I'm running clamav-milter v0.72 with sendmail 8.12.11 on FreeBSD 4.10-RELEASE
i386 box. How can I add server name on X-Virus-Scanned: header?
-- X-Virus-Scanned: clamd / ClamAV version 0.72, clamav-milter version 0.72
-- on (null)
I want to change it like below.
++ X-Virus-Scanned:
Hello Rick,
Your page is great. I think the only thing is missing is graphs. I have
developed very simple system for clamav statistics and integrated it
with mrtg. below is the screenshot:
http://wrath.geoweb.ge/images/vstats.gif
The system works as follows:
admin is notified about infection
Motom Ohtani wrote:
I'm running clamav-milter v0.72 with sendmail 8.12.11 on FreeBSD 4.10-RELEASE
i386 box. How can I add server name on X-Virus-Scanned: header?
-- X-Virus-Scanned: clamd / ClamAV version 0.72, clamav-milter version 0.72
-- on (null)
I want to change it like below.
++
George Chelidze wrote:
admin is notified about infection incident.
I'm guessing you only get small amount of infections (e.g. less than
10.000 a day) ?
Regards,
Fajar
--
Please avoid sending me Microsoft Office attachments.
See http://www.newsforge.com/software/04/03/27/0134204.shtml
Yes we get approximately 1000 infections a day.
Best Regards,
Fajar A. Nugraha wrote:
George Chelidze wrote:
admin is notified about infection incident.
I'm guessing you only get small amount of infections (e.g. less than
10.000 a day) ?
Regards,
Fajar
--
George Chelidze
Hello Damian Menscher,
sorry for the late reply
This points me to random mirrors around the world. I'd have expected to
resolve to db.us.clamav.net, and get mirrors within the US. Everything
still works, but I wanted to report it since it should probably be
fixed. Or is this something I
At 6:56 -0400 11/6/04, Kevin Horton wrote:
Subject: Re: clamav 0.72 segfault
Hi,
On Jun 10, 2004, at 4:05 PM, Kevin Horton wrote:
I get a repeatable segfault when clamscan 0.72 tries to scan a
certain large Word file.
sudo clamscan /Users/kwh/Documents/Flying/RV/Avionics:Panel/gyros/gyros.doc
Yesterday I installed amavis_new together with clamav V 0.71
under SuSE 9.0. Amavis and clamav are both running under vscan
and amavis is installed in dir /var/spool/amavis. Amavis is
configured to be running in a dual sendmail configuration.
When receiving an email, I get following entry in
On Tue, 15 Jun 2004 at 12:32:44 -0500, Neil Aggarwal wrote:
Fajar:
you need to chown clamav:clamav your database directory too
(in my case it's /usr/local/share/clamav).
This is strange. I have my Database directory set to /var/clamav in
both /etc/freshclam.conf and /etc/clamav.conf.
On Wed, 16 Jun 2004 at 13:04:45 +0200, Harald Arnold wrote:
Yesterday I installed amavis_new together with clamav V 0.71
Just for completeness: You probably mean amavisd-new (note d).
under SuSE 9.0. Amavis and clamav are both running under vscan
and amavis is installed in dir
On Tue, Jun 15, 2004 at 10:57:36PM -0400, Rick Macdougall wrote the following:
snip
3)
Searchable List of all know virii ? What exactly do you want to see and
how would you go about doing it ? If you enter somefool in the current
Search form on the page, it will give you a list of all
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Just to let you know. Upgraded to 0.73 and problem solved.
Jim :-)
Dr James Allen
GnuPG key : ftp://ftp.heartsine.co.uk/hst_gpg_public_keys/jim.allen.hst.gpg.asc
On Thu, 10 Jun 2004 [EMAIL PROTECTED] wrote:
Hello clamav-users,
as i can see my clamav-milter doesn't work at all. that's because
when i send a message with the virus inside, the clamav-milter
doesn't block it or something like that...but whan i use clmadscan it
sais to me that it found a virus... but it's stupid. i need to scan
my
On Wednesday 16 Jun 2004 13:58, linz wrote:
as i can see my clamav-milter doesn't work at all. that's because
when i send a message with the virus inside, the clamav-milter
doesn't block it or something like that...but whan i use clmadscan it
sais to me that it found a virus... but it's
Am Mit, 2004-06-16 um 13.48 schrieb Tomasz Papszun:
On Wed, 16 Jun 2004 at 13:04:45 +0200, Harald Arnold wrote:
Yesterday I installed amavis_new together with clamav V 0.71
Just for completeness: You probably mean amavisd-new (note d).
