[sending notification to receiver]
It's possible with Amavisd-new to do this, but if it's wise??? It can
confuse the receiver, so inform them good about this kind of messages
(or make the message very good).
Here we just delete the worms, what is the use of a message that you
just received the
On Wednesday 26 Jan 2005 23:41, Kritof Petr wrote:
Hi,
trying to start clamav-milter from 0.81 I get:
Starting clamav-milter: /usr/sbin/clamav-milter: ScanMail not defined in
/etc/clamd.conf (needed without --external)
What are your clamav-milter options?
Petr
--
Nigel Horne.
Tomasz Kojm [EMAIL PROTECTED]
Date: Tue, 25 Jan 2005 18:09:59 +0100
Subject: Re: [Clamav-users] Problem with clamd hanging
On Tue, 25 Jan 2005 17:48:08 +0100
[EMAIL PROTECTED] wrote:
Trog [EMAIL PROTECTED]
Thats normal behaviour. A gdb backtrace of each thread when it is
hanging is
On Thu, 27 Jan 2005 02:01:28 +0100 in
[EMAIL PROTECTED] Tomasz Kojm [EMAIL PROTECTED]
wrote:
There were problems generating HTML documentation (probably due to
broken TeX installation in Debian). The tarball now includes
clamdoc.tex so you can try to generate it yourself with latex2html.
On Thu, 27 Jan 2005 09:51:48 +0100 in
[EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
After 24hours with 0.81rc1 compiled with gcc I have not seen any
hang-up.
And 0.81 is now released officially.
--
Brian Morrison
bdm at fenrir dot org dot uk
GnuPG key ID DE32E5C5 -
On Thu, Jan 27, 2005 at 08:10:36AM +, Brian Morrison wrote:
The clamdoc.aux file was not found, so sections will not be numbered
and cross-references will be shown as icons.
Is there a correct command for generating the html docs or the
clamdoc.aux file? I'm not very TeX literate I'm
On Wed, 26 Jan 2005 at 13:17:40 -0600, [EMAIL PROTECTED] wrote:
[...]
Secondly full file system scanning.
[...] The second is easy enough, however,
when I used clamdscan the file system scan consumes inordinate amount of
CPU resources. I've tried starting clamd with a nice value of 17 and
On Thu, 27 Jan 2005 10:35:47 +0100 in [EMAIL PROTECTED]
Jan Pieter Cornet [EMAIL PROTECTED] wrote:
On Thu, Jan 27, 2005 at 08:10:36AM +, Brian Morrison wrote:
The clamdoc.aux file was not found, so sections will not be numbered
and cross-references will be shown as icons.
Is there a
On Thu, Jan 27, 2005 at 10:08:08AM -, Christopher Roberts wrote:
I 'had' a beautiful Clamd installation working on a Debian distribution
with MIMEDefang.
Replacing config file /etc/clamav/freshclam.conf with new version
Starting ClamAV virus database updater: ERROR: Number of checks
On Thu, Jan 27, 2005 at 10:49:57AM +, Brian Morrison wrote:
TeX generates the .aux file itself. Just rerun the command you gave.
Done that, same result. I ran latex2html, do I need to run another
command first?
Hm, I'm not very familiar with latex2html. Maybe you should just run
latex
Check the value of Checks in /etc/clamav/freshclam.conf (defaults to
12, I think)
Thanks GC, you're a genius. Or perhaps I'm just stupid - I just never
thought to read the error message that literally - it was set to zero
and instead I had added freshclam to cron.
I have now changed to 12 and
Luca Gibelli wrote:
Dear ClamAV users,
release 0.81 is now available for download.
[ NOTHING ABOUT FUNCTIONALITY UPGRADE ]
WARNING: Your ClamAV installation is OUTDATED - please update immediately!
WARNING: Current functionality level = 3, required = 4
This is the second time, that this
On Thu, 27 Jan 2005 13:17:16 +0100 Ralph Angenendt wrote:
Luca Gibelli wrote:
Dear ClamAV users,
release 0.81 is now available for download.
[ NOTHING ABOUT FUNCTIONALITY UPGRADE ]
WARNING: Your ClamAV installation is OUTDATED - please update immediately!
WARNING: Current
On Thu, 27 Jan 2005 13:37:33 +0100
Frank Elsner [EMAIL PROTECTED] wrote:
WARNING: Your ClamAV installation is OUTDATED - please update
immediately! WARNING: Current functionality level = 3, required = 4
This is the second time, that this happened (last time was to 0.80).
