Re: [clamav-users] Support for GPFS / real-time antivirus checks

2022-03-17 Thread G.W. Haywood via clamav-users 

Hi there,

On Thu, 17 Mar 2022, An Schall via clamav-users wrote:


we have a server operating RHEL 6.x and which is using GPFS as a file
system. We process high volume data on this server and are evaluating
whether clamAV / clamd is a feasible solution to run AV scans against
the processed data.


Perhaps you can be a little more forthcoming about the data?


As I could not find an official page that lists features / supported
platforms, etc.


If what you need to know can not be found at

https://docs.clamav.net/

please feel free to list the deficiencies here, or perhaps better
raise an issue on Github:

https://github.com/Cisco-Talos/clamav/issues/


I would like to ask the community:

- Does clamAV / clamd support GPFS as a filesystem?


ClamAV does not care what filesystem you use to store data - it can be
used to scan directly a stream of data which is not in any filesystem.
Most filesystems thesedays support multi-user, multi-tasking operating
systems and you might need to quarantine incoming data so that it can
be scanned before you permit access to it by a potentially vulnerable
application, but that's up to you and how you arrange things.  There's
a daemon called 'clamonacc' which can use operating system features to
prevent access to suspect files 'on the fly' but, if I understand your
requirements at all, the performance might be an issue.


- Is it feasible to enable real-time antivirus checks / monitoring


You need to define the terms which you are using.  I do not know what
"real-time" means in that sentence.  If it means can you scan data as
it arrives somewhere on a wire then as per the previous paragraph the
answer is yes.  If it means can you run a daemon which prevents access
to suspect files by scanning them when some other process attempts to
read them, the answer is also yes with the above performance caveat.
In both cases you should consider the *detection* performance too, see
my final comment below.

I think most people use ClamAV without thinking very much about it to
scan a filesystem every once in a while.  But ClamAV is more a toolkit
than it is an application and you can use it in many ways.  I use it
only to scan electronic mail, primarily to stop spam and other junk.


- Do you believe that clamAV / clamd is suitable to scan high volume data?


Again please define your terms, and in this case suggest what hardware
you might be planning to use.  Obviously you can scale the capacity of
your scanning system to suit the volumes of data to be scanned simply
by applying more hardware (money) to the problem.  Whatever you do, if
you are going to scan petabytes of unknown data for many millions of
disparate threats it's going to take some effort (and probably time).


- Are there any upper limits on the size of the volume to be scanned
(besides the 4GB max. file size)


Although the documentation might state otherwise in places, unless I
have missed something (since the move to Github I haven't been able to
make head nor tail of the ClamAV changes) the maximum is 2GB, not 4GB.
The limit is on the size of a single file (or - I believe - the length
of a data stream) and not the size of a volume in the filesystem.  The
sizes of filesystems and volumes are irrelevant to ClamAV as it simply
uses the operating system facilities to access the scanned data, just
like any other application.  Typically a ClamAV process while scanning
will use about 1GByte of RAM.  This can be a single-use process which
loads its signature database on demand (the database can take a little
time to load, as it usually contains of the order of ten million sigs)
or it can be a long-lived daemon - 'clamd'.  In either case there are
numerous configuration options which can set limits, including but not
limited to the size of individual files.  You can, and I occasionally
do, run multiple clamd daemons.  In my case this is usually about test
and experiment but you could do the same for parallel processing if it
appears to you to be necessary.  A clamd daemon can take advantage of
multi-cored hardware, and, given enough RAM, you can run more than one
instance of clamd on a system.  The 'clamonacc' utility itself uses a
'clamd' daemon to do its actual scanning.

Finally please consider the probability that ClamAV will find what you
think you are looking for.  In my experience the people who ask the
sorts of questions which you are asking never seem to consider that a
threat might evade detection, and there's a somewhat depressingly good
chance that it will do just that - no matter what scanner you use.  If
you search the archives of this mailing list you'll find some numbers,
but on a *very* good day one in five will get through.  On a bad day,
just one of those will compromise your entire network.

HTH.