Yes correct, amavisd-new-20030616-p5 !
[...]
Hi folks!
My clamav is not running anymore and I dont know why?
I thought perhaps I had an old version 0.70-rc so I installed the new
0.73,
but everytime I get everytime the same error:
I compiled it with:
./configure --sysconfdir=/etc;
make;
make install;
And then:
icebear # clamd
Illegal
On Wed, 16 Jun 2004 at 15:07:02 +0200, Harald Arnold wrote:
Am Mit, 2004-06-16 um 13.48 schrieb Tomasz Papszun:
On Wed, 16 Jun 2004 at 13:04:45 +0200, Harald Arnold wrote:
Socket definition:
srwxr-x---1 vscanvscan 0 Jun 16 10:29 amavisd.sock
Again, just for
btw the same with freshclam:
freshclam
ClamAV update process started at Wed Jun 16 15:22:02 2004
Reading CVD header (main.cvd): OK
main.cvd is up to date (version: 23, sigs: 21096, f-level: 2, builder:
ddm)
Reading CVD header (daily.cvd): OK
Downloading daily.cvd [*]
Illegal instruction
Hello Nigel,
Wednesday, June 16, 2004, 5:04:18 PM, you wrote:
NH On Wednesday 16 Jun 2004 13:58, linz wrote:
as i can see my clamav-milter doesn't work at all. that's because
when i send a message with the virus inside, the clamav-milter
doesn't block it or something like that...but whan
NH 4) Any output in /var/log/messages and /var/log/maillog?
looks like everything OK
Not sure what you mean by 'everything OK'. Do you mean you're now seeing messages
that viruses are being caught? Or nothing? Or startup messages? Do you mean that
it shows that it's scanning but marking
Content-type: Multipart/Alternative; boundary=Alt-Boundary-8157.30078100
--Alt-Boundary-8157.30078100
..
$ v /var/run/clamav/clamd.ctl
srwxrwxrwx1 amavis amavis 0 Jun 7 19:55
/var/run/clamav/clamd.ctl
OK, your are running both processes under user amavis - I think so.
On Wednesday 16 Jun 2004 15:02, linz wrote:
Hello Nigel,
Wednesday, June 16, 2004, 5:39:55 PM, you wrote:
NH Not sure what you mean by 'everything OK'. Do you mean you're now seeing messages
NH that viruses are being caught? Or nothing? Or startup messages? Do you mean that
NH it shows
!!! SOLVED !!! WAS ACCESS PROBLEM !!!
I've got no idea if the socket permissions have any bad results in
your situation. They shouldn't as the user matches. I did _not_ set
them manually. The socket is created with such ones.
I must add that I use postfix (while you - sendmail). So
The business I work for is currently running ClamAV
SpamAssassin w/ Qmail
I am having a hard time getting a startup script to work on
the FreeBSD 5.2.1-RELEASE install I have going
I have followed all of the Http://www.lifewithqmail.org and all
the ClamAV install docs as closely
Suggestions, critique, etc are welcomed.
It looks great! About the only thing I'd add is a list of offending IPs
with # of hits.
Drillable stats would be nice, too; maybe import the log into a dbm or
something every night
---
In the last two days I have received five hundred
megabytes of spam. I'm pretty sure it's mostly
viruses.
I'd like to find a way to delete individual
virus-infected messages from my mailbox, but the
clamscan --mbox command stops scanning upon finding
the first virus, and if I use the --remove
The business I work for is currently running ClamAV SpamAssassin w/
Qmail
I am having a hard time getting a startup script to work on the FreeBSD
5.2.1-RELEASE install I have going
I have followed all of the Http://www.lifewithqmail.org and all the
ClamAV install docs as closely as possible
Quoting Michael D. Crawford [EMAIL PROTECTED]:
In the last two days I have received five hundred
megabytes of spam. I'm pretty sure it's mostly
viruses.