And it sounds
On Thu, 27 Jan 2005 12:55:33 +
Brian Morrison [EMAIL PROTECTED] wrote:
On Thu, 27 Jan 2005 13:42:12 +0100 in
[EMAIL PROTECTED] Tomasz Kojm [EMAIL PROTECTED]
wrote:
Will ASCII-art flowers printed by freshclam satisfy you as well?
Won't your sheep(?) eat them?
Actually it's a
On Thu, Jan 27, 2005 at 12:12:09PM -, Christopher Roberts wrote:
Check the value of Checks in /etc/clamav/freshclam.conf (defaults to
12, I think)
Thanks GC, you're a genius. Or perhaps I'm just stupid - ...
Please don't exagerate: you're NOT stupid!!! ;-)
bye,
gc :-)
On Thu, 27 Jan 2005 14:03:46 +0100
Gian Carlo [EMAIL PROTECTED] wrote:
On Thu, Jan 27, 2005 at 12:12:09PM -, Christopher Roberts wrote:
Check the value of Checks in /etc/clamav/freshclam.conf
(defaults to 12, I think)
Thanks GC, you're a genius. Or perhaps I'm just stupid - ...
Tomasz Kojm wrote:
Won't your sheep(?) eat them?
Actually it's a turtle. I really hate when people confuse it with
a sheep! ;-)
Ehh? I really thought it was a snail!
those two little dots on top, are s like snail antennas. or eyes,
whatever.
If you've seen Gary, Spongebob Squarepants'
Is there an upgrade doc? I want to update to the latest version. Is it
best to install over the top of an old version? Or is there a preferred
method of upgrade?
Thanks!
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
On Thu, 27 Jan 2005 07:16:06 -0600
Diane Rolland [EMAIL PROTECTED] wrote:
Is there an upgrade doc? I want to update to the latest version. Is
it best to install over the top of an old version? Or is there a
preferred method of upgrade?
http://wiki.clamav.net/index.php/UpgradeInstructions
On Mon, 24 Jan 2005 at 3:04:22 -0700, Hal Goldfarb wrote:
[...]
Problem: When I run clamdscan (which uses the daemon), it generates
zillions of errors in the clamd.log file something like Directory
recursion limit exceeded at /home/hal/.tvtime. However, when I run
On Thu, 27 Jan 2005 13:57:30 +0100 in
[EMAIL PROTECTED] Tomasz Kojm [EMAIL PROTECTED]
wrote:
Won't your sheep(?) eat them?
Actually it's a turtle. I really hate when people confuse it with
a sheep! ;-)
OK, but turtles like flowers too don't they?
--
Brian Morrison
bdm at fenrir dot
Here are the upgrade instructions that I follow(ed)! These do work if
you follow them to the t! *oh ya ... Remember to backup your
Freshclam.conf and clamd.conf =P~
unpack the old distribution:
tar -zxf clamav-0.80.tar.gz
run configure
cd clamav-0.80
./configure
Unpack
I'm thinking that someone has submitted this, and we already have the
update...but does anyone know for sure if we are safe from this.
WORM_BAGLE.AZ is what Trend Net is referring to this as, there message
to me this morning follows:
As of January 27, 2005 1:42 AM PST (Pacific Standard
On Thu, 2005-01-27 at 07:01 -0700, Craig Daters wrote:
I'm thinking that someone has submitted this, and we already have the
update...but does anyone know for sure if we are safe from this.
WORM_BAGLE.AZ is what Trend Net is referring to this as, there message
to me this morning follows:
Trog wrote:
It is detected by Clam as Trojan.Downloader.Small-165, which was added
on 8th Nov 2004 by Christoph.
Wow, that was some time ago, and TrendNet is only just now putting out
an update! That's scarry!
Thanks Trog
--
Craig Daters ([EMAIL PROTECTED])
Systems Administrator
West Press Print
Hi List!
Please allow me to start by saying I'm relatively new here, having just
switched to clam from RAV. I'm very impressed with the responsiveness of
the Clam team, and with the Clam product. You guys do a great job.
I do have a question on the upgrade(s): Is there typically a period of
[EMAIL PROTECTED] wrote:
Trog wrote:
It is detected by Clam as Trojan.Downloader.Small-165, which was
added on 8th Nov 2004 by Christoph.
