haven't checked on the other installation I have, under
Solaris, because there I'm using MailScanner and that doesn't use clamd.
Thanks for any information you can provide.
--
René Berber
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
this in other operating
systems. I'll check and see if that's the problem.
Regards,
--
René Berber
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
in
CG Pro... So unistalling means just doing the opposite: disable the helper
(the filter won't fire when the external helper is disabled) and erase the 2
files: cgpav and cgpav.conf (they are usually put, in /var/CommuniGate and
/var/CommuniGate/Settings).
Regards.
--
René Berber
, there must be something in your system
that either filters the network traffic (a proxy perhaps) or doesn't allow
freshclam to write the database file (full partition? Then it will probably
download fine to /tmp as the command above specifies).
Regards.
--
René Berber
everything
- Do NOT send HTML mails
Hapy holidays!
--
René Berber
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
are only semi-transparent. As you mention, this can be solved by
using Linux's firewall settings and clamsmtpd has some documentation on how
to do it.
Regards.
--
René Berber
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
). It even seems
from the original message that Ryszard wants the message renamed.
Regards.
--
René Berber
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
this change).
Just in case this only happens in the environment I have, the specs are:
ClamAV version 0.81 / Windows XP (sp 2) / Cygwin 1.5.12-1.
Regards.
--
René Berber
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
René Berber wrote:
[snip]
No, it isn't. By default errors are still being written to stderr.
Oops! ..^^
Check again, this simple test:
$ clamdscan -v /tmp/test 1 clamdscan.stdout 2 clamdscan.stderr
produces this:
$ ll clamdscan.*
-rw-r--r-- 1 rberber None 0 Jan 28 23:19
for just about any flavor of Linux and other OSes.
--
René Berber
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
this helps.
--
René Berber
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
clamscan which should not even be
running... do you see it in the process list? On the other hand MS can be
tunned to the load, and usually Spamassassin is the one that causes the load
when used without care (i.e. too many tests).
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.4
://clamav.net/3rdparty.html#webftp
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFS983L3NNweKTRgwRAo7lAJ4+WX1j7wJ1r0y8i4Rvgn3sS5FLDACgkZP5
PWCDZJk1Y1KYGxnKTELtmAA=
=Ioh9
-END PGP SIGNATURE
it will display ?SECURITY WARNING: NO SUPPORT
FOR DIGITAL SIGNATURES? on every update. You can download GNU MP at
http://www.swox.com/gmp/
Check that it's not already installed (and use LDFLAGS='-Lpath to library') or
install it from whatever source OS-X provides it.
- --
René Berber
-BEGIN PGP SIGNATURE
, I haven't checked, but no mention is made that it
may need an Internet connection. To be sure you'll have to try it or perhaps
look at the source code. I did once compared the MD5 checksum showed with the
output of the usual md5sum, and they are different.
- --
René Berber
-BEGIN PGP
clamscan or clamdscan once on a large number of files (as shown
above) the execution speed is about the same. If you run them many times, say
once per file, then what you said applies.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http
parameter for building.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFa15RL3NNweKTRgwRAgq/AKCohc1OFFonb8vnm1hAmbWGTBxEzgCgqKVE
EIoFajF36XloCq9LZuQPWE8=
=yIXh
-END PGP SIGNATURE
the permissions have not changed and are correct upon rechecking them. Has
anyone else ran into this issue? Thanks.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
, with 0.90rc2 it
doesn't work with any of the .ndb files, only with .cvd files.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFd5n1L3NNweKTRgwRAsSQAJ92KtNdLDv4qBPUCRrINI2COyn4yACgxlt9
HElPvIwwQGi
with
0.90rc2 (i.e. only .cvd files can be checked, not .ndb).
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFe1LKL3NNweKTRgwRAlNiAKCHcMrC+4n5rJq81Tx/yUVoR92TpwCfZ4Jc
XYnVkSL45PfviyvOjiehQfQ=
=kgJj
-END
, and anything else
you consider relevant.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFgd2CL3NNweKTRgwRAjvCAKCckvir2NaTwjha7GImySpXnukXNgCfahrn
rCb1HnEruwveYl49zKgVcr8=
=cE3b
-END PGP SIGNATURE
. EximConfig could be a long term option, even if you only
need to change the configuration, for an example look at :
http://duncanthrax.net/exiscan-acl/exiscan-acl-examples.txt
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http
not clear so far.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFgvlhL3NNweKTRgwRAgPlAJ0dT1Pr+xZcJOYRZ/9xniM1L3EAHwCg9ZyP
a61cqG8FArzBeZCtAQN7R30=
=Ew5S
-END PGP SIGNATURE
,
the configuration file syntax is different.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFgx8dL3NNweKTRgwRAnhaAJ0RjQ2o5mY87fLqCsR4J1JvkfSKNACeJ9TG
x3MMr0c5mMKMSOk7+WWK1NA=
=PRmh
-END PGP SIGNATURE
complained several years back, in fact I
wanted to have both library versions built without having to do it by hand,
obviously no changes have been made).