--

73,
Ged.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV

[clamav-users] Support for GPFS / real-time antivirus checks

2022-03-17 Thread An Schall via clamav-users 
Hi all,

we have a server operating RHEL 6.x and which is using GPFS as a file
system. We process high volume data on this server and are evaluating
whether clamAV / clamd is a feasible solution to run AV scans against
the processed data.

As I could not find an official page that lists features / supported
platforms, etc. I would like to ask the community:

- Does clamAV / clamd support GPFS as a filesystem?
- Is it feasible to enable real-time antivirus checks / monitoring
- Do you believe that clamAV / clamd is suitable to scan high volume data?
- Are there any upper limits on the size of the volume to be scanned
(besides the 4GB max. file size)

Thanks in advance,
André

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] support

2016-12-05 Thread Alain Zidouemba 
I've identified a few clean samples that this signature FP on. I'm dropping
BC.Legacy.Exploit.CVE_2012_4148-1. We'll rework it.

- Alain

On Mon, Dec 5, 2016 at 9:10 AM, Steve Basford <
steveb_cla...@sanesecurity.com> wrote:

> Hi,
>
> Just had a twitter user contact me regarding an fp that he reported 1st
> September (I don't have a hash sorry):
>
>
> 3986318.cbc:BC.Legacy.Exploit.CVE_2012_4148-1.{};Engine:70-
> 255,Target:10;(0&2&1)
> ;0:255044462d312e;*:2f416e6e6f74;*:2f53756274797065{-5}2f576964676574
>
> Secondly, I'm seeing this using 0.99.3... in debug logs when loading
> daily.ldb:
>
> LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType'
> LibClamAV debug: init_tdb: Not supported attribute(s) in signature for
> Win.Trojan.CVE_2006_5857-1, skipping
> LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType'
> LibClamAV debug: init_tdb: Not supported attribute(s) in signature for
> Win.Exploit.CVE_2009_2502-1, skipping
> LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType'
> LibClamAV debug: init_tdb: Not supported attribute(s) in signature for
> Pdf.Exploit.Agent-1388609, skipping
> LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType'
> LibClamAV debug: init_tdb: Not supported attribute(s) in signature for
> Pdf.Exploit.CVE_2012_4154-1, skipping
> LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType'
> LibClamAV debug: init_tdb: Not supported attribute(s) in signature for
> Pdf.Exploit.CVE_2012_4157-1, skipping
> LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType'
> LibClamAV debug: init_tdb: Not supported attribute(s) in signature for
> Pdf.Exploit.CVE_2011_4370-1, skipping
> LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType'
> LibClamAV debug: init_tdb: Not supported attribute(s) in signature for
> Osx.Trojan.Iumler-1, skipping
> LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType'
> LibClamAV debug: init_tdb: Not supported attribute(s) in signature for
> Pdf.Exploit.Dropped-2014, skipping
> LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType'
> LibClamAV debug: init_tdb: Not supported attribute(s) in signature for
> Win.Trojan.Quarian-2, skipping
>
> These seem be of the type...
>
> ,HanderType:CL_TYPE_PDF,Target:
>
> not the usual
>
> ,Container:CL_TYPE_PDF,Target:
>
> --
> Cheers,
>
> Steve
> Twitter: @sanesecurity
>
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] support

2016-12-05 Thread Steve Basford 
Hi,

Just had a twitter user contact me regarding an fp that he reported 1st
September (I don't have a hash sorry):


3986318.cbc:BC.Legacy.Exploit.CVE_2012_4148-1.{};Engine:70-255,Target:10;(0&2&1)
;0:255044462d312e;*:2f416e6e6f74;*:2f53756274797065{-5}2f576964676574

Secondly, I'm seeing this using 0.99.3... in debug logs when loading
daily.ldb:

LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType'
LibClamAV debug: init_tdb: Not supported attribute(s) in signature for
Win.Trojan.CVE_2006_5857-1, skipping
LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType'
LibClamAV debug: init_tdb: Not supported attribute(s) in signature for
Win.Exploit.CVE_2009_2502-1, skipping
LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType'
LibClamAV debug: init_tdb: Not supported attribute(s) in signature for
Pdf.Exploit.Agent-1388609, skipping
LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType'
LibClamAV debug: init_tdb: Not supported attribute(s) in signature for
Pdf.Exploit.CVE_2012_4154-1, skipping
LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType'
LibClamAV debug: init_tdb: Not supported attribute(s) in signature for
Pdf.Exploit.CVE_2012_4157-1, skipping
LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType'
LibClamAV debug: init_tdb: Not supported attribute(s) in signature for
Pdf.Exploit.CVE_2011_4370-1, skipping
LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType'
LibClamAV debug: init_tdb: Not supported attribute(s) in signature for
Osx.Trojan.Iumler-1, skipping
LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType'
LibClamAV debug: init_tdb: Not supported attribute(s) in signature for
Pdf.Exploit.Dropped-2014, skipping
LibClamAV debug: lsigattribs: Unknown attribute name 'HanderType'
LibClamAV debug: init_tdb: Not supported attribute(s) in signature for
Win.Trojan.Quarian-2, skipping

These seem be of the type...

,HanderType:CL_TYPE_PDF,Target:

not the usual

,Container:CL_TYPE_PDF,Target:

-- 
Cheers,

Steve
Twitter: @sanesecurity

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Support question.

2014-05-12 Thread Joel Esler (jesler) 
On May 12, 2014, at 2:57 PM, Al Varnell 
mailto:alvarn...@mac.com>> wrote:

On Mon, May 12, 2014 at 11:41 AM, J MCN wrote:

Hello,  I am writing with a question about the EOL policy here:
https://github.com/vrtadmin/clamav-faq/blob/master/faq/faq-eol.md

I have a few 0.97.7 instances still out there and the wording in the EOL
has me wondering if they are technically unsupported. Is the 0.97 branch
still supported?

Maybe the question is better asked: Is 0.98 currently the only supported
major branch?

There was an announcement made here on March 28th "ClamAV 0.95 Engine End of 
Life Announcement”
.  I would infer that 0.96 and above are 
still supported.

Don’t forget the last section of the above post:

"We will also be EOL’ing 0.96 in coming months, so if either of those versions 
is currently in use, it is highly suggested that you upgrade to the most 
current version. “

--
Joel Esler
Open Source Manager
Threat Intelligence Team Lead
Vulnerability Research Team
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml

Re: [clamav-users] Support question.

2014-05-12 Thread Al Varnell 

On Mon, May 12, 2014 at 11:41 AM, J MCN wrote:
> 
> Hello,  I am writing with a question about the EOL policy here:
> https://github.com/vrtadmin/clamav-faq/blob/master/faq/faq-eol.md
> 
> I have a few 0.97.7 instances still out there and the wording in the EOL
> has me wondering if they are technically unsupported. Is the 0.97 branch
> still supported?
> 
> Maybe the question is better asked: Is 0.98 currently the only supported
> major branch?

There was an announcement made here on March 28th "ClamAV 0.95 Engine End of 
Life Announcement” 
.  I would infer that 0.96 and above are 
still supported.


-Al-
-- 
Al Varnell
Mountain View, CA




___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml

[clamav-users] Support question.

2014-05-12 Thread J MCN 
Hello,  I am writing with a question about the EOL policy here:
https://github.com/vrtadmin/clamav-faq/blob/master/faq/faq-eol.md

I have a few 0.97.7 instances still out there and the wording in the EOL
has me wondering if they are technically unsupported. Is the 0.97 branch
still supported?

Maybe the question is better asked: Is 0.98 currently the only supported
major branch?

Thanks

John
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml

Re: [Clamav-users] Support bzip2

2009-06-29 Thread Wong 

Thanks Mr. Edwin,

I installed libbz2-dev as I am using openSuSE.

Best Regards,

Wong


- Original Message - 
From: "Török Edwin" 

To: "ClamAV users ML" 
Sent: Monday, June 29, 2009 14:58
Subject: Re: [Clamav-users] Support bzip2



On 2009-06-29 07:42, Wong wrote:

Dear all,

How can ClamAV support bzip2? What library should I install?

Thank you very much for any help.


Hi,

It depends on your OS, on a Linux distribution you would install a
library called libbz2-dev, or bzip2-devel.
If you are using a binary package that should install the dependent
libraries automatically.