Wow, that was some time ago, and TrendNet is only just now
putting out an update! That's scarry!
Thanks Trog
--
Craig Daters ([EMAIL PROTECTED])
On Thu, 2005-01-27 at 08:25 -0600, Sam wrote:
I do have a question on the upgrade(s): Is there typically a period of
time where the old version will work alongside the new version? (I read
the faq and saw the mention of missing viruses if one doesn't upgrade).
The reason I ask is, in my
Craig Daters
Wow, that was some time ago, and TrendNet is only just now putting out
an update! That's scarry!
Thanks Trog
What concerns me (if it is true that ClamAV has detected this specific
variant since November) is that ClamAV is not performing due diligence
and sharing samples to protect
Upgraded this morning to 0.81, and suddenly I have frequently the
error message ScanStream: accept() failed in my logs.
I have enable verbose logging, and notice that *most of the time*
all is ok, but frequently there is an accept error:
Thu Jan 27 16:09:06 2005 - Accepted connection on port
[EMAIL PROTECTED] wrote:
Craig Daters
Wow, that was some time ago, and TrendNet is only just now putting
out an update! That's scarry!
Thanks Trog
What concerns me (if it is true that ClamAV has detected this
specific variant since November) is that ClamAV is not
performing due
On Thu, 2005-01-27 at 09:13 -0600, [EMAIL PROTECTED] wrote:
Craig Daters
Wow, that was some time ago, and TrendNet is only just now putting out
an update! That's scarry!
Thanks Trog
What concerns me (if it is true that ClamAV has detected this specific
variant since November) is that
On Thu, 27 Jan 2005, Sam wrote:
I have yet another question. I have noticed Clam stopping (or at
least to me it appears to be stopping) various phishing attempts. Or am I
wrong?
If this is the case, I will start submitting phishing attemps I see (I
probably get 3 - 4 a day).
Please don't.
On Jan 27, 2005, at 10:25 AM, Damian Menscher wrote:
There was a discussion about this several months ago. Unfortunately,
many people (including part of the signature-generation team) are too
dogmatic about their feelings that phishing is bad, so we should
block it to look at it logically.
Can
Damian Menscher wrote:
Please don't. Phishing attempts do not automatically propagate (by
infecting a machine and being re-sent) and therefore are generally
one-time events. As such, they can be trivially changed to evade any
signature-based filter, which must obviously generate a signature
On Thu, 2005-01-27 at 16:19 +0100, Paul Bijnens wrote:
Upgraded this morning to 0.81, and suddenly I have frequently the
error message ScanStream: accept() failed in my logs.
I have enable verbose logging, and notice that *most of the time*
all is ok, but frequently there is an accept error:
Trog wrote:
What software are you using to pass requests/data to clamd?
clamscan-procfilter.pl, a little perlprog to be used in procmail
essential boiling down to
cat themsg | clamdscan --stdout - $tempfile,
and examining $tempfile for results.
--
Paul Bijnens, Xplanation
On Thu, 27 Jan 2005, Jim Maul wrote:
Is it causing you (or anyone for that matter) a problem by clamav
catching some phishing attempts as opposed to spamassassin catching
them? Whats really the issue here? You just dont believe clamav is the
right tool for that job, but is there REALLY a
On Thu, 2005-01-27 at 09:45 -0600, Sam wrote:
(This is directed more at Trog than anyone...) So if one were to submit
phishing attempts, what do you need? I don't think the virus submission
page will allow one to submit something without an attachment?
Do you need headers?
Do you need
On Thu, Jan 27, 2005 at 12:12:09PM -, Christopher Roberts said:
Check the value of Checks in /etc/clamav/freshclam.conf (defaults to
12, I think)
Thanks GC, you're a genius. Or perhaps I'm just stupid - I just never
thought to read the error message that literally - it was set to zero
On Thu, 2005-01-27 at 16:44 +0100, Paul Bijnens wrote:
Trog wrote:
What software are you using to pass requests/data to clamd?
clamscan-procfilter.pl, a little perlprog to be used in procmail
essential boiling down to
cat themsg | clamdscan --stdout - $tempfile,
and examining $tempfile
On Jan 27, 2005, at 10:33 AM, Tomasz Kojm wrote:
No problem. As a bonus we will create a signature for your domain name
;-)
Just kidding! Honest! I'd NEVER think of having Windows thought of as
a virus... :-)
___
On Thu, 27 Jan 2005 11:27:00 -0500
Adam Tauno Williams [EMAIL PROTECTED] wrote:
Just my two cents - I agree with the other guy. CLAM should blocks
virii and worms, and leave SPAM to something else. Just think of the
Phishing IS NOT spam! Is that really so hard to understand?