I'd like to find a way to delete individual
virus-infected messages from my mailbox, but the
clamscan --mbox command stops scanning upon finding
Shayne Lebrun wrote:
Suggestions, critique, etc are welcomed.
It looks great! About the only thing I'd add is a list of offending IPs
with # of hits.
Drillable stats would be nice, too; maybe import the log into a dbm or
something every night
That is already available, all the information is
On Wed, 16 Jun 2004 at 7:40:38 -0700, Michael D. Crawford wrote:
[...]
What I think would work would be to unpack my mailbox
file into a directory of individual messages, one in
each file, and use clamscan --mbox --remove on that
directory, and then collect all the messages back into
an
On Wed, 16 Jun 2004, Michael D. Crawford wrote:
I'd like to find a way to delete individual
virus-infected messages from my mailbox, but the
formail / procmail . I sent a detailed method for doing this to the list in
the begining of April, check the archives.
On Wed, Jun 16, 2004 at 07:40:38AM -0700, Michael D. Crawford wrote:
What I think would work would be to unpack my mailbox
file into a directory of individual messages, one in
each file, and use clamscan --mbox --remove on that
directory, and then collect all the messages back into
an
Drillable stats would be nice, too; maybe import the log into a dbm or
something every night
That is already available, all the information is stored in MySQL.
Hrm. I'll slink back into my hole, now.
---
This SF.Net email is
Jim Maul wrote:
Quoting Michael D. Crawford [EMAIL PROTECTED]:
In the last two days I have received five hundred
megabytes of spam. I'm pretty sure it's mostly
viruses.
I'd like to find a way to delete individual
virus-infected messages from my mailbox, but the
clamscan --mbox command stops
All,
Will Clamav support ICAP?
Please advise.
Thx Rgds,
Awie
---
This SF.Net email is sponsored by The 2004 JavaOne(SM) Conference
Learn from the experts at JavaOne(SM), Sun's Worldwide Java Developer
Conference, June 28 - July 1 at
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wednesday 16 June 2004 11:09 am, Bert Koelewijn wrote:
Oh, come on! This is just shortcoming of ClamAV. Why have a --mbox
option if you can't identify the infected email?! RAV did this better.
The idea wasn't to do an entire file, it was to do
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Is it worth trying clamuko/dazuko? Useability/stability issues?
TIA
- --
Robin Lynn Frank
Director of Operations
Paradigm-Omega, LLC
==
Will the last person to leave,
please turn off the Internet.
-BEGIN PGP
This is a good reason to use maildirs.
Jim
Oh, come on! This is just shortcoming of ClamAV. Why have a --mbox option
if you can't identify the infected email?! RAV did this better.
Bert
So? Last time I checked RAV wasn't exactly free.
If it's not done in CVS yet then I suppose it might get done
Quoting B. van Ouwerkerk [EMAIL PROTECTED]:
This is a good reason to use maildirs.
Jim
Oh, come on! This is just shortcoming of ClamAV. Why have a --mbox
option if you can't identify the infected email?! RAV did this
better.
Bert
So? Last time I checked RAV wasn't exactly free.
If it's not done
I read in the FAQ that you don't have an option to
disinfect files, only to report on or delete them. I
would think it wouldn't be too hard to disinfect a
mailbox file though.
This might help clean out your mailbox.
cc -o clamfilter clamfilter.c
mv /var/mail/mybox mybox
./clamfilter mybox
On Wednesday 16 June 2004 12:00 pm, Michael S. Kazmier wrote:
Hello all,
I have recently upgraded from clamav-0.60 to clamav-0.73. I have clamd
running under supervise and multilog setup as per the instructions and long
mailing list archive, thanks all for the documentation. I also
FWIW, I would go for a solution with procmail :-)
Just curious, if clamav was running on the server, how did the infected
message
get into the mbox in the first place?