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
restarting the server
after changing the configuration, or that I'm using Exim 4.63 .
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFuuADL3NNweKTRgwRAoVJAKDgic0eX/MBDd5kagCp/AzGt74GfgCgniFD
...
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFw7cYL3NNweKTRgwRAnX0AJ9wmgnU6YiS8Sv1XnCbEiuzp3o5lwCfRtBr
Ka05MAjTiwWPXNYSEtw5wFY=
=nTrx
-END PGP SIGNATURE
libraries only, you'll have to change it if you
really want to use static libs.
Get rid of that library and either use the one that came with Solaris or make a
good build.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http
previous message, libbz2 is not in
/usr/sfw/lib, it is in /usr/lib.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFF0N7iL3NNweKTRgwRApKKAJ9LatH7oU+9Bn1FXSpTJfV2XBznXACdGAdm
748VcHGpPmZLWZghOd+78K4
problem.
HTH but in Solaris 10 there shouldn't be a problem with the system installed
libraries.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFF0o9OL3NNweKTRgwRAlrMAJsHTo/W0+mP8/Fp65Je
of MailScanner, without a re-build MS spins
creating processes and killing them with no mail being scanned. I guess there
is the option of using clamscan (or clamdscan with patches to MS).
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dennis Peterson wrote:
René Berber wrote:
Is anybody working on upgrading perl module Mail::ClamAV?
Current version 0.17 does not build under clamav version 0.90, there's
at least
2 defined constants that don't exist anymore, maybe other
-0.88.7 and older) a digital signature works normally.
The new version does things differently in the configuration, it is more general
and it has a lot of new tests (which do nothing useful, like looking for
Fortran) and do miss things like gmp which worked with older versions.
- --
René Berber
of the protocol used to communicate
with clamd through a socket.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFF1PjjL3NNweKTRgwRAgwSAKCzbZ/dDnlqX2iOj3jvImhbq8QJqgCfbEGf
X/MLD5ivZa+sv2s9Mk+N/t0
], status=CLAMAV-ERROR
I have no clue what it means, there is nothing in the logs to give any
usefull information. This is really eating a lot of my time.
It seems that your configuration of clamd and clamsmtpd differ, one is probably
using a TCP socket, the other a UNIX socket.
- --
René Berber
, which
you say is not being used.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFF4JeiL3NNweKTRgwRAkkbAKDSQlDeivEU2P3k5FaAf4hKXE8weQCg9CRZ
cprjHgXBaibA8xNZ9/JTuA4=
=v3Bh
-END PGP SIGNATURE
(modified to use
clamdscan), no problem with all those packages working together.
Your solution is a bit drastic, why not use clamdwatch or clamdmon from the
contrib directory. I just stopped using clamdwatch after 2 or 3 years of
monitoring clamd and never have to restart it.
- --
René Berber
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Pascal Duchatelle wrote:
[snip]
Is it in the same page as the virus sample submission form ?
Yes.
- --
René Berber
\
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFF+daZL3NNweKTRgwRCHkkAJ96DAuB+VZzGZwis6mPb8IP6z2bCwCdFA3M
GQusCvL0hjeclilk3KH6tJ4=
=3+2X
-END PGP SIGNATURE
enabled).
Looking at Thomasz' message, I used gcc (3.3.2) to build everything.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFF+dfSL3NNweKTRgwRCH5CAJwPwhUi8UPS1GPW+Thj3Fu1SPePggCcD/6C
files and they were handled
correctly, and with no problem, by clamd.
This is under Solaris 9 sparc, clamav compiled with gcc, ScanArchive enabled, no
experimental option. Clamd 0.90.1 has been running with no problem since I
installed it.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG
) hardware with new versions
of all the software components. (gcc in particular: compiling it from
scratch has become quite the chore with all the prerequisites.)