--
oo
On Thu, 27 Jan 2005 11:35:24 -0500
Don Levey [EMAIL PROTECTED] wrote:
Hmm... Passed right through my setup, without detection.
Database updated as recently as 4:am today.
So better update your software ASAP.
--
oo. Tomasz Kojm [EMAIL PROTECTED]
(\/)\.
On Thu, 27 Jan 2005 17:29:05 +0100
Tomasz Kojm [EMAIL PROTECTED] wrote:
On Thu, 27 Jan 2005 11:27:00 -0500
Adam Tauno Williams [EMAIL PROTECTED] wrote:
Just my two cents - I agree with the other guy. CLAM should blocks
virii and worms, and leave SPAM to something else. Just think of the
On Thu, 27 Jan 2005 11:35:24 -0500 in
[EMAIL PROTECTED] Don Levey
[EMAIL PROTECTED] wrote:
Hmm... Passed right through my setup, without detection.
And your setup is?
Database updated as recently as 4:am today.
That's more than 7 *hours* ago...
--
Brian Morrison
bdm at fenrir dot org
On Thu, 27 Jan 2005 at 11:35:24 -0500, Don Levey wrote:
[EMAIL PROTECTED] wrote:
On Thu, 2005-01-27 at 07:01 -0700, Craig Daters wrote:
WORM_BAGLE.AZ is what Trend Net is referring to this as, there
message to me this morning follows:
It is detected by Clam as
I'm not sure how that could have happened. Did you choose cron in the
debconf setup, or something else? I wouldn't mind getting to
the bottom of this.
I really don't recall the setup process. I believe I visited
http://sial.org/howto/clamav/freshclam/ and took the following sentence
to
Hello,
I just wanted to give the team a big thank you. All I needed to do was
upgrade zlib and compile. Everything is working great.
Gord
CONFIDENTIALITY WARNING: The information in the e:mail is confidential and
privileged. It is intended only for the use of the individual or entity it
On Thu, 27 Jan 2005 17:40:25 +0100
Stefan Hornburg [EMAIL PROTECTED] wrote:
Can you give me a pointer to how Phishing is defined and detected in
the context of ClamAV ?
See http://www.antiphishing.org/
What is Phishing?
Phishing attacks use 'spoofed' e-mails and fraudulent websites designed
On Thu, 27 Jan 2005, Tomasz Kojm wrote:
Phishing IS NOT spam! Is that really so hard to understand?
Phishing IS NOT a virus! Is that really so hard to understand?
Damian Menscher
--
-=#| Physics Grad Student SysAdmin @ U Illinois Urbana-Champaign |#=-
-=#| 488 LLP, 1110 W. Green St, Urbana, IL
Tomasz Kojm wrote:
On Thu, 27 Jan 2005 11:27:00 -0500
Adam Tauno Williams [EMAIL PROTECTED] wrote:
Just my two cents - I agree with the other guy. CLAM should blocks
virii and worms, and leave SPAM to something else. Just think of the
Phishing IS NOT spam! Is that really so hard to understand?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
If you have received this
communication in error, please notify me immediately by telephone or fax
and delete all copies of the original message.
How can I do that if you don't quote
On Thu, 27 Jan 2005 10:57:27 -0600 (CST)
Damian Menscher [EMAIL PROTECTED] wrote:
On Thu, 27 Jan 2005, Tomasz Kojm wrote:
Phishing IS NOT spam! Is that really so hard to understand?
Phishing IS NOT a virus! Is that really so hard to understand?
95% of internet worms are not viruses as
On Jan 27, 2005, at 11:29 AM, Tomasz Kojm wrote:
On Thu, 27 Jan 2005 11:27:00 -0500
Adam Tauno Williams [EMAIL PROTECTED] wrote:
Just my two cents - I agree with the other guy. CLAM should blocks
virii and worms, and leave SPAM to something else. Just think of the
Phishing IS NOT spam! Is that
Damian Menscher wrote:
On Thu, 27 Jan 2005, Tomasz Kojm wrote:
Phishing IS NOT spam! Is that really so hard to understand?
