded and
tested files in a directory used by your mirroring software.
dp
___
Help us build a
fchan wrote:
Hello,
Ever since about 10-Nov-2009 1810UTC I haven't gotten any virus hits on
my mail server and I'm checking if anyone seen the same thing. Before
that time, I used to get about 1000 virus hits per day so are the virus
writers/spammers gone away or this is the quiet before the
David Vo wrote:
Please take me off this list.
The instructions to do this are in the headers of each message you've ever
received from this list server but which I include here:
Reply-To: ClamAV users ML clamav-users@lists.clamav.net
List-Id: ClamAV users ML clamav-users.lists.clamav.net
mp5 wrote:
Hi all,
I just came across this SigCreate free Signature creation tool program for
creating your own custom clamav signature database. The site says that it's
for clamav win32 but I'd guess one could use it for Linux platform as well.
Here is the link if anyone wants to check it
Steve Basford wrote:
The script I use has a bit more finesse than this simple overview. I use a
randomizer to prevent this process from running at the same minute past
the hour
Note there's a *tiny* chance if the script runs at 10.07 and then 11.03,
you'll get temp block for an hour from some
401 - 500 of 1693 matches
Mail list logo