On Fri, Sep 14, 2012 at 5:59 AM, Siranjeevi siranjee...@gmail.com wrote:
I changed the items in clamd.conf
MaxScanSize = 157286400
MaxFileSize = 104857600
But Still, the changes are not reflected in clamscan. I couldn't scan
large files which is of 75MB in size.
Did you mean clamdscan?
On Tue, Jan 17, 2012 at 6:25 PM, David Kentwood
david.kentw...@gmail.com wrote:
Sorry i am not experienced with exim configuration. When you say reject at
SMTP time, does adding the following to exim.conf suffice?
check_message:
deny message = This message contains malformed MIME
On Thu, Jan 19, 2012 at 8:09 AM, David Kentwood
david.kentw...@gmail.com wrote:
That's a neater solution than what I found. Thanks.
Just wondering, how do you set variables such as $malware_name? or are the
variables automatically set by Exim or by the ClamAV?
You'll want to read through the
Hi all, I'm having issues with clamav 0.96.1 where freshclam running
in daemon mode is growing very large. Here are the results of ps aux
on some different machines:
smtp1 (i386) :
clamav4005 2.2 18.8 394008 390868 ? Ss Jun09 88:31
freshclam --daemon
smtp2 (i386) :
clamav4023
On Tue, Jan 26, 2010 at 5:19 PM, Rob Jennings rjenni...@cape.k12.de.us wrote:
I work for a school district and our new xserves have just been updated to
the 10.6 server operating system. The problem I am experiencing on all 4 of
these servers which are in different schools is the same. The
On Thu, Jan 7, 2010 at 6:31 AM, Noah Sheppard nls...@gmail.com wrote:
I'm running postfix-2.3.3 with clamav-milter-0.95.3 (and therefore
clamd-0.95.3). Postfix is running as user postfix. OS is RHEL5,
x86_64.
When I start clamd, it creates clamd.sock like so:
$ ls -l
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Jul 11, 2008 at 04:20:21PM +0200, shuttlebox wrote:
X-Virus-Scanned: Debian amavisd-new at tad.clamav.net
just found this in the headers of this mailing list :(
honestly expect others to. This just means they are using clamav on their
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Just reporting to the ClamAV team:
I have repeatedly been getting failures downloading cdiffs from one
particular mirror:
WARNING: getpatch: Can't download daily-7359.cdiff from db.us.clamav.net
WARNING: getfile: daily-7359.cdiff not found on remote
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Apr 17, 2008 at 12:03:42PM -0400, Jerry Ferguson wrote:
Problem: clamav-milter loads and immediately terminates
You gave lots of good build information, but didn't say how you were
calling the milter itself. To give you something to compare
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Apr 06, 2008 at 12:18:22PM +0200, Robert Schetterer wrote:
since yesterday update two older files on my sharedweb where marked as virus
Submission-ID: 2142059
Sender: Virus Total
Submission notes: Signature by Michael Cichosz
Added:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Jan 09, 2008 at 11:14:33AM +0200, Jean Jacques Siebrits wrote:
Hey all
As soon as I try and run my companies custom configuration for ClamAV (After
extracted) it gives me this error message and configuration stops:
checking how to run the C
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Nov 01, 2007 at 08:02:58AM -0600, Milton Calnek wrote:
With no other options, this smells like selinux.
I second that.
Yah... I'm a die hard RedHat fan... but I haven't had time to explore
selinux, so when I build a system, I turn it off.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Oct 31, 2007 at 11:33:17AM -0600, Milton Calnek wrote:
[EMAIL PROTECTED] ~]# host -t txt current.cvd.clamav.net
current.cvd.clamav.net descriptive text 0.91.2:44:4641:1193798066:1
[EMAIL PROTECTED] ~]# host db.ca.clamav.net
db.ca.clamav.net
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Oct 21, 2007 at 08:50:17AM -0700, P T wrote:
I downloaded clam av from the clam av site. However when I check the
signature I get that basically it isn't a trusted signature. How am I doing
this wrong?