Jim
Clamav is not the same as clamav-milter :) so if someone prefers not to use
milter or whatever to get viri before they hit
On Wednesday 16 June 2004 09:38 am, Jeffrey Kroll wrote:
The business I work for is currently running ClamAV SpamAssassin w/
Qmail
I am having a hard time getting a startup script to work on the FreeBSD
5.2.1-RELEASE install I have going
I have followed all of the
B. van Ouwerkerk wrote:
This is a good reason to use maildirs.
Jim
Oh, come on! This is just shortcoming of ClamAV. Why have a --mbox
option if you can't identify the infected email?! RAV did this better.
Bert
So? Last time I checked RAV wasn't exactly free.
If it's not done in CVS yet then I
use LogFile /dev/stdout
works fine on my machine and every other machine I've used it on. No patch
required.
Thanks for the response Jeremy, but I get the unable to open log file for
append. On my system, /dev/stdout is mapped to:
# ls -l /dev/stdout
lrwxrwxrwx1 root root
Quoting B. van Ouwerkerk [EMAIL PROTECTED]:
FWIW, I would go for a solution with procmail :-)
Just curious, if clamav was running on the server, how did the
infected message
get into the mbox in the first place?
Jim
Clamav is not the same as clamav-milter :) so if someone prefers not to use
Bert Koelewijn wrote:
B. van Ouwerkerk wrote:
This is a good reason to use maildirs.
Jim
Oh, come on! This is just shortcoming of ClamAV. Why have a --mbox
option if you can't identify the infected email?! RAV did this better.
Bert
So? Last time I checked RAV wasn't exactly free.
If it's not
Just curious, if clamav was running on the server, how did the infected
message get into the mbox in the first place?
I've experienced this problem before when a new worm hits before Clam has
can detect it. Usually no more than a few infected messages get through
before Clam catches up. I'd
The viruses seem to be addressed to all the
permutations of the alphabet in the username, with the
domain always being goingware.com. Perhaps this was
meant to deliver the virus all to different people,
instead my personal email is being DOSed by this
virus.
Ask your hosting provider (or do it
Clamav is not the same as clamav-milter :) so if someone prefers not to use
milter or whatever to get viri before they hit the users mailbox they get
the mail into the mailbox. I'm running clamav-milter and find it s cool..
Ah...im running qmail so there is no milter. All this milter talk is
On Wed, 16 Jun 2004 09:34:16 -0700
Robin Lynn Frank [EMAIL PROTECTED] wrote:
Is it worth trying clamuko/dazuko? Useability/stability issues?
Better do not use it on a production system. Quite a useful feature,
though.
--
oo. Tomasz Kojm [EMAIL PROTECTED]
(\/)\.
Am Mit, 2004-06-16 um 16.23 schrieb Harald Arnold:
!!! SOLVED !!! WAS ACCESS PROBLEM !!!
Normaly clamd is defined and runned as user clamav. But when using
amavis the user for clamd should be the same user as amavis (vscan).
/etc/clamav and /var/clamd have been owned by user clamav. When
Hi,
I notice some errors in my cron.daily. I am running RedHat 9 and Clam 7.2.
Errors listed below :-
/etc/cron.daily/clamscan:
/etc/cron.daily/clamscan: line 1: clamscan: command not found
/etc/cron.daily/clamscan: line 1: sigtool: command not found
/etc/cron.daily/clamscan: line 1: sigtool:
On Wednesday 16 June 2004 04:26 pm, List wrote:
Hi,
I notice some errors in my cron.daily. I am running RedHat 9 and Clam 7.2.
Errors listed below :-
/etc/cron.daily/clamscan:
/etc/cron.daily/clamscan: line 1: clamscan: command not found
/etc/cron.daily/clamscan: line 1: sigtool: command
On Wed, 2004-06-16 at 22:26, List wrote:
Hi,
I notice some errors in my cron.daily. I am running RedHat 9 and Clam 7.2.
Errors listed below :-
/etc/cron.daily/clamscan:
/etc/cron.daily/clamscan: line 1: clamscan: command not found
/etc/cron.daily/clamscan: line 1: sigtool: command not
55 matches
Mail list logo