Phishing IS NOT a virus! Is that really so hard to understand?
Ok, so its not a virus, and its not spam. So neither product should
detect it your saying? How about both
On Thu, 27 Jan 2005, Tomasz Kojm wrote:
On Thu, 27 Jan 2005 Damian Menscher [EMAIL PROTECTED] wrote:
On Thu, 27 Jan 2005, Tomasz Kojm wrote:
Phishing IS NOT spam! Is that really so hard to understand?
Phishing IS NOT a virus! Is that really so hard to understand?
95% of internet worms
Nigel,
You are far too detailed.
Gord
CONFIDENTIALITY WARNING: The information in the e:mail is confidential and
privileged. It is intended only for the use of the individual or entity it
is addressed to. If the reader of this message is not the intended
recipient, or the authorized
Ok, so its not a virus, and its not spam. So neither product should
detect it your saying? How about both products detect it, we have
overlap, and users are happy cause they dont have to deal with this crap
in their inbox.
Personally, I'd love to have it as a config option in clamd.conf.
On Thu, 27 Jan 2005, Jim Maul wrote:
Is it causing you (or anyone for that matter) a problem by clamav catching
some phishing attempts as opposed to spamassassin catching them? Whats
really the issue here? You just dont believe clamav is the right tool for
that job, but is there REALLY a
I am building clamav from src rpm from crash-hat. It build just fine
but i get the message:
configure: WARNING: ** This ClamAV installation may be linked against
configure: WARNING: ** a broken zlib version. Please DO NOT report any
configure: WARNING: ** stability problems to the
Damian Menscher wrote:
On Thu, 27 Jan 2005, Jim Maul wrote:
Is it causing you (or anyone for that matter) a problem by clamav
catching some phishing attempts as opposed to spamassassin catching
them? Whats really the issue here? You just dont believe clamav is
the right tool for that job, but
On Thu, 27 Jan 2005 11:08:12 -0600 (CST)
Damian Menscher [EMAIL PROTECTED] wrote:
...which is why, in my original email, I referred to things that
propagate automatically without intervention from their author.
OK, so what about the trojans? ;-)
--
oo. Tomasz Kojm [EMAIL
Sam said:
Also to Damian: I understand what you are saying, but tend to agree more
with Jim. What does it matter who catches it as long as it's caught?
The answer to this is simple: my policy for dealing with spam is quite
different than my policy for dealing with viruses. Spam is annoying,
On Thu, 27 Jan 2005, Tomasz Kojm wrote:
On Thu, 27 Jan 2005 Damian Menscher [EMAIL PROTECTED] wrote:
...which is why, in my original email, I referred to things that
propagate automatically without intervention from their author.
OK, so what about the trojans? ;-)
I take the somewhat-unusual
On Thu, 27 Jan 2005 11:27:48 -0600 (CST)
Damian Menscher [EMAIL PROTECTED] wrote:
On Thu, 27 Jan 2005, Tomasz Kojm wrote:
On Thu, 27 Jan 2005 Damian Menscher [EMAIL PROTECTED] wrote:
...which is why, in my original email, I referred to things that
propagate automatically without
Jim Maul wrote:
snip
If my car is broken usually I take it to a mechanic. But if a friend of
mine who happens to be a plumber can fix it also, does it really matter
if I bring it to him instead? No.
-Jim
Ok, I took part in the previous discussion and I accept the developers
decision. But I
:01 ... clamd[27135]: clamd daemon devel-20050127 (OS:
linux-gnu,ARCH: i386, CPU: i686)
# freshclam -V
ClamAV devel-20050127/689/Thu Jan 27 07:33:10 2005
# freshclam -v
Current working dir is /.../
Max retries == 5
ClamAV update process started at Thu Jan 27 11:49:01 2005
Querying
You know, this gets old real quick!
Back when this debate first started (around November or so) I never
thought it would stop.
In November I decided to do 2 things 1 log what virus's were being
caught, where they were going, and what virus was detected.
Out of 446 detected viruses, 167 were
From:
http://www.infoworld.com/article/05/01/21/04FEphishing_1.html?source=NLC-WS2005-01-26
Phishers are employing increasingly sophisticated techniques, such as
malicious code buried in images, keystroke-logging applications that
download as soon as an e-mail is opened, and spoofed Web sites
On Thu, 27 Jan 2005 16:59:57 - in
[EMAIL PROTECTED] Nigel Horne
[EMAIL PROTECTED] wrote:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
If you have received this
communication in error, please notify me immediately by
On Thu, 2005-01-27 at 09:25 -0800, Dennis Peterson wrote:
We do a lot of on-line commerce. We cannot tolerate many false positives.