# to get the key
gpg --keyserver
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Sep 30, 2007 at 02:03:10PM -0500, René Berber wrote:
information from ClamScan about which email contains the hit? Is there a way
to have the line number of the hit spit out? Or the signature that was
matched revealed?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Aug 14, 2007 at 03:18:42PM -0600, Joshua Rubin wrote:
Tue Aug 14 15:08:40 2007 - No stats for Database check - forcing reload
Tue Aug 14 15:08:40 2007 - Reading databases from /var/share/clamav
Tue Aug 14 15:09:16 2007 - Database correctly
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, Jul 16, 2007 at 11:49:15AM -0600, Gary V wrote:
Looks like I can no longer resolve (from a couple different networks):
www.sanesecurity.co.uk
This is from Savvis networks:
sanesecurity.co.uk. 172800 IN NS ns1129.dizinc.com.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Jul 05, 2007 at 07:12:21AM -0700, Thomas Spuhler wrote:
..there is a problem with in CPU or in clamscan ?
use clamdscan instead
Why continuing with this answer. Clamdscan takes 50% of the time of clamscan
and that still much to slow.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, May 30, 2007 at 04:28:03PM +0200, Salvatore wrote:
Hi, in my clamav.spec I have:
%files
%defattr(0644,root,root,0755)
%doc AUTHORS BUGS COPYING ChangeLog FAQ INSTALL NEWS README TODO
%doc docs/*.pdf docs/html/ test/ RPM-clamav.txt
#%lang(de)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, May 30, 2007 at 05:43:59PM +0200, Salvatore wrote:
..sorry but I don't have understood, what I must modify in clamav.spec ? or
pheraps I must send to ml other information about my clamav.spec ?
thanks.
In your first email, you pasted some
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, May 28, 2007 at 10:01:49PM +0200, gianni sissa wrote:
Hi,
I'm a qmail/qmailscan/clam user. I upgraded clam (version 0.90.1) on
three different servers, and in two cases I had to downgrade to te
previous version due to an error:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Apr 27, 2007 at 05:49:35PM +0500, Sergey wrote:
Can you check the application/system logs for any problems with running
out of file descriptors, too many open files, or the like??
Yes, I have not found problems. messages has only 2166
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Apr 26, 2007 at 07:56:10AM -0500, Dave Dumbeck wrote:
I have a problem with clamav-milter. It is working short time before
going to error state.
Let's check your virus database to see if it's in the range of
acceptability. Does your number
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Apr 26, 2007 at 06:28:28PM +0500, Sergey wrote:
Apr 26 16:50:27 mx1 sendmail[27486]: l3QBnJ1T027486: Milter add:
header: X-Virus-Scanned: ClamAV version 0.90.2,
It was working before 16:50:27, but is not working after 16:51:22 in
this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Apr 26, 2007 at 08:15:00PM +0500, Sergey wrote:
On Thursday 26 April 2007, Todd Lyons wrote:
Apr 26 16:51:22 mx1 clamav-milter[30280]: Temporary quarantine file
/tmp/clamav-db5fe7f81e62a48f8c91bcf1d09e2d57/msg.80JZZY creation
failed
Show
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Mar 29, 2007 at 11:13:11AM +0200, Greg McCarthy wrote:
Now to my question :) Does anyone have a script or know how I can
monitor the clamav milter so if it ever dies again I get an email
alert, or the script can even restart the milter.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Mar 15, 2007 at 07:11:20PM -0400, John Fleming wrote:
- And the clamav log is free of errors and indicated that the database is
updated appropriately and clamd is being notified of changes.
OK, clamav is finding viruses again, but they are
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Mar 08, 2007 at 12:51:36AM +0800, Awie wrote:
Yes, seems the message was coming from Qmail-Scanner. But the Clamd consume
a lot of CPU resource.
I upgraded the new version for 11 servers. All servers have same
configuration (setting) and but
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey, who's the guy who maintains the phishing sigs? They hacked my
webserver and sent out spams with a url that pointed to my webserver.
