with
clamscan. And I didn't test this with the current clamav version.
Regards,
Kees.
--
Kees Theunissen
Email: kees.theunis...@xs4all.nl
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clama
10
>ClamdSocket unix:/var/run/clamd.scan/clamd.sock
>
>Lines in /etc/clamd.d/scan.conf
>
>TCPSocket 3310
>TCPAddr 127.0.0.1
>
>Everything I've read says that as long as ClamdSocket in the
>clamav-milter.conf and INPUT_MAIL_FILTER in sendmail.mc match it should
>work.
>
le for
additional matches.
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel: +31 (0)40-3334724
Dutch Institute For Fundamental Energy Research (DIFFER)
e-mail address: c.j.theunis...@differ.nl
postal address: PO Box 6336, 5600 HH, Eindhoven, the Nethe
-version
ClamAV 0.99.4/24377/Fri Mar 9 10:13:20 2018
~$ clamscan --version
ClamAV 0.99.4/24377/Fri Mar 9 10:13:20 2018
In your case I would expect somthing like:
ClamAV clamav-0.99.4/24377/Fri Mar 9 10:13:20 2018
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel
for Clamav 0.99.3 on Slackware 14.2 doesn't require
any patches. Are you running "Slackware Current" perhaps?
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel: +31 (0)40-3334724
Dutch Institute For Fundamental Energy Research (DIFFER)
e-mail addre
munity voting" without
sharing the submitted phish samples with the/some "community"?
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel: +31 (0)40-3334724
Dutch Institute For Fundamental Energy Research (DIFFER)
email address:c.j.theunis...@diffe
On Fri, 26 Jan 2018, Matus UHLAR - fantomas wrote:
> On 26.01.18 13:09, Kees Theunissen wrote:
>> On Fri, 26 Jan 2018, Al Varnell wrote:
>>
>>> If you can't revert to daily 24255 then disable daily.cld until you know
>>> it's
>>> fixed.
>&
.2 on two mail servers (debian 9, with
sendmail / MimeDefang / SpamAssassing /ClamAv) and a
workstation (slackware 14.2) without any problem.
I'm currently running daily 24257. But 24256 ran without
problems too.
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network mana
des
+ clamscan -r --suppress-ok-results --bell
--exclude=expression_to_exclude_some_files --exclude=exclude_more_files
--exclude-dir=some_directory /home
^C (scan aborted, it takes way too much time)
kees@ithmar:~$ set +x
+ set +x
Regards,
Kees Theunissen.
--
Kees Theunissen, System and net
w tests some time ago. The encryption/protection
is implemented by microsoft as a internal format somewhere in
the office document structure, _not_ as a encrypted zip file.
So ArchiveblockEncrypted won't block encrypted Word documents.
Regards,
Kees Theunissen.
--
Kees Theunissen, Syst
in.Trojan.Xored-1 FOUND
--- SCAN SUMMARY ---
Known viruses: 6525318
Engine version: 0.99
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.16 MB
Data read: 0.10 MB (ratio 1.68:1)
Time: 7.986 sec (0 m 7 s)
Regards,
Kees Theunissen.
--
Kees Theunissen, S
On Wed, 13 Sep 2017, Kees Theunissen wrote:
>On Wed, 13 Sep 2017, lukn wrote:
>
>>Hello List
>>
>>Same here, I do see FPs with
>>BC.Win.Exploit.CVE_2017_11244-6335828-0
>>hitting legitimate corporate files (so no submission possible from me
>>either
an outbound e-mail from one of our users.
That was probably a FP too.
I didn't see the attachment myself so I'm not sure that it was
a FP. I asked the user if the file was confidential and if I could
get a copy of the file for inspection and submission of a FP-report.
He didn't answer
On Fri, 4 Aug 2017, Jan-Peter Rühmann wrote:
>But there is no such Package as libclamunrar6.
On debian 8 or 9 (with clamav 0.99.2) the package is called:
libclamunrar7.
I guess that name is also used on Ubunto.
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network mana
anned a subfile boundary
and was split over two subfiles.
Groeten,
Kees.
--
Kees Theunissen, Systeem- en netwerkbeheerder, Tel: 040-3334724
Dutch Institute For Fundamental Energy Research (DIFFER)
e-mailadres: c.j.theunis...@differ.nl
postadres: Postbus 6336, 5600 HH, Eindhoven
bezoekersa
e timestamp is not the "Date:" header from the message but the
time of the delivery attempt at my mail server.
Looks like this was the message that Reindl Harald replied to
with his last message in the thread: "clamdscan mail file".
This should be sufficient information to loca
file. I would assume clamdscan would spawn another clamd
>with the new option file. Is this not the case? Will the currently running
>clamd
>be used regardless of the --config-file parameter?
Clamdscan will connect to the socket specified in the config file and
hence to the right de
olicy-eol
Quote from that page: "Before releasing a CVD update, we verify that it
can be correctly loaded by the latest two major releases of ClamAV and
all the minor versions released after each of them"
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel
russcanner is
running without unrar support.
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel: +31 (0)40-3334724
Dutch Institute For Fundamental Energy Research (DIFFER)
e-mail address: c.j.theunis...@differ.nl
postal address: PO Box 6336, 5600 HH, Eindhoven, th
scratch area located on a ram disk (tmpfs filesystem) with
limited size?
The error might have been caused by the concurrent handling of several
large messages or compressed attachments that expand to many and/or
large files. Do your logs show such events?
Regards,
Kees Theunissen.
--
Kees The
e
"non-free" section of the repository. The clamav package doesn't even
mention libclamunrar6 as a dependency or a recommended package.
I guess that a formal dependancy on the non-free "libclamunrar6"
package would have made clamav "non-free" too.
I didn't check ubu
ctecd by my filter. The log shows:
"Messsage rejected because of virus Heuristics.Phishing.Email.SpoofedDomain."
It triggered most likely on the URL's in your messages.
That probably also happened with your copies.
Time to whitelist the list server I guess.
Regards,
Kees Theuniss
x27;t see this before. I noticed this yesterday
when I had update problems.
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel: +31 (0)30 6096724
Dutch Institute For Fundamental Energy Research (DIFFER)
e-mail address: c.j.theunis...@differ.nl
postal address:
unless you can flush your resolver casches).
Shouldn't the TTL be reduceced to something like 900 seconds?
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel: +31 (0)30 6096724
Dutch Institute For Fundamental Energy Research (DIFFER)
e-mail address: c.j.theunis...@
24 matches
Mail list logo