Re: [clamav-users] clamac + amavis database reload
i don't mean remote database, i mean the local # Check for new database 24 times a day Checks 24 i mean: OfficialDatabaseOnly false SelfCheck 300 It may depend on the way you reload the virus signatures. CPU and/or memory constrained systems may take several minutes before the new signatures are loaded. The default behaviour is to keep scanning with the old signatures in the mean time. Wed Nov 10 15:18:09 2021 -> SelfCheck: Database modification detected. Forcing reload. Wed Nov 10 15:18:09 2021 -> Reading databases from /var/lib/clamav Wed Nov 10 15:18:25 2021 -> Database correctly reloaded (8581056 signatures) Wed Nov 10 15:18:25 2021 -> Activating the newly loaded database... can i speed this up by reloading amavis manual? many thanks! On 11/10/21 5:01 PM, Arjen de Korte via clamav-users wrote: Citeren Philipp Ewald : if the databases from clamav has changed clam-av is reloading by himself. I have configured to check every 5 min. That's a bit excessive. The DNS record that freshclam checks has a TTL of 1800 seconds, so checking more often than every minutes is a waste of effort. Does amavis need to be reloaded too? No. i have the feeling that new "learned" virus will not be detect by amavis + clamav. after some time amavis detect this virus without doing anything. It may depend on the way you reload the virus signatures. CPU and/or memory constrained systems may take several minutes before the new signatures are loaded. The default behaviour is to keep scanning with the old signatures in the mean time. ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml -- Philipp Ewald Administrator DigiOnline GmbH, Probsteigasse 15 - 19, 50670 Köln Fax: +49 221 6500-690, E-Mail: philipp.ew...@digionline.de AG Köln HRB 27711, St.-Nr. 5215 5811 0640 Geschäftsführer: Werner Grafenhain Informationen zum Datenschutz: www.digionline.de/ds ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] clamac + amavis database reload
Hi there, if the databases from clamav has changed clam-av is reloading by himself. I have configured to check every 5 min. Does amavis need to be reloaded too? i have the feeling that new "learned" virus will not be detect by amavis + clamav. after some time amavis detect this virus without doing anything. Does this behavior changed in the last month? kind regards Philipp -- Philipp Ewald Administrator ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Authenticity token element not found
interesting: * Expire in 0 ms for 6 (transfer 0x5591a10a4710) * Expire in 1 ms for 1 (transfer 0x5591a10a4710) * Expire in 0 ms for 1 (transfer 0x5591a10a4710) * Expire in 1 ms for 1 (transfer 0x5591a10a4710) * Expire in 0 ms for 1 (transfer 0x5591a10a4710) * Expire in 0 ms for 1 (transfer 0x5591a10a4710) * Expire in 2 ms for 1 (transfer 0x5591a10a4710) * Expire in 0 ms for 1 (transfer 0x5591a10a4710) * Expire in 1 ms for 1 (transfer 0x5591a10a4710) * Expire in 4 ms for 1 (transfer 0x5591a10a4710) * Expire in 1 ms for 1 (transfer 0x5591a10a4710) * Expire in 1 ms for 1 (transfer 0x5591a10a4710) * Expire in 4 ms for 1 (transfer 0x5591a10a4710) * Expire in 2 ms for 1 (transfer 0x5591a10a4710) * Expire in 2 ms for 1 (transfer 0x5591a10a4710) * Expire in 4 ms for 1 (transfer 0x5591a10a4710) * Expire in 2 ms for 1 (transfer 0x5591a10a4710) * Expire in 2 ms