[Clamav-users] Rar module

2004-03-18 Thread Bo-Lina teknisk support 



Hello.
 
Do annyone have a solution to this RAR Module 
error?
In the documentation it says it's ok to get, but 
since new viruses use rar compressions for sending out viruses it's getting a 
pretty big problem.
Before when I got this error message it discarded 
the mail and deleted it, so I changed the Exim rules so it Rar module fails it 
still delivers the mail.
This is because it discarded OK rar files aswell 
just because rar module failuer.
 
Isn't there anny way to get a rar check that can 
handle "all" types of rar versions? Or if annyone have anny other 
solution?
 
Thu Mar 18 11:48:46 2004 -> 
/var/spool/exim//scan/1B3v4w-0004Wf-NP/1B3v4w-0004Wf-NP-0.rar: RAR module 
failure. ERROR
//best regards Jonas

Re: [Clamav-users] Re: password .zips

2004-03-19 Thread Bo-Lina teknisk support 



Im using the latest ClamAv from CVS. 
"2004-03-18"
How do I change so ClamAv either scans or removes 
password protected zip files?
 
And is there anny solution out for the "RAR module 
failure" ?

  - Original Message - 
  From: 
  Jonathan Mergy 
  
  To: [EMAIL PROTECTED] 
  
  Sent: Friday, March 19, 2004 8:20 
AM
  Subject: [Clamav-users] Re: password 
  .zips
  Thanks. The clamav way is fine 
  w/me. I can also go the amavisd route (glad I updated it a few days 
  ago). Which version for clamav ? 
  I'm at .68-1 [EMAIL PROTECTED] 
  mergy]$ clamscan -V clamscan / ClamAV 
  version 0.68-1 [EMAIL PROTECTED] 
  mergy]$ jonathan mergy[EMAIL PROTECTED] 
  


  Tomasz Kojm <[EMAIL PROTECTED]> 
Sent by: [EMAIL PROTECTED] 

03/18/04 07:08 PM 

  
  

  Please respond 
  to[EMAIL PROTECTED]
  

  
  

  To
[EMAIL PROTECTED] 
  

  cc

  

  Subject
Re: [Clamav-users] 
  (newbie on list - don't hit me) -> password 
  .zips

  
  

On Fri, 19 Mar 2004 13:57:09 +1100Jonathan Trott 
  <[EMAIL PROTECTED]> wrote:> > On Thu, 18 Mar 2004 
  13:31:41 -0800, "Jonathan Mergy" <[EMAIL PROTECTED]>> > 
  wrote:> > > I just joined the list and have been using clamav 
  with my> > postfix/amavisd/spamasassin system for a while 
  now.> >> > I read some items in the list archives about 
  the passworded zip > > problems.> > What is the status on 
  this and how can I help?> As long as you are using 
  amavisd-new-20030616-p8 you can add the > following setting to block 
  all encrypted archives:> > $banned_filename_re = new_RE(> 
     qr'^UNDECIPHERABLE$',  # is or contains any 
  undecipherable>    components> );No need for 
  that. ClamAV is able to detect encrypted archives created 
  byBagle.--   oo    .       
    Tomasz Kojm <[EMAIL PROTECTED]> (\/)\.   
        http://www.ClamAV.net/gpg/tkojm.gpg    
  \..._         
  0DCA5A08407D5288279DB43454822DC8985A444B      //\   /\ 
               Fri Mar 19 04:07:47 CET 
  2004[attachment "attdt904.dat" deleted by Jonathan Mergy/US/natus] 
  ForwardSourceID:NT000241C6   
 

Re: [Clamav-users] Application to generate CLAMAV report

2004-03-24 Thread Bo-Lina teknisk support 
Neither of these link's work.


- Original Message - 
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, March 25, 2004 7:35 AM
Subject: [Clamav-users] Application to generate CLAMAV report


Dear all,
I have created a small application that allows the creation of a
report based on the email virus report that Clamav sends out. It can
generate report based on the virus name, virus sender and virus recipient.
It also has a user interface that allows for a user to manipulate the data.
A sample screen is at

http://www.geocities.com/synasir/emailavlog.jpg

A sample report is below.

--- VIRUS NAME--- 
Worm.SomeFool.Gen-1 ,1084,47.17%  Worm.SomeFool.P ,771,33.55%
Worm.SomeFool.Gen-2 ,121,5.27%  Worm.Bagle.Gen-zippwd ,103,4.48%
Worm.SCO.A ,67,2.92%  JS.Spam.Scramble.A-mail ,48,2.09%  Worm.Mydoom.F
,32,1.39%  Worm.SomeFool.I ,18,.78%  Trojan.Dropper.C ,16,.7%
Worm.Bagle.Gen-1 ,15,.65%  Worm.Bagle.P ,6,.26%  Worm.Klez.H ,5,.22%
Worm.Bagle.Gen-zippwd-2 ,3,.13%  JS.Spam.Scramble.A ,2,.09%  Worm.Nyxem
,2,.09%  Exploit.HTML.Bagle.Gen-3-eml ,1,.04%  Exploit.HTML.Bagle.Gen-4-eml
,1,.04%  JS.FortNight.M ,1,.04%
 Worm.Mydoom.G ,1,.04%

If you are interested, please get it at
http://www.geocities.com/synasir/emailavlog.zip (about 2 MB)

This is emailware. If you are using it, please send me an email at
[EMAIL PROTECTED]

Don't forget to send me an email if you are using it.