Phishing exploits are something we deal with through education first, and
filtering second. As phishers become more sophisticated and numerous false
positives
On Thu, 27 Jan 2005, Trog wrote:
On Thu, 2005-01-27 at 09:25 -0800, Dennis Peterson wrote:
We do a lot of on-line commerce. We cannot tolerate many false positives.
Phishing exploits are something we deal with through education first, and
filtering second. As phishers become more sophisticated
On Thu, 2005-01-27 at 11:14 -0600, Damian Menscher wrote:
On Thu, 27 Jan 2005, Jim Maul wrote:
Is it causing you (or anyone for that matter) a problem by clamav catching
some phishing attempts as opposed to spamassassin catching them? Whats
really the issue here? You just dont believe
trying to start clamav-milter from 0.81 I get:
Starting clamav-milter: /usr/sbin/clamav-milter: ScanMail not defined in
/etc/clamd.conf (needed without --external)
What are your clamav-milter options?
Petr
Hi Guys
Sorry this thread doesn't follow, I have just sbscribed here, and dont have a
On Thu, 2005-01-27 at 12:32 -0600, Damian Menscher wrote:
And how many Phishing false positives have you had exactly?
All of them. ;)
Seriously, that's an unfair question. When you're deleting people's
email, how would they find out if there was a false positive? With
spam, it's
On Thu, 2005-01-27 at 18:37 +, Kul wrote:
trying to start clamav-milter from 0.81 I get:
Starting clamav-milter: /usr/sbin/clamav-milter: ScanMail not defined in
/etc/clamd.conf (needed without --external)
What are your clamav-milter options?
Uncomment the ScanMail option in
Damian Menscher wrote:
On Thu, 27 Jan 2005, Trog wrote:
On Thu, 2005-01-27 at 09:25 -0800, Dennis Peterson wrote:
We do a lot of on-line commerce. We cannot tolerate many false
positives.
Phishing exploits are something we deal with through education
first, and
filtering second. As phishers
The more tools that you have the likelihood of filtering it out increases.
Just because I run ClamAv on the mail exchanger does not mean I do not run
AV on our Exchange server and all of our desktop machines. Firewalls can do
IDS functions, AV applications for the desktop are now including Anti
On Thu, 27 Jan 2005, Trog wrote:
On Thu, 2005-01-27 at 12:32 -0600, Damian Menscher wrote:
Seriously, that's an unfair question. When you're deleting people's
email, how would they find out if there was a false positive? With
spam, it's standard practice to review a junk-mail box for false
On Thu, 2005-01-27 at 18:37, Kul wrote:
trying to start clamav-milter from 0.81 I get:
Starting clamav-milter: /usr/sbin/clamav-milter: ScanMail not defined in
/etc/clamd.conf (needed without --external)
What are your clamav-milter options?
Petr
Hi Guys
Sorry this thread
On Thu, 27 Jan 2005, Jim Maul wrote:
What if the plumber and the mechanic work on it together? ;)
What if the electrician goes to night school to learn ornithology?
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
On Thu, 2005-01-27 at 12:45 -0600, Damian Menscher wrote:
Another is your assertion that my initial assumptions were incorrect
when I suggested that phishing signatures were more likely to create
false positives as a result of being more likely to be matching
plaintext. Which initial
On Thu, 27 Jan 2005, Trog wrote:
On Thu, 2005-01-27 at 12:45 -0600, Damian Menscher wrote:
Another is your assertion that my initial assumptions were incorrect
when I suggested that phishing signatures were more likely to create
false positives as a result of being more likely to be matching
snip
trying to start clamav-milter from 0.81 I get:
Starting clamav-milter: /usr/sbin/clamav-milter: ScanMail not defined in
/etc/clamd.conf (needed without --external)
What are your clamav-milter options?