Best regards,
--Edwin
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml




___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml

Re: [Clamav-users] Support bzip2

2009-06-28 Thread Török Edwin 
On 2009-06-29 07:42, Wong wrote:
> Dear all,
>
> How can ClamAV support bzip2? What library should I install?
>
> Thank you very much for any help.

Hi,

It depends on your OS, on a Linux distribution you would install a
library called libbz2-dev, or bzip2-devel.
If you are using a binary package that should install the dependent
libraries automatically.

Best regards,
--Edwin
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml

[Clamav-users] Support bzip2

2009-06-28 Thread Wong 

Dear all,

How can ClamAV support bzip2? What library should I install?

Thank you very much for any help.

Wong



___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml

Re: [Clamav-users] Support for compressed definitions?

2008-08-18 Thread Brandon Perry 
Awesome, thanks!

On Mon, Aug 18, 2008 at 10:46 AM, Tomasz Kojm <[EMAIL PROTECTED]> wrote:

> On Mon, 18 Aug 2008 10:43:25 -0500
> "Brandon Perry" <[EMAIL PROTECTED]> wrote:
>
> > Does ClamAV have support for compressed definitions? (main.cld.gz) If
> not,
> > is there somewhere that I can request this feature?
>
> Enable CompressLocalDatabase in freshclam.conf
>
> --
>   oo. Tomasz Kojm <[EMAIL PROTECTED]>
>  (\/)\. http://www.ClamAV.net/gpg/tkojm.gpg
> \..._ 0DCA5A08407D5288279DB43454822DC8985A444B
>   //\   /\  Mon Aug 18 17:45:33 CEST 2008
> ___
> Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
> http://www.clamav.net/support/ml
>



-- 
http://www.volatileminds.net
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml

Re: [Clamav-users] Support for compressed definitions?

2008-08-18 Thread Tomasz Kojm 
On Mon, 18 Aug 2008 10:43:25 -0500
"Brandon Perry" <[EMAIL PROTECTED]> wrote:

> Does ClamAV have support for compressed definitions? (main.cld.gz) If not,
> is there somewhere that I can request this feature?

Enable CompressLocalDatabase in freshclam.conf

-- 
   oo. Tomasz Kojm <[EMAIL PROTECTED]>
  (\/)\. http://www.ClamAV.net/gpg/tkojm.gpg
 \..._ 0DCA5A08407D5288279DB43454822DC8985A444B
   //\   /\  Mon Aug 18 17:45:33 CEST 2008
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml

[Clamav-users] Support for compressed definitions?

2008-08-18 Thread Brandon Perry 
Does ClamAV have support for compressed definitions? (main.cld.gz) If not,
is there somewhere that I can request this feature?

-- 
http://www.volatileminds.net
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml

Re: [Clamav-users] support for ClamxAV

2008-02-04 Thread Derick Centeno 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

You can go here:

http://www.clamxav.com/

and sign up for the mailing list from there.

All the best...

On Feb 4, 2008, at 9:30 AM, Jan B wrote:

> I have a Mac. Where do I find support for ClamxAV?
>
> --Jan
> ___
> Help us build a comprehensive ClamAV guide: visit http:// 
> wiki.clamav.net
> http://lurker.clamav.net/list/clamav-users.html

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (Darwin)

iD8DBQFHp5rmsfbwCDodg+ARAksAAJ9WHMT1xDL77rsLPGrpFr3W1z/THACfRMP0
tCO9xt4dsgJzXwIki+Rz7bc=
=uVZh
-END PGP SIGNATURE-
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] support for ClamxAV

2008-02-04 Thread Matthias Schmidt 

Am/On Mon, 4 Feb 2008 09:46:24 -0500 schrieb/wrote Jan Brownell:

>I get the No Support for Dig Signatures error, but I don't comprehend 
>the answer in the FAQ:
>
>"FAQ: What does SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES 
>mean?
>
>The ClamAV package requires the GMP library to verify the digital 
>signature of the virus database. When building ClamAV you need the GMP 
>library and its headers: if you are using Debian just run apt-get 
>install libgmp3-dev, if you are using an RPM based distribution install 
>the gmp-devel package. You'll need to rerun ./configure and recompile 
>ClamAV."

maybe this helps:


btw, don't pm listmembers and don't toppost

Thanks and all the best

Matthias

___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] support for ClamxAV

2008-02-04 Thread Matthias Schmidt 
Am/On Mon, 4 Feb 2008 14:30:22 + schrieb/wrote Jan B:

>I have a Mac. Where do I find support for ClamxAV?