Old but with 4 processors, it shouldn't have problems and clamd shouldn't die.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG
running freshclam before starting clamd.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGEv0XL3NNweKTRgwRCOUrAJ0aUNbLgVnHZuYz/qqFvAt71c2bzwCfb4et
U81YSjZB7hynTpeFrsKNDpE=
=ly2r
-END PGP
-libcurl'. but it's not a miracule cure. :-)
I agree, that didn't solve anything.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGFT0DL3NNweKTRgwRCCw8AJ9WLyV0BglBQjLnvYp1j77JFJw+FACgpY1F
pQx
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Rick Pim wrote:
René Berber writes:
Something is very wrong there, after 1 day running I have clamd
using only 32M of RAM (30M RSS). How many clamd threads do you
see?
via ps -efL? or another mechanism. i'll check; i don't know
for long type
In fact, those constants (0x1) are bigger than 64-bit, looks like a bug
to me, at least for 32-bit CPUs or any that defines long as 64-bit.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http
-bit binaries).
In fact looking at the unrar.h file, it is not a long type declaration, it is a
uint64_t, so the constant is wrong and the whole expression is suspect. Of
course only unrar will fail.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG
= 215,151
which is just about (off by 2) what it reported. Do you have an old database
lying around, perhaps with another name?
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
);
~ }
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
iD8DBQFGLQU2L3NNweKTRgwRCAMyAKDuqqW3eP9WkN9U9/E90I8RXw1BwwCgyrMG
idt1TGF7i/BLlrqXZSFrZmc=
=6LOZ
-END PGP SIGNATURE-
___
Help us build a comprehensive ClamAV guide
to use a second installation of perl,
and do a couple of changes so logging works better under Solaris (both subjects
have been commented on the MS list, I just don't like the way it is).
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin
changed to the latest scamp.sh and I see it just downloads and installs, no
check to see if the file is a valid clamav database.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
iD8DBQFGP4xEL3NNweKTRgwRCEYHAKCP/ztKwvdmc2Iz4iYdsRflsiLPowCg0Xcn
JvH5ySQFuWLKy/WTy/RuCqk=
=kq
that script until it worked :(
| The download URLs for the mirrors are incorrect and for some reason it
| pukes on the output of Debian's clamd --debug
Thanks for both replies.
I'll take that script for a test.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin
databases, like the ones from MSRBL and SaneSecurity
(for spam and phishing), then it is recommended that the script used to download
them does test them before installing.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin
these attributes can be
controlled with MailScanner) If you can isolate one sample, better, that way
you'll have something to test directly.
Have you tested clamav? for instance running clamscan on the test directory that
comes with the source.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version
taking 100% of the CPU for those 30 seconds, if
you cannot increase the value then perhaps using 0.91rc1 is a better option
(reloading databases is 10x faster, yep back to the 3 sec mark).
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin
are needed, i.e.
`pkg-config --libs curl`).
Workarounds:
- - Build w/o curl support;
- - Add the libraries yourself, LIBS=... at the end of the configure
invocation.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Cygwin)
iD8DBQFGZg1SL3NNweKTRgwRCBtTAKDxbhSt+ACVLwFNktMS
, actually develop a test suite to figure out which one is
truly faster or slower for your situation.
I agree with this last phrase, and the tricky part is how to build a good test
suite.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Cygwin
/permissions does it
have, and how well does it match your vscan daemon?
- --
René Berber
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Cygwin)
iD8DBQFGfv+iL3NNweKTRgwRCEWFAKDRC6IhW3uKHCrVdHGMubBWHGVDVQCfcNww
9A6SukNXKyZ3OniinqSTano=
=wtqu
-END PGP SIGNATURE
will create the socket?!?! How do I create it manually?
You don't.
Just start clamd as a service, it will create it, if it doesn't then there must
be an error in the log.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Cygwin)
iD8DBQFGf1jIL3NNweKTRgwRCBTUAKCvwNQphLxggFJ
freshclam I am told that the definition file is up to
date.
Freshclam knows better ;-)
Hint: it uses the location defined in clamd.conf or, if there is none, then the
hardcoded location (that clamd also uses).
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Cygwin
with clamdscan will cause another
complaint).
The best option for you is to plan an upgrade of MailScanner, since it installs
in a separate directory, the switch *should* really take seconds. That doesn't
mean it's easy or without peril, you should always know what you're doing.
- --
René Berber
-BEGIN
, and that X-Virus-Report gives the
name of the signature match.
