On Wed, 2004-12-01 at 20:37 +0100, Gianmarco Giovannelli wrote:
At 20.17 01/12/2004, you wrote:
Gianmarco Giovannelli wrote:
I know, but what if I want to consider them by default undesiderable ?
I think clamav-milter should do the job quite easily.
If it found such attachment it
Gianmarco Giovannelli wrote:
But you have the PIF in quarantine anyway. Couldn't you save CPU by
PIF-blocking the attachment, then scanning it later (during off-peak
hours, or in a nice process) to find out what virus it was?
This is not to be happened, usually you block in advance such
At 14.22 02/12/2004, you wrote:
ok, I know this, I am using noattach right now, that is doing his job
quite
well.
I am only trying to understand if it is possible to do with a single
program (clamav-milter) the job of two programs (clamav-milter and
noattach).
I think that would be a bad
Gianmarco Giovannelli wrote:
At 16.22 29/11/2004, you wrote:
On Thu, 2004-11-25 at 13:00, Gareth Blades wrote:
I am running Suse Openexchange - Amavis (clamd) - Postfix.
Mine lets through 24, 25, 27.
In my configuration:
FreeBSD, sendmail-milter, noattach, clamav-milter 0.80j I got no virus
And now a wish:
Is possible to implement in clamav-milter or clamd itself the
possibility to define a list of suffix I'd like to consider as:
UNAUTHORIZED ATTACH TYPE
That is not the job of a virus-scanner, it's the job of a content-
filter.
-Nigel
At 12.08 01/12/2004, you wrote:
And now a wish:
Is possible to implement in clamav-milter or clamd itself the
possibility to define a list of suffix I'd like to consider as:
UNAUTHORIZED ATTACH TYPE
That is not the job of a virus-scanner, it's the job of a content-
filter.
I know, but what if
Gianmarco Giovannelli wrote:
I know, but what if I want to consider them by default undesiderable ?
I think clamav-milter should do the job quite easily.
If it found such attachment it threat like a virus name :
UNAUTHORIZED ATTACH TYPE
Stop... :-)
That is what a content filter is for.
-Original Message-
At 12.08 01/12/2004, you wrote:
And now a wish:
Is possible to implement in clamav-milter or clamd itself the
possibility to define a list of suffix I'd like to consider as:
UNAUTHORIZED ATTACH TYPE
That is not the job of a virus-scanner, it's the job of a
At 20.17 01/12/2004, you wrote:
Gianmarco Giovannelli wrote:
I know, but what if I want to consider them by default undesiderable ?
I think clamav-milter should do the job quite easily.
If it found such attachment it threat like a virus name :
UNAUTHORIZED ATTACH TYPE
Stop... :-)
That is
I am only trying to understand if it is possible to do with a single
program (clamav-milter) the job of two programs (clamav-milter
and noattach).
Ideally, you wouldn't be using clamav-milter; you'd be using a milter that
does content filtering (amavis?), and as part of that content filtering,
Gianmarco Giovannelli wrote:
UNAUTHORIZED ATTACH TYPE
Stop... :-)
Do you think the idea is wrong ? In this way, as I said, you could
also lower the cpu load on the antivir box (you discard without check)
and you could fight better the new virus (If my sig doesn't detect,
probably the attach
Jason Haar wrote:
However, a lot of sites complained. They actually looked at the logs and
they didn't like seeing that 44% of their quarantine events were PIF
blocked - they wanted to know WHAT VIRUS IT WAS.
But you have the PIF in quarantine anyway. Couldn't you save CPU by
PIF-blocking
At 22.24 01/12/2004, you wrote:
Jason Haar wrote:
However, a lot of sites complained. They actually looked at the logs and
they didn't like seeing that 44% of their quarantine events were PIF
blocked - they wanted to know WHAT VIRUS IT WAS.