If you want the URL, email me offlist and I'll give it to you (want to
keep it out of the ML archives).
- --
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Jan 17, 2007 at 08:49:14AM -0500, Edward Dam wrote:
Thanks again for all your help. Maybe once clamAV matures, it will be a
better fit for my needs, but until then I need to remove it, as it's the
cause of my headaches.
I would disagree on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Jan 17, 2007 at 03:34:01AM +0100, Sander Holthaus wrote:
a very basic perl script which opens a listening socket and a shell? I
found it after a hacker tried to gain entry. The script is nothing
special (far from, 612 bytes) but I doubt
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Jan 17, 2007 at 10:54:53AM -0500, Edward Dam wrote:
Tue Jan 16 22:40:09 2007 - SelfCheck: Database status OK. Reloading
anyway.
Tue Jan 16 22:40:09 2007 - Reading databases from /var/clamav
Tue Jan 16 22:40:09 2007 -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Jan 02, 2007 at 10:41:21AM -0500, Ben Wilson wrote:
LibClamAV Error: Cannot close file /tmp/clamav-29cad58e042679e3/main.fp.
cli_untgz: No space left on device
LibClamAV Error: cli_cvdload(): Can't unpack CVD file.
LibClamAV Error: Can't load
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Nov 28, 2006 at 05:55:44PM -0300, René Bellora wrote:
this could be circumvented with xargs:
cd /tmp/clamscan
find . -type f -print0 | xargs -0 clamscan
If clamscan is complaining about a too long commandline with *, then
this will give him
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Nov 28, 2006 at 07:27:57PM -0300, René Bellora wrote:
find . -type f -print0 | xargs -0 clamscan
If clamscan is complaining about a too long commandline with *, then
this will give him the same error.
no, it won't. The xargs command knows the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Nov 17, 2006 at 04:04:46PM -0600, [EMAIL PROTECTED] wrote:
When attempting the rpm -Uvh command using both rpm packages together
(i.e. clamav and clamav-db) I get dependencies back to the previous
packages.
You have to upgrade all three
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Sep 20, 2006 at 05:04:41PM +0200, Jona Tallieu (T T NV) wrote:
configure: WARNING: ** GNU MP 2 or newer NOT FOUND - digital
signature support will be disabled !
I tried re-installing GMP, but still get the error.
Anyone any idea what
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Sep 05, 2006 at 08:57:25AM +0300, nikos wrote:
Yesterday seemed that clamav-milter blocked sendmail and we couldn't send
any mails.
I receive the next message:
Sep 4 17:41:36 server clamav-milter[24326]: hit max-children limit (5 =
5):
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Sep 06, 2006 at 09:44:01PM +0200, [EMAIL PROTECTED] wrote:
I do think that there is too much of a danger of denial of service attacks
or mail failure due to the milter crashing if you scan your mail during
the SMTP phase. I have regularly
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Aug 31, 2006 at 01:13:21AM +0100, Stephen Gran wrote:
It tries to run:
It should be running:
-AC_CHECK_HEADER(resolv.h,[FRESHCLAM_LIBS=$FRESHCLAM_LIBS $resolv_lib;
AC_DEFINE(HAVE_RESOLV_H,1,have resolv.h)], AC_MSG_WARN([** DNS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Aug 29, 2006 at 12:31:44PM -0700, .rp wrote:
INPUT_MAIL_FILTER(`clamav',`S=unix:/var/run/clamav/clmilter.sock,
F=T, T=S:4m;R:4m')dnl
You use clamav as the milter? Is this better than using clamav-milter as the
milter?
It's just a name.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Aug 30, 2006 at 09:32:18PM +0200, [EMAIL PROTECTED] wrote:
oh well - i for one am too stupid to work with cvs code:
__cut__
clamav-milter.o(.text+0x81f1): In function `main':
: undefined reference to `__res_query'
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Aug 30, 2006 at 10:22:06PM +0200, [EMAIL PROTECTED] wrote:
btw: ./configure make is working here, too; the --enable-milter part
is giving me difficulties...
