Le mardi 31 Mai 2005 17:29, Odhiambo Washington a écrit : > * Securiteinfo.com <[EMAIL PROTECTED]> [20050531 16:27]: wrote: > > Le mardi 31 Mai 2005 14:58, Odhiambo Washington a écrit : > > > * Christopher X. Candreva <[EMAIL PROTECTED]> [20050531 15:31]: wrote: > > > > On Tue, 31 May 2005, Odhiambo Washington wrote: > > > > > I am just wondering why clamscan rightly detects the trojan in the > > > > > mail while clamdscan doesn't. > > > > > > > > Check the output of clamscan -V and clamdscan -V -- make sure they > > > > report the same database version number. > > > > > > This doesn't seem to be the problem! They both report the same thing: > > > > > > ClamAV 0.85.1/900/Tue May 31 13:50:19 2005 > > > > Please, set the "Debug" flag in your clamd.conf, rescan the sample, and > > send us the logs. > > I cannot do that on the box where this phenomena is manifesting itself > because it's a production box, processing large volumes of mail. I'll > probably not get you the correct data because of that, since by the time > I come to scan the file after starting clamd in debug mode, the log > file containing the debug info will be full with other stuff. I've > tried it though, and I have the file - image.zip, and some output > from the debug file - current.txt, posted here: > > http://ns2.wananchi.com/~wash/Clamav/ > > > The md5 checksum of the image.zip file is as below: > > MD5 (image.zip) = c699f8df6514bce0dc69d1384ac81e42 >
Are you sure you enable "NotifyClamd" option in freshclam.conf ? Best regards, -- Cordialement, Arnaud Jacques Consultant Sécurité Téléphone / Fax : +33-(0)3.44.39.76.46 Portable : +33-(0)6.24.40.95.03 E-mail : [EMAIL PROTECTED] Securiteinfo.com La Sécurité Informatique - La Sécurité des Informations. 266, rue de Villers 60123 Bonneuil en Valois _______________________________ _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
