Re: [Clamav-users] Sourcefire acquires ClamAV
David wrote... > Sourcefire is a public company. As such, its directors have a > fiduciary duty to act in the best interests of Sourcefire investors. Pendantic mode... Public/Private has no bearing on the issue. Private companies mostly act in the interest of the private shareholders which is generally the same interest shown by public shareholders in public companies. > So: How is Sourcefire planning to make money from ClamAV? I would > feel much more comforted if a Sourcefire rep could explain this. > (Public companies don't make acquisitions for the good of the > community; they make them for the good of their shareholders.) I can think of two possible scenarios from other examples in the industry: First, they may offer priority support contracts which many corporate users will want to pay for so they have direct and/or priority support, etc. Second, they may provide specific add-ons and features that are available for a fee, just like Sendmail.Org has done. This doesn't mean the code is really "forked", as the commercial version may be merely addons, conditional compiles, etc. I am not implying having any special knowledge or information. I'm merely illustrating what I have seen