Yeah, I got the error too. I poked at it for a bit, but I didn't get
any further
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Aug 03, 2006 at 06:09:25PM -0500, Chris wrote:
I was looking at my clamav stats file and noticed that it kept giving me the
same amount of virus's detected as of 1 Aug. Looking at
my /var/log/clamav/clamd.log I noticed that it quit logging
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, May 24, 2006 at 11:33:31AM +0200, Egoitz Aurrekoetxea wrote:
Im quite worried about that because in FAQ tells if it happens only
once to ignore it but when it happens often
what should I do? I use my
isp dns servers so no dns caching or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Apr 14, 2006 at 07:20:28PM -0700, Dennis Peterson wrote:
You need to uninstall all the packages and build from source. And before
Before I begin, let me first say that if the guy is proficient and
comfortable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Mar 22, 2006 at 09:06:05PM +0200, Panagiotis Christias wrote:
we tried to run clamav-milter without the quarantine option:
clamav-milter -enNqd -m 150 -U /var/tmp/clamav
Now some of the messages that exceed the StreamMaxLength linger
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Mar 21, 2006 at 02:25:11AM +0200, Panagiotis Christias wrote:
we tried to run clamav-milter without the quarantine option:
clamav-milter -enNqd -m 150 -U /var/tmp/clamav
Now some of the messages that exceed the StreamMaxLength linger
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Mar 12, 2006 at 02:53:21PM +0100, MP wrote:
ok, that's fine, so when I need to scan a directory, I'll use clamdscan
in the future.
Point to note: the clamd daemon by default changes user when it starts
from root down to a regular user,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Feb 08, 2006 at 10:35:01PM +, Brian Morrison wrote:
Dig doesn't seem to have any trouble getting a record,
date/time on my server is correct.
% dig current.cvd.clamav.net txt
;; ANSWER SECTION:
current.cvd.clamav.net.
592 IN
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Jan 24, 2006 at 08:49:03PM +, Steve Basford wrote:
Note 2: Use the unofficial phish.ndb at your own risk.
Any reason to call it phish.ndb instead of phish.db? Just a way to make
automating it easier?
- --
Regards... Todd
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Jan 25, 2006 at 06:40:37PM +, Steve Basford wrote:
If you look at Section 3.3 (Basic Signature format) you'll see that
these databases are .db format, which
doesn't have a html type, it looks for matches in ALL file types, which
I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, Jan 23, 2006 at 02:12:44PM +, Nigel Horne wrote:
Dec 7 11:54:46 lionhead sendmail[13045]: jB7Askgv013045: SYSERR(root):
out of memory: Cannot allocate memory
ClamAv is configured in sendmail.mc as:
INPUT_MAIL_FILTER(`clamav',
G.W. Haywood wanted us to know:
And you're not nervous about running a Linux distro that old?
That would make *me* very nervous.
Do _everyone_ a favour and install a more recent distro.
Old distros are ok under controlled circumstances.
1) Firewall all listening ports to the Internet except the
Grant Basson wanted us to know:
Should you ever come back to visit this list you'll learn that everything
you need to know about this can be found in your clamd.conf file. That
leaves for you the challenge of finding that clamd.conf file.
I feel like a twit, but here goes anyway.
How the heck do
Shaun Bügler - Hetzner wanted us to know:
Any suggestions besides fix the php code ?
Run it manually and do an lsof on it to see what files it has open.
Run it manually and do an strace on it to see what the heck it's doing.
Run it manually and do whatever you gotta do to figure out where this
Joanna Roman wanted us to know:
I believe timestamps are stored internally in
seconds-since-the-epoch. So whatever your ls -l
command says in your time zone, that's the correct
time.