If you are seeing those headers in your mail, then something else put them
there. It could be a milter, or MailScanner, or something else; you have to
configure whatever it is.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG
, fall back to http at
16:56, back to normal at 18:56.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Cygwin)
iD8DBQFGqTVoL3NNweKTRgwRCHDSAKC6rJ4Isgdjieiv935BHYP1vkA33ACg09C3
cuWd0ZGMJd1wGxyC3vCr6ks=
=R0NP
-END PGP SIGNATURE
as a regular user... the above shows that the
log is probably owned by root and you can't change it.
[snip]
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Cygwin)
iD8DBQFGshegL3NNweKTRgwRCB9DAJ9gkazJyLdGL6ymfYofzq/+N8zLuQCgu17t
UoPc2H2Rl4sF/SUjWltU5aI=
=ZgMj
-END PGP SIGNATURE
.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Cygwin)
iD8DBQFGs2yFL3NNweKTRgwRCKqqAJ90HRuQMscvnRwXIegZjNcDXFWr4wCdGR/V
tO1u3Vezjb8eysSgXMYNPzk=
=fK7k
-END PGP SIGNATURE-
___
Help us build a comprehensive ClamAV guide: visit
delivery problems
anymore with it but I don't see it scanning.
Doesn't make sense, if clamd is running as root then it has access to the spool.
But your error message is clearly a permission access error, clamd is telling
you it can't read the file exim told it to read.
- --
René Berber
-BEGIN PGP
).
warn message = X-antivirus-Scanner: Clean Mail
- -
This is wrong. I wonder if exim even accepts this mistake.
# Accept the message.
accept
And the problem persists or not?
If it does, who owns the spool directories?
- --
René Berber
-BEGIN PGP SIGNATURE-
Version
by the machine? Or does that happen automatically?
It scans everything.
2) How do I outright block certain extensions? Should I used the old
demime ACL for that? Or is there a better way?
Shouldn't you ask the exim users list?
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG
above it looks like you put a non existent name.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Cygwin)
iD8DBQFGt3uEL3NNweKTRgwRCBnjAJ4nOdVyPw6vEwB03BKArH2qmme1YQCgxYHQ
TwusySzl9psJnz2xLUMsj/Y=
=UI06
-END PGP SIGNATURE
to set option :
# Remove stale socket after unclean shutdown.
FixStaleSocket yes
And then investigate why clamd is not properly shutdown.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Cygwin)
iD8DBQFGvNq2L3NNweKTRgwRCCrEAKCOUXPpWRChtkMEJclmJJWfhp5TuwCgw4dP
signal).
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Cygwin)
iD8DBQFGwgbSL3NNweKTRgwRCCB4AJ9Jn5TnYMSCmsIZPQ9qRoFMgTmthwCgjfVd
Od8e2ag436y7Mvj4V+qZxag=
=IV1/
-END PGP SIGNATURE-
___
Help us build a comprehensive ClamAV
-16 11:00:40 1ILbDc-0005xO-BP SA: Debug: check succeeded, running
spamc
2007-08-16 11:00:43 1ILbDc-0005xO-BP SA: Action: SA didn't successfully run
SA = SpamAssasin, this problem has nothing to do with clamav.
[snip]
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Cygwin
address, like SaneSecurity?
I ask because I see that your download link is a bare IP address, which you may
change as much as you want, but I would prefer to use a script with only one
address, just like I use with SaneSecurity and MSRBL.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG
, perhaps even a long command, to
do just that.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Cygwin)
iD8DBQFG//LuL3NNweKTRgwRCHfDAJ0am/E6qP1ASO9rdNkvbqlHHbBHaQCguGZq
YQZ976TMPqi5lFcYHg5jowM=
=U0Vb
-END PGP SIGNATURE
that clamscan. Remember that old_mailbox probably is a live one, so it would
better to stop receiving messages. If you want to see what was infected, just
`diff old_mailbox new_mailbox`.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Cygwin
/clamd.conf
LocalSocket /tmp/clamd.socket
- - In /etc/exim.conf
av_scanner = clamd:/tmp/clamd.socket
In your case, you have one pointing to /var/run/clamd.exim/clamd.sock, just
change the other.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Cygwin
a proper mailbox filter that
sepparates the messages and then scan them; the filter may understand other
formats, not just the flat file one -- clamscan would be playing catch with
specialized filters which is a waste of resources.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7
/support/faq/
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Cygwin)
iD8DBQFHBThuL3NNweKTRgwRCBi9AJ9ODL9lk+rPN4zVQIN0mKUgqV9cIwCgic5R
YlAaNM9HmbBeoJhxNjZ9vJg=
=6xDk
-END PGP SIGNATURE-
___
Help us build a comprehensive ClamAV
signatures; both change, daily much more often, but main does
change.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Cygwin)
iD8DBQFHBn7ML3NNweKTRgwRCNYBAJ9wY73L2cmlrGyYUuw+jyNcXYC/2gCgi00L
6NA9M+WFQw4Ox0AZvjSbrck=
=UMKv
-END PGP SIGNATURE
as they are, then you need to handle their DNS
query and configure them to use your server as their mirror. That looks like
the easy part.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Cygwin)
iD8DBQFHB2FtL3NNweKTRgwRCAqEAKCd3bS/Gjbdi4E8mf5d1089vgiYnQCfZqR9
G268aWGTcaMYF/+gu
what it referees to. Can some one point me in the right
direction?