But you have the PIF in quarantine anyway. Couldn't
At 16.22 29/11/2004, you wrote:
On Thu, 2004-11-25 at 13:00, Gareth Blades wrote:
I am running Suse Openexchange - Amavis (clamd) - Postfix.
Mine lets through 24, 25, 27.
In my configuration:
FreeBSD, sendmail-milter, noattach, clamav-milter 0.80j I got no virus at
all...
Clamav got and
Upgrading to latest version of Mimedefang helped me.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Meni Shapiro
Sent: Thursday, November 25, 2004 6:36 AM
To: ClamAV users ML
Subject: Re: [Clamav-users] Virus Tests from www.testvirus.org
Philip
On Thu, 2004-11-25 at 13:00, Gareth Blades wrote:
I am running Suse Openexchange - Amavis (clamd) - Postfix.
Mine lets through 24, 25, 27.
Number 8 was blocked by file type but not detected by a virus.
For 24 25 as they are not a virus I need to look at the amavis
configuration I guess.
On Thursday 25 Nov 2004 04:16, Philip Ershler wrote:
I am running the .80 release. Tonight I ran the current set of tests
from www.testvirus.org.
Tests 4,5,7,8,17, and 19 got through. Any idea what's going on. The
last time I ran this suite of
tests on the .75 release, I seem to recall it
Philip Ershler wrote:
I am running the .80 release. Tonight I ran the current set of tests
from www.testvirus.org.
Tests 4,5,7,8,17, and 19 got through. Any idea what's going on. The last
I'm running v 0.80 and made the test which let through:
5,8,22,23,25
did i miss any thing?
my server is:
)
- Original Message -
From: Nigel Horne [EMAIL PROTECTED]
To: ClamAV users ML [EMAIL PROTECTED]
Sent: Thursday, November 25, 2004 10:35 AM
Subject: Re: [Clamav-users] Virus Tests from www.testvirus.org
On Thursday 25 Nov 2004 04:16, Philip Ershler wrote:
I am running the .80 release. Tonight I ran
On Thu, 2004-11-25 at 12:35, Meni Shapiro wrote:
Philip Ershler wrote:
I am running the .80 release. Tonight I ran the current set of tests
from www.testvirus.org.
Tests 4,5,7,8,17, and 19 got through. Any idea what's going on. The last
I'm running v 0.80 and made the test which
On Thursday 25 Nov 2004 12:35, Meni Shapiro wrote:
I'm running v 0.80 and made the test which let through:
5,8,22,23,25
did i miss any thing?
my server is:
rh-sendmail-mimedefang-clamd
Try using sendmail-clamav-milter-clamd
Sincerely,
Meni Shapiro
--
Nigel Horne. Arranger,
-Original Message-
From: Philip Ershler [mailto:[EMAIL PROTECTED]
Sent: 25 November 2004 06:17 AM
To: ClamAV users ML
Subject: [Clamav-users] Virus Tests from www.testvirus.org
I am running the .80 release. Tonight I ran the current set
of tests from www.testvirus.org.
Tests
Philip Ershler wrote:
I am running the .80 release. Tonight I ran the current set of tests
from www.testvirus.org.
Tests 4,5,7,8,17, and 19 got through. Any idea what's going on. The
last time I ran this suite of
tests on the .75 release, I seem to recall it did much better.
Thanks for any
On Nov 24, 2004, at 9:29 PM, Tristan Griffiths wrote:
Philip Ershler wrote:
I am running the .80 release. Tonight I ran the current set of tests
from www.testvirus.org.
Tests 4,5,7,8,17, and 19 got through. Any idea what's going on. The
last time I ran this suite of
tests on the .75 release, I
Hello,
Philip Ershler wrote:
On Nov 24, 2004, at 9:29 PM, Tristan Griffiths wrote:
Philip Ershler wrote:
I am running the .80 release. Tonight I ran the current set of tests
from www.testvirus.org.
Tests 4,5,7,8,17, and 19 got through. Any idea what's going on. The
last time I ran this suite of
25 matches
Mail list logo