Still working out the final kinks and learning a lot about Ubuntu. I've got SA and ClamAV integrated now thanks to Anthony Dickinson on the list. However, I noticed this in my hourly syslog snippet:
Jul 22 13:34:07 localhost spamd[18732]: spamd: processing message <1406053942.31541.26.camel@localhost> for chris:1000 Jul 22 13:34:20 localhost clamd[11467]: Accepted connection from 127.0.0.1 on port 1302, fd 13 Jul 22 13:34:20 localhost clamd[11467]: ScanStream(127.0.0.1@1302): Can't create temporary file. Jul 22 13:34:20 localhost spamd[18732]: spamd: clean message (-1.2/5.0) for chris:1000 in 12.6 seconds, 2666 bytes. Looking here - http://manpages.ubuntu.com/manpages/trusty/man8/clamd.8.html at the clamd manpage I notice this: DEPRECATED COMMANDS STREAM Scan stream - on this command clamd will return "PORT number" you should connect to and send data to scan. (DEPRECATED, use INSTREAM instead) Question, do I need to make modifications to the File::Scan::ClamAV::clamav.pm file to reflect this? I also noticed that if I run root@localhost:~# clamd ping ERROR: setgroups() failed. whereas according to the manpage I should see a 'pong'. Thanks again for any help -- Chris 31.11°N 97.89°W (Elev. 1092 ft) 15:15:08 up 1 day, 21:29, 2 users, load average: 0.06, 0.17, 0.20 Ubuntu 14.04 LTS, kernel 3.13.0-32-generic -- Chris 31.11°N 97.89°W (Elev. 1092 ft) 21:09:21 up 2 days, 3:23, 3 users, load average: 0.23, 0.16, 0.14 Ubuntu 14.04 LTS, kernel 3.13.0-32-generic _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