No, I believe you are incorrect. I am talking about
the timestamp stored in each main.cvd and daily.cvd's
Daniel Mons wanted us to know:
In Debian at a command prompt: /etc/init.d/clamav-freshclam start
In Gentoo at a command prompt: /etc/init.d/clamd start
...etc. From memory, Fedora puts these sorts of things in /etc/rc.d/init.d
or something like that.
We can actually standardize a bit here
Sergey wanted us to know:
Hello.
Why subj ? should the clamav-milter write to clamd.log ?
Normally you would write to its own log file. Make it log to
/var/log/clamav/clamav-milter.log and your permission problem should go
away.
--
Regards... Todd
OS X: We've been fighting the
Mark wanted us to know:
... The result is processes that hang forever
on our system. We have a cronjob that does a
killall -HUP sendmail every 2 hours.
that clears out those hanging processes.
That seems a bit crude. :) I wrote a cronjob like that, in Perl; but,
based on 'ps' output, it only
R. Steven Rainwater wanted us to know:
Thanks Todd, this was the first thing I've tried that helped. Prior to
0.87, we were running max children at 25 and never had problems. I
bumped it up to 40 now and that seems to have helped somewhat. We're
still getting a couple of the error messages in the
[EMAIL PROTECTED] wanted us to know:
R. Steven Rainwater wrote:
Update. I tried changing -T=0 to --timeout=0 as one person suggested
but it had no effect. For the moment, I've added a chron job that
restarts clamav-milter hourly, which is at least keeping the mail
flowing for now. If I can't
R. Steven Rainwater wanted us to know:
Have you tried running clamd and using --external on clamav-milter?
Just tried it. Already had two more crashes in less than 10 minutes!
:-( Both were of the write(A) return -1, expected 5: Broken pipe
variety, if that means anything.
Pick up the max
Michal Kochanowicz wanted us to know:
A user forwarded an email with worm to me. This email passed our
clamav on 2005.09.20 22:10:41 CEST. When I checked forwarded email with
clamscan around 2005.09.21 10:00:00 CEST it correctly detected
Worm.Bagle.Gen-5.
Between an original email and my test
Chris wanted us to know:
${LOGFILE}, and running service freshclam start from the cli resulted in
the process starting Starting Clam AntiVirus Update Daemon: but the 'ok'
was not given. My guess is because of the sleep variable. Tried after the
Try restart. If it was already running, then
Brian Morrison wanted us to know:
And it would be nice to obtain the currently loaded database from the
daemon without having to parse the log files.
clamscan -V
That's not what he's asking. That only tells you what version of the
database clamscan finds and loads when you run it. That
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Stephen Gran wanted us to know:
However, the VERSION command and clamdscan -V report the new database
version immediately after putting the new databases in place.
Both do indeed scan the on disk databases for version information.
Verified here
Nigel Horne wanted us to know:
This is a feature request. The first line in the log carries a lot of
useful information, almost everything. Would it be possible to also
include the sender's IP address? It would save us a few lines of
scripting when analyzing the logs.
Given the number of
Ken Goods wanted us to know:
Niek wrote:
On 6/16/2005 8:04 PM +0200, Ken Goods wrote:
So you're saying these are MailScanner generated messages?
That should tell you enough, or did you pay for clamav ?
Niek Baakman
___
Odhiambo Washington wanted us to know:
Please, set the Debug flag in your clamd.conf, rescan the sample, and send
us the logs.
I cannot do that on the box where this phenomena is manifesting itself
because it's a production box, processing large volumes of mail. I'll
Very quickly, do these:
Jim Popovitch wanted us to know:
should be doing for the masses. I'll shutup now since it is all too
apparent that ppl think I came here to get individual assistance in
solving a problem rather than to identify a potential oversight in
clamav.
Don't take it personally until an actual developer
Odhiambo Washington wanted us to know:
Someone said I have disabled ScanPE, which is correct. It's apparent
that this was a major factor. It also appears that restarting clamd
was necessary. I however don't understand why it should be, since
freshclam does notify it...