ClamXAV is just a GUI to ClamAV.
But maybe someone can help you here, if you tell us the problem.

Thanks and all the best

Matthias

___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html

[Clamav-users] support for ClamxAV

2008-02-04 Thread Jan B 
I have a Mac. Where do I find support for ClamxAV?

--Jan
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] Support for unix socket streams?

2005-10-17 Thread Jeff Smelser 
On Monday 17 October 2005 11:35 am, Gary Buckmaster wrote:

> After some conversations with one of the dspam developers, the question was
> raised as to whether clamav will support streamable unix sockets.  Right
> now dspam makes calls to clamd via tcp sockets, which isn't inherently bad,
> but if both clamav and dspam are installed on the same box, unix sockets
> would be a far more efficient way for the two to communicate.  Is this
> something that's been looked at and disregarded?  Something that is
> potentially do-able?

# Path to a local socket file the daemon will listen on.
# Default: disabled
LocalSocket /var/run/clamavd/clamd

I thought that was the default..

Jeff


pgp3SiKpxH2gS.pgp
Description: PGP signature
___
http://lurker.clamav.net/list/clamav-users.html

[Clamav-users] Support for unix socket streams?

2005-10-17 Thread Gary Buckmaster 
After some conversations with one of the dspam developers, the question was
raised as to whether clamav will support streamable unix sockets.  Right now
dspam makes calls to clamd via tcp sockets, which isn't inherently bad, but
if both clamav and dspam are installed on the same box, unix sockets would
be a far more efficient way for the two to communicate.  Is this something
that's been looked at and disregarded?  Something that is potentially
do-able?

Best,

Gary

___
http://lurker.clamav.net/list/clamav-users.html

[Clamav-users] support for external unpackers

2004-12-01 Thread Daniel Tiefnig 
Hej,
I don't know whether this has been discussed allready, I can't find it
in the ML archive at least.
What do you people think about support for external unpackers in clamd?
I know I can use them with clamscan, so why not within clamd too?
I think this would be a great feature, as I (and others too, I'm sure)
have to use an external wrapper/unpacking script and call clamdscan
there instead of connecting to clamd directly from exiscan. I'm mainly
doing this because I have to scan RAR 3.0 archives. (Besides lha, arj
and ace.)
I think this might even open some further possibilities, by being able
to call arbitrary programs (or libraryfunctions from a .so?) during the
scan process.
Comments welcome.
lg,
daniel
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Re: [Clamav-users] Support Required

2004-09-24 Thread Jim Maul 
Quoting Odhiambo Washington <[EMAIL PROTECTED]>:
* Amit Keshan <[EMAIL PROTECTED]> [20040924 13:36]: wrote:
Hi!
I installed Clam on my server and realized that it is not allowing 
emails to be send if a passowrd protected zip file is attached.  One 
of my esteem client is really upset with it and is planning to shift 
his hosting within a day or two if this issue is not resolved. 
Please help.

How do you manage to run clamd without knowing what is the the
configuration file?
Thats the problem with making important tasks easy to do.  People who do not
have enough knowledge to be able to configure it correctly are able to install
it.  This actually ends up doing more harm than good.
Either that, or its a case of pure laziness...
-Jim
---
This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170
Project Admins to receive an Apple iPod Mini FREE for your judgement on
who ports your project to Linux PPC the best. Sponsored by IBM.
Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

RE: [Clamav-users] Support Required

2004-09-24 Thread Micha Silver 
Title: Message



Amit:
What 
do you have in your clamav.conf for ArchiveBlockEncrypted ?
The 
default should be disabled (commented out).
Micha

  
  -Original Message-From: Amit Keshan 
  [mailto:[EMAIL PROTECTED] Sent: Friday, September 24, 2004 
  11:43 AMTo: [EMAIL PROTECTED]Subject: 
  [Clamav-users] Support Required
  Hi!
   