Thanks.



mail2web - Check your email from the web at
http://mail2web.com/ .




---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id70&alloc_id638&op=ick
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users




---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] Application to generate CLAMAV report

2004-03-25 Thread Bo-Lina teknisk support 
How do I get ClamAV do send out this report?

//Regards Jonas

- Original Message - 
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, March 25, 2004 7:35 AM
Subject: [Clamav-users] Application to generate CLAMAV report


Dear all,
I have created a small application that allows the creation of a
report based on the email virus report that Clamav sends out. It can
generate report based on the virus name, virus sender and virus recipient.
It also has a user interface that allows for a user to manipulate the data.
A sample screen is at

http://www.geocities.com/synasir/emailavlog.jpg

A sample report is below.

--- VIRUS NAME--- 
Worm.SomeFool.Gen-1 ,1084,47.17%  Worm.SomeFool.P ,771,33.55%
Worm.SomeFool.Gen-2 ,121,5.27%  Worm.Bagle.Gen-zippwd ,103,4.48%
Worm.SCO.A ,67,2.92%  JS.Spam.Scramble.A-mail ,48,2.09%  Worm.Mydoom.F
,32,1.39%  Worm.SomeFool.I ,18,.78%  Trojan.Dropper.C ,16,.7%
Worm.Bagle.Gen-1 ,15,.65%  Worm.Bagle.P ,6,.26%  Worm.Klez.H ,5,.22%
Worm.Bagle.Gen-zippwd-2 ,3,.13%  JS.Spam.Scramble.A ,2,.09%  Worm.Nyxem
,2,.09%  Exploit.HTML.Bagle.Gen-3-eml ,1,.04%  Exploit.HTML.Bagle.Gen-4-eml
,1,.04%  JS.FortNight.M ,1,.04%
 Worm.Mydoom.G ,1,.04%

If you are interested, please get it at
http://www.geocities.com/synasir/emailavlog.zip (about 2 MB)

This is emailware. If you are using it, please send me an email at
[EMAIL PROTECTED]

Don't forget to send me an email if you are using it.


Thanks.



mail2web - Check your email from the web at
http://mail2web.com/ .




---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id70&alloc_id638&op=ick
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users




---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] Find bagle in Zip files.

2004-03-26 Thread Bo-Lina teknisk support 
How do I get ClamAV do search thru password protected files?
Im using ClamAV-devel-20030318

//Regards Jonas
- Original Message - 
From: "Simon Gate" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, March 26, 2004 8:04 AM
Subject: [Clamav-users] Find bagle in Zip files.


Hello.

Im running a smtp server with f-secure and clamav. I have a problem with
the f-secure server because it cant find the bagle virus in password
protected zip files but clamav does. I e-mailed f-secure support about
and they said to me it isnt any virus scanner today that can find virus
in password protected zip files. And this answer confuses me because
clamav does find the virus in the password protected zip file. And now
my question, how is it possible for clamav to find a virus in a password
protected file when f-secure support claims it isnt possible?


Best regards Simon.


---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id70&alloc_id638&op=ick
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users




---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] Application to generate CLAMAV report

2004-03-26 Thread Bo-Lina teknisk support 
How do I get ClamAV to generate this repport?

//Regards Jonas

- Original Message - 
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, March 25, 2004 7:35 AM
Subject: [Clamav-users] Application to generate CLAMAV report


Dear all,
I have created a small application that allows the creation of a
report based on the email virus report that Clamav sends out. It can
generate report based on the virus name, virus sender and virus recipient.
It also has a user interface that allows for a user to manipulate the data.
A sample screen is at

http://www.geocities.com/synasir/emailavlog.jpg

A sample report is below.

--- VIRUS NAME--- 
Worm.SomeFool.Gen-1 ,1084,47.17%  Worm.SomeFool.P ,771,33.55%
Worm.SomeFool.Gen-2 ,121,5.27%  Worm.Bagle.Gen-zippwd ,103,4.48%
Worm.SCO.A ,67,2.92%  JS.Spam.Scramble.A-mail ,48,2.09%  Worm.Mydoom.F
,32,1.39%  Worm.SomeFool.I ,18,.78%  Trojan.Dropper.C ,16,.7%
Worm.Bagle.Gen-1 ,15,.65%  Worm.Bagle.P ,6,.26%  Worm.Klez.H ,5,.22%
Worm.Bagle.Gen-zippwd-2 ,3,.13%  JS.Spam.Scramble.A ,2,.09%  Worm.Nyxem
,2,.09%  Exploit.HTML.Bagle.Gen-3-eml ,1,.04%  Exploit.HTML.Bagle.Gen-4-eml
,1,.04%  JS.FortNight.M ,1,.04%
 Worm.Mydoom.G ,1,.04%

If you are interested, please get it at
http://www.geocities.com/synasir/emailavlog.zip (about 2 MB)

This is emailware. If you are using it, please send me an email at
[EMAIL PROTECTED]

Don't forget to send me an email if you are using it.


Thanks.



mail2web - Check your email from the web at
http://mail2web.com/ .




---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id70&alloc_id638&op=ick
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users




---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users