Notify it of a new
Damian Menscher wanted us to know:
On Fri, 27 May 2005, lattera wrote:
can't use strace, because I don't know the email that is making it
hang. that is why I need to use gdb, so I can look through the
stack/heap for the email...
You're saying it's hung, taking 100% of CPU. So just use top to
haplopelma lividum wanted us to know:
my system is rh7.3 clamd + clamav-milter v.0.85.1 and i have a little
problem. when i execute service clamav-milter stop system is
answering ok, but don't delete clmilter.sock. so when i execute
service clamav-milter start system get error.
what
haplopelma lividum wanted us to know:
my system is rh7.3 clamd + clamav-milter v.0.85.1 and i have a little
problem. when i execute service clamav-milter stop system is
answering ok, but don't delete clmilter.sock. so when i execute
service clamav-milter start system get error.
what
Souza Simbota wanted us to know:
checking for curl = 7.10.0... FAILED
configure: WARNING: curl-config was not found
Install curl-devel
checking for mi_stop in -lmilter... no
checking for library containing strlcpy... no
checking for mi_stop in -lmilter... no
configure: error: Cannot find
Installing clamav-0.85.1 (custom rpms) onto a CentOS 4.0 box. I'm
modeling the configs after our production systems which are Gentoo boxen
and running fine.
When I try to start the milter, I get an error:
[EMAIL PROTECTED] mail]# clamav-milter --max-children=100 --quiet --force-scan
Matt Fretwell wanted us to know:
clamav-milter: (-q !LogSyslog): warning - all interception message
methods are off
/var/log/clamav/clamav.log: Permission denied
Well, duh. The clamd daemon has that file open, so clamav-milter can't
open it. Can someone tell me how to tell the
Matt Fretwell wanted us to know:
as it is harder to scan those messages for viruses
Nonsense. Mail is mail. If you are running a mailserver, it should be
able to cope with all types of mail, irrelevant of (creation|submission)
method.
Nonsense. A user clicks on a webmail message, opens the
Chris de Vidal wanted us to know:
Is our situation that foreign? I was half expecting someone to tell me
We have a 5TB FTP server and can scan it all under 40 minutes with .25
extra load average! You just have to do this...
Most people with stuff that large have a three teir system:
1) AV
[EMAIL PROTECTED] wanted us to know:
Hello
Please, we have seen this in one of our servers:
qscand 20687 13.4 0.0 19528 936 ?RApr13 389:37
/usr/local/clamav/bin/clamscan --verbose --debug
/var/spool/qmailscan/tmp/servername111342211948731875
Turn off --debug.
Any one have seen
Julian Mehnle wanted us to know:
| To those of you who argue that ClamAV should detect phishing attacks
| even though tools like SpamAssassin are designed and inherently better
Perhaps marketing speak would better suit you. McAffee detects phishing
emails. What better way to give *ALL* AV
[EMAIL PROTECTED] wanted us to know:
Dennis Peterson wrote:
It is frequently most efficient to test for spam content prior to scanning
for viruses - there is no point in virus scanning a file if it has
failed a spam content test. That's more than you asked but not bad to
know.
The reverse is
Dennis Peterson wanted us to know:
Of the two processes (spam scanning and virus scanning), spam scanning is
more resource-intensive (at least the way I do it) - so I virus scan
first, and spam-scan second.
Interesting - that is exactly the opposite of my experiences so I'm
interested in
[EMAIL PROTECTED] wanted us to know:
When a milter is configured to reject at the SMTP level, it never gets
to the second milter in the chain. So if clamav-milter detects a
virus, the CPU intensive content scanning process never sees the
message (hence much lower load).
Your site policies
[EMAIL PROTECTED] wanted us to know:
Yes, it will (already supported in CVS).
this is ridiculous. my clamd system is now broken due to these changes that
are being propogated. i'm running the current .83 release. you should at
S60clamd start
LibClamAV Error: Wrote 0 instead of 512
Junior wanted us to know:
/usr/local/sbin/clamav-milter -dlDo --max-children=2
Try setting --max-children to something like 20 or 40.