  I installed Clam on my server and realized that 
  it is not allowing emails to be send if a passowrd 
  protected zip file is attached.  One of my esteem client is really upset with it and is planning to 
  shift his hosting within a day or two if this issue is not resolved. Please 
  help.
   
  Thanks,
  Amit

Re: [Clamav-users] Support Required

2004-09-24 Thread Odhiambo Washington 
* Amit Keshan <[EMAIL PROTECTED]> [20040924 13:36]: wrote:
> Hi!
> 
> I installed Clam on my server and realized that it is not allowing emails to be send 
> if a passowrd protected zip file is attached.  One of my esteem client is really 
> upset with it and is planning to shift his hosting within a day or two if this issue 
> is not resolved. Please help.


How do you manage to run clamd without knowing what is the the
configuration file?

Look for a file named clamav.conf (or maybe clamd.conf), but I am
sure yours is clamav.conf.
Look at all the options in that file, comment out the relevant one,
restart clamd.



# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
#ArchiveBlockEncrypted




cheers
   - wash 
+--+-+
Odhiambo Washington . WANANCHI ONLINE LTD (Nairobi, KE)  |
  . 1ere Etage, Loita Hse, Loita St.,  |
GSM: (+254) 722 743 223 . # 10286, 00100 NAIROBI |
GSM: (+254) 733 744 121 . (+254) 020 313 985 - 9 |
+-+--+
"Oh My God! They killed init! You Bastards!"  
 --from a /. post


---
This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170
Project Admins to receive an Apple iPod Mini FREE for your judgement on
who ports your project to Linux PPC the best. Sponsored by IBM.
Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

[Clamav-users] Support Required

2004-09-24 Thread Amit Keshan 



Hi!
 
I installed Clam on my server and realized that 
it is not allowing emails to be send if a passowrd protected zip 
file is attached.  One of my esteem client 
is really upset with it and is planning to shift his hosting within a day or two 
if this issue is not resolved. Please help.
 
Thanks,
Amit

[Clamav-users] support idea

2004-07-30 Thread Christopher McCrory 
Hello...

  I've been going through our internal process for sending a donation
for the clamav developers.  I've run into two issues from the various
people in this process.

1: why?
  accounting people cannot always grasp the concept of "because they
need resources to keep the software current

2: how much?
  after getting over the 'why' we run into 'how much'. Bean counters
want as little as possible.

IDEA:
  Snag parts of the MySQL and RHN (redhat) models

1a: for a donation you get access to a primary always up to date
mirror, that you can hit more frequently.  e.g. every 15/30 minutes.

1b: for a donation you can email questions to a support list that
while not guarenting an answer, might get first crack at support
peoples time.

2a: Post some pricing suggestions on the web site.  $500 per server
per year.  $20 per person per year.

2b: access to always current "stable binaries" built by the developers
for various platforms.  via apt/yum/up2date/etc



-- 
Christopher McCrory
 "The guy that keeps the servers running"


---
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] support for logging to stdout

2004-02-01 Thread Ken Jones 
On Saturday 31 January 2004 5:51 pm, Nigel Horne wrote:
> > I've written a patch to version 0.65 to support
> > logging to stdout for use with daemontools/multilog.
> >
> > Is there already a patch for this type of thing?
> > If not, where could I submit my patch for
> > consideration in the next release?
>
> How about 'Logfile /dev/stdout' in clamav.conf?

Doh! That works great.
Thanks,
Ken Jones


---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

RE: [Clamav-users] support for logging to stdout

2004-02-01 Thread Nigel Horne 
> I've written a patch to version 0.65 to support
> logging to stdout for use with daemontools/multilog.
>
> Is there already a patch for this type of thing?
> If not, where could I submit my patch for 
> consideration in the next release? 

How about 'Logfile /dev/stdout' in clamav.conf?

> Ken Jones
> inter7.com

-Nigel 


---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

[Clamav-users] support for logging to stdout

2004-01-31 Thread Ken Jones 
I've written a patch to version 0.65 to support
logging to stdout for use with daemontools/multilog.

Is there already a patch for this type of thing?
If not, where could I submit my patch for 
consideration in the next release? 

It's a fairly simple patch with about 11 new lines of code.

Ken Jones
inter7.com


---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users