Petr
Hi Guys
Sorry this thread doesn't follow, I have just sbscribed here, and
On Thu, 2005-01-27 at 19:12, Kul wrote:
Then the restart:
Starting clamd: [ OK ]
Starting clamav-milter: /usr/local/sbin/clamav-milter: --max-children must be
given in internal mode
[ ** ]
Had to do a roll back to 0.80, but I can install 0.81 on the backup
mailserver as nobody will
On Thu, 2005-01-27 at 13:05 -0600, Damian Menscher wrote:
Oh, ok. Apparently we have a different definition of plaintext. I
generally take anything using only the lower 7 bits (ASCII table) to
mean plaintext, and things that use the 8th bit to mean binary.
Regardless of your definition
On Thu, 27 Jan 2005 13:54:22 -0500 (EST) in
[EMAIL PROTECTED] jef moskot
[EMAIL PROTECTED] wrote:
On Thu, 27 Jan 2005, Jim Maul wrote:
What if the plumber and the mechanic work on it together? ;)
What if the electrician goes to night school to learn ornithology?
Electrified owls?
--
Hi all,
When using clamav 0.81rc1 with amavisd-new I get these errors:
Jan 22 12:05:22 donkeykong amavis[24030]: (24030-07) Mail::ClamAV
av-scanner FAILED: statchkdir() only works if a database directory was
specified
to new() at (eval 35) line 62.
clamav is configured in amavisd-new
Hello,
The latest 0.81 release of clamav now displays ERROR: ScanStream:
accept() failed. errors in the logs for some incoming e-mails. For
example if I send the Test #6: Eicar virus embedded within another
MIME segment test from http://www.webmail.us/testvirus it causes this
error, where with
On Thu, 2005-01-27 at 11:44 -0800, exo dia wrote:
Hello,
The latest 0.81 release of clamav now displays ERROR: ScanStream:
accept() failed. errors in the logs for some incoming e-mails. For
example if I send the Test #6: Eicar virus embedded within another
MIME segment test from
On Thu, 2005-01-27 at 11:44 -0800, exo dia wrote:
Hello,
The latest 0.81 release of clamav now displays ERROR: ScanStream:
accept() failed. errors in the logs for some incoming e-mails. For
example if I send the Test #6: Eicar virus embedded within another
MIME segment test from
On Thu, 27 Jan 2005, Trog wrote:
On Thu, 2005-01-27 at 13:05 -0600, Damian Menscher wrote:
Oh, ok. Apparently we have a different definition of plaintext. I
generally take anything using only the lower 7 bits (ASCII table) to
mean plaintext, and things that use the 8th bit to mean binary.
On Thu, 2005-01-27 at 09:25 -0800, Dennis Peterson wrote:
=20
We do a lot of on-line commerce. We cannot tolerate many false positives.
Phishing exploits are something we deal with through education first, and
filtering second. As phishers become more sophisticated and numerous fals=
e
I don't understand what the fuss is.
clamAV (like all other AVs) produces a report stating what the malware
is. In the case of Phishing, clamAV tags them as *.Phishing.*.
So, change your blocking agents to ignore such matches Don't
be surprised if they don't have the option, but if you
On Fri, 28 Jan 2005, Jason Haar wrote:
clamAV (like all other AVs) produces a report stating what the malware is. In
the case of Phishing, clamAV tags them as *.Phishing.*.
So, change your blocking agents to ignore such matches Don't be
surprised if they don't have the option, but if
On Thu, 27 Jan 2005 14:29:06 -0600 (CST)
Damian Menscher [EMAIL PROTECTED] wrote:
The simplest solution seems to be to write a wrapper around freshclam.
You can patch ClamAV to filter out all *Phishing* sigs in
libclamav/readdb.c. It should be simpler and more reliable solution.
--
oo
On Thu, 27 Jan 2005 21:30:56 +0100 in
[EMAIL PROTECTED] Tomasz Kojm [EMAIL PROTECTED]
wrote:
On Thu, 27 Jan 2005 14:29:06 -0600 (CST)
Damian Menscher [EMAIL PROTECTED] wrote:
The simplest solution seems to be to write a wrapper around
freshclam.
You can patch ClamAV to filter out all
I apologize -- bad cut and paste in my first e-mail subject. This is
the error from my logs:
Thu Jan 27 11:28:12 2005 - SelfCheck: Database status OK.
Thu Jan 27 11:50:15 2005 - ERROR: ScanStream: accept() failed.
Thu Jan 27 11:57:43 2005 - ERROR: ScanStream: accept() failed.
Thu Jan 27
1 - 100 of 111 matches
Mail list logo