for 1 (transfer 0x5591a10a4710) * Expire in 4 ms for 1 (transfer 0x5591a10a4710) * Expire in 3 ms for 1 (transfer 0x5591a10a4710) * Expire in 3 ms for 1 (transfer 0x5591a10a4710) * Expire in 4 ms for 1 (transfer 0x5591a10a4710) * Expire in 4 ms for 1 (transfer 0x5591a10a4710) * Expire in 4 ms for 1 (transfer 0x5591a10a4710) * Expire in 4 ms for 1 (transfer 0x5591a10a4710) * Expire in 4 ms for 1 (transfer 0x5591a10a4710) * Expire in 4 ms for 1 (transfer 0x5591a10a4710) * Expire in 4 ms for 1 (transfer 0x5591a10a4710) * Expire in 5 ms for 1 (transfer 0x5591a10a4710) * Expire in 5 ms for 1 (transfer 0x5591a10a4710) * Expire in 4 ms for 1 (transfer 0x5591a10a4710) * Expire in 6 ms for 1 (transfer 0x5591a10a4710) * Expire in 6 ms for 1 (transfer 0x5591a10a4710) * Expire in 8 ms for 1 (transfer 0x5591a10a4710) * Expire in 7 ms for 1 (transfer 0x5591a10a4710) * Expire in 7 ms for 1 (transfer 0x5591a10a4710) * Expire in 8 ms for 1 (transfer 0x5591a10a4710) * Expire in 8 ms for 1 (transfer 0x5591a10a4710) * Expire in 8 ms for 1 (transfer 0x5591a10a4710) * Expire in 8 ms for 1 (transfer 0x5591a10a4710) * Expire in 10 ms for 1 (transfer 0x5591a10a4710) * Expire in 10 ms for 1 (transfer 0x5591a10a4710) * Expire in 8 ms for 1 (transfer 0x5591a10a4710) * Expire in 10 ms for 1 (transfer 0x5591a10a4710) * Expire in 10 ms for 1 (transfer 0x5591a10a4710) * Expire in 16 ms for 1 (transfer 0x5591a10a4710) * Expire in 14 ms for 1 (transfer 0x5591a10a4710) * Expire in 14 ms for 1 (transfer 0x5591a10a4710) * Expire in 16 ms for 1 (transfer 0x5591a10a4710) * Expire in 14 ms for 1 (transfer 0x5591a10a4710) * Expire in 14 ms for 1 (transfer 0x5591a10a4710) * Expire in 16 ms for 1 (transfer 0x5591a10a4710) * Expire in 50 ms for 1 (transfer 0x5591a10a4710) * Expire in 50 ms for 1 (transfer 0x5591a10a4710) * Expire in 16 ms for 1 (transfer 0x5591a10a4710) * Expire in 50 ms for 1 (transfer 0x5591a10a4710) * Expire in 50 ms for 1 (transfer 0x5591a10a4710) * Expire in 32 ms for 1 (transfer 0x5591a10a4710) * Expire in 50 ms for 1 (transfer 0x5591a10a4710) * Expire in 50 ms for 1 (transfer 0x5591a10a4710) * Expire in 32 ms for 1 (transfer 0x5591a10a4710) * Expire in 50 ms for 1 (transfer 0x5591a10a4710) * Expire in 50 ms for 1 (transfer 0x5591a10a4710) * Expire in 50 ms for 1 (transfer 0x5591a10a4710) * Trying 104.16.218.84... * TCP_NODELAY set * Expire in 149921 ms for 3 (transfer 0x5591a10a4710) * Expire in 200 ms for 4 (transfer 0x5591a10a4710) * Connected to www.clamav.net (104.16.218.84) port 443 (#0) * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 * ALPN, server accepted to use http/1.1 * Server certificate: * subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.; CN=sni.cloudflaressl.com * start date: Jul 4 00:00:00 2021 GMT * expire date: Jul 3 23:59:59 2022 GMT * subjectAltName: host "www.clamav.net" matched cert's "www.clamav.net" * issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3 * SSL certificate verify ok. GET /reports/malware HTTP/1.1 Host: www.clamav.net User-Agent: ClamAV/0.103.2 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64) Accept: */* * old SSL session ID is stale, removing < HTTP/1.1 403 Forbidden < Date: Wed, 25 Aug 2021 14:27:03 GMT < Content-Type: text/html; charset=UTF-8 < Transfer-Encoding: chunked < Connection: keep-alive < Cache-Control: max-age=15 < Expires: Wed, 25 Aug 