man clamav-milter :
...
- -C DIR, --chroot=DIR
Run in chroot jail DIR.
That is your problem, clamav-milter was directed to use Nqlo as a chroot
directory.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG
have to move out of the way each
of the 3rd party databases, and see which one is the cause of the problem.
- --
René Berber
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Cygwin)
iD8DBQFHIFcTL3NNweKTRgwRCBGrAKDHqxr/i4XEXkFirlRPHEuy+TCOVACfahtV
f6Cpv/+35P1g6VgW/CT2RiE=
=maL2
-END PGP
client executes java/ecma script automatically or when the user clicks
on a button or link.
--
René Berber
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
Quỳnh H Nguyễn wrote:
[snip]
LocalSocket /tmp/clamd.socket
TCPSocket 3310
TCPAddr 127.0.0.1
[snip]
That will never work, you have to choose between using a local socket or
a tcp socket, can't have both... and clamd should be advising you with a
message to the log.
--
René Berber
-milter startup script... it shouldn't
hang, put a -x (at the end of the first line, i.e. #!/bin/sh -x) if
necessary to see what's it doing? Check the parameters --sendmail-cf
and local:/var/run/clamav/... should be the interesting ones.
--
René Berber
. The clmilter.sock probably is from an old sendmail
configuration, or you have more than one installation of sendmail.
--
René Berber
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
the answer is positive,
with the other use option, is negative.
--
René Berber
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
, cli_ctx *ctx)
--
René Berber
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
means the message should
be in that format?
--
René Berber
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
René Berber wrote:
Same result, does the html in the signature means the message should
be in that format?
Answer: Yes.
Sorry for the noise, I just re-tested and it does detect the string IFF
the message is in html AND the actual string is inside html tags.
--
René Berber
to catch up, or rebuild it with
the current clamav version.
--
René Berber
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
asked for a program
update but there is a problem with virus definition update. The little
application in the bin folder which is supposed to facilitate the def
download appears
to be faulty.
And that is a problem you should report to ClamWin's developers, not here.
--
René Berber
/share/clamav/rogue.hdb: Malformed database
No problems with 0.93.3 .
--
René Berber
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
But then testing passing a file descriptor fails... I don't think Cygwin
has that functionality, can't pass file descriptors around.
Hope this is useful.
--
René Berber
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http
not sure
it is correct, the CVE says before 1.0.5, Cygwin uses 1.0.5 .
And the gem: incompatibilties in ... compatibility layer; it is or it
isn't compatible? The Cygwin folks make an effort for being POSIX
compatible.
--
René Berber
___
Help us build
Sarocet wrote:
René Berber wrote:
serious problems ? Only problem is the test I mentioned, passing a
file descriptor is not supported under Cygwin as far as I know.
I have no cygwin experience, but Windows *does* allow passing file
descriptors to child process. Not in the same way
;
cli_ac_scanbuff;
cli_ac_freedata;
cli_ac_free;
cli_parse_add;
cli_bm_init;
cli_bm_scanbuff;
cli_bm_free;
local:
*;
};
I did not test 0.94rc1 on this system.
--
René Berber
___
Help us build a comprehensive ClamAV guide: visit http
Additional info:
gcc is version 3.4.6, ld in not GNU ld, it is Sun's version 5.9-1.378 .
In fact, ld's -M parameter seems to have different meaning, and it also
could be a bug (ld itself added the symbol twice).
--
René Berber
___
Help us build
files: 1
Time: 0.109 sec (0 m 0 s)
What is supposed to not do? Or you meant run it continuously until it
fails?
--
René Berber
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Török Edwin wrote:
[snip]
Please remove one of the 'uniq_get' entries in libclamav.map.
That worked, thanks.
--
René Berber
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
1 - 100 of 314 matches
Mail list logo