--
Regards... Todd
We should not be building surveillance technology into standards.
Law enforcement was not supposed to be easy. Where it is
ladha wanted us to know:
My /etc/logrotate.conf is :
snip
logrotate also supports the /etc/logrotate.d/* files for packages to
easily add/remove logrotate support for their logrotations needed.
Here's how I do mine:
smtp1 root # cat /etc/logrotate.d/clamav /etc/logrotate.d/freshclam
René Berber wanted us to know:
I agree with this, the log shows two different processes running, both
as daemon.
Could the start script run freshclam twice?
No, when he upgraded from 0.81 to 0.83, it looks like the old process
was never killed. It happily kept running.
--
Regards...
Mark wanted us to know:
Yesterday, I subjected ClamAV to a very rigorous, final
stress test. I let it scan roughly 20,000 news spool files,
and opened an individual connection for each file (not very
efficient, of course, but good to get massive concurrency;
especially since I ran 5 simultaneous
Mal Herring wanted us to know:
Hello ClamAV-Users,
I am running Clam on a Gentoo box, However the latest version is not yet
in Portage...
Does anyone know how much of a mission it would be to un-merge my
current .80 version and install the latest from source ?
emerge --unmerge clamav
tar -zxvf
Phil Endecott wanted us to know:
IMO, blacklists are crap, don't use them. There are better ways to
avoid spam.
Those of us in operational contexts who block 60%+ of inbound mail for
being spam would beg to differ with you. Known spam supporting
operations should be spanked for allowing
Jay Lee wanted us to know:
Tinus Nijmeijers said:
any traffic coming into the internal interface on port 25 where
src!=mailserver gets redirected to the mailserver.
Your external interface does come into the picture.
Yes, and in order for my mail server to accept the mail from
[EMAIL
[EMAIL PROTECTED] wanted us to know:
I am running Qmail+Qmail-Scanner+ClamAV on a FreeBSD 5.3 machine and
followed the qmailrocks.org directions to the tee. When running
Unless it's been fixed recently, that howto tells you to have clamdscan
symlinked to clamscan. That's a very inefficient
R Jansen wanted us to know:
I'm beginning to think that's the problem. It's a PIII 450 MHz machine with
384MB RAM. Like said the avarage rate was about 50 infected mails a day.
Really easy fix here for resource shortages, add another 256 or 512 Megs
of RAM.
But now the bsmtp server of the ISP
Brian Morrison wanted us to know:
If you do ls -l in /tmp you'll be able to see the socket if it exists.
And check the permissions on /tmp from /, it needs to be 666 I think.
Most people use mode 1777 for /tmp directory.
--
Regards... Todd
OS X: We've been fighting the It's a mac
ed wanted us to know:
Can you state what you did in both cases, I had to modify the headers to
get past curl include.. but that didn't get me a build.
There are some environment variable that you can set to specify
arguments to gcc, such as additional include paths and additional
library paths.
Jan Pieter Cornet wanted us to know:
What I find really odd is your complete lack of Worm.Sober-I. Our stats for
Thu Dec 2:
Good point. I had totally missed that too.
Top-5:
W32/Sober-I : 1078544
W32/Netsky-P: 57920
That's a pretty big difference, seems more like an internal
David Green wanted us to know:
Subject: Cron [EMAIL PROTECTED] /usr/local/bin/freshclam --quiet
Maybe it's setup in a user crontab:
su - pop3
crontab -l
--
Regards... Todd
We should not be building surveillance technology into standards.
Law enforcement was not supposed to be
Ing. Mónico Briseño C. wanted us to know:
Add the following line with the command Cron
43 2,4,6,8,10,12,14,16,18,20,22 * * * root /root/updateclam
You can change the long list to */2 and get the same thing.
Fourth step
Re start the sendmail service and taste the clamAV with the Netsky virus.
1 - 100 of 196 matches
Mail list logo