2021 14:27:18 GMT < X-Frame-Options: SAMEORIGIN < Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct; < Strict-Transport-Security: max-age=15552000 < X-Content-Type-Options: nosniff < Server: cloudflare < CF-RAY: 68457fba28cc42ee-FRA < * Connection #0 to host www.clamav.net left intact Authenticity token element not found. Why i fot a 403 Forbidden? On 8/25/21 12:53 PM, G.W. Haywood via clamav-users wrote: Hi there, On Wed, 25 Aug 2021, Philipp Ewald wrote: clamsubmit -e "..." -n "29668235ea685b3e84309b95
Re: [clamav-users] Authenticity token element not found
clamsubmit -e "philipp.ewald[at]digionline.de" -n "29668235ea685b3e84309b9585dc71e7" -N "DigiOnline" Authenticity token element not found. This is my command. Did this 100 times before, then this Error appears. On 8/24/21 5:46 PM, G.W. Haywood via clamav-users wrote: Hello again, On Tue, 24 Aug 2021, Philipp Ewald wrote: On 8/24/21 3:17 PM, G.W. Haywood via clamav-users wrote: On Tue, 24 Aug 2021, Philipp Ewald wrote: since some mount we got errors while submitting FN to clamAV. clamsubmit -e "EMAIL" -n "$virus" -N "DigiOnline" > /dev/null "Authenticity token element not found." I have found a patch that should fix this but cant find any update. What version of ClamaV are you using? we using ClamAV 0.103.2/26273/Tue Aug 24 10:21:17 2021 Please cut and paste the command (and the output which it produces) so that we can see exactly what you're doing at the command line. -- Philipp Ewald Administrator DigiOnline GmbH, Probsteigasse 15 - 19, 50670 Köln Fax: +49 221 6500-690, E-Mail: philipp.ew...@digionline.de AG Köln HRB 27711, St.-Nr. 5215 5811 0640 Geschäftsführer: Werner Grafenhain Informationen zum Datenschutz: www.digionline.de/ds ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Authenticity token element not found
we using ClamAV 0.103.2/26273/Tue Aug 24 10:21:17 2021 installed from Debian apt list clamav0.103.2+dfsg-0+deb10u1 amd64 many thanks for help! kind regards On 8/24/21 3:17 PM, G.W. Haywood via clamav-users wrote: Hi there, On Tue, 24 Aug 2021, Philipp Ewald wrote: since some mount we got errors while submitting FN to clamAV. clamsubmit -e "EMAIL" -n "$virus" -N "DigiOnline" > /dev/null "Authenticity token element not found." I have found a patch that should fix this but cant find any update. Does someone know what to do? What version of ClamaV are you using? -- Philipp Ewald Administrator DigiOnline GmbH, Probsteigasse 15 - 19, 50670 Köln Fax: +49 221 6500-690, E-Mail: philipp.ew...@digionline.de AG Köln HRB 27711, St.-Nr. 5215 5811 0640 Geschäftsführer: Werner Grafenhain Informationen zum Datenschutz: www.digionline.de/ds ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] Authenticity token element not found
Hello, since some mount we got errors while submitting FN to clamAV. clamsubmit -e "EMAIL" -n "$virus" -N "DigiOnline" > /dev/null "Authenticity token element not found." I have found a patch that should fix this but cant find any update. Does someone know what to do? Kind regards Philipp -- Philipp Ewald Administrator DigiOnline GmbH, Probsteigasse 15 - 19, 50670 Köln Fax: +49 221 6500-690, E-Mail: philipp.ew...@digionline.de AG Köln HRB 27711, St.-Nr. 5215 5811 0640 Geschäftsführer: Werner Grafenhain Informationen zum Datenschutz: www.digionline.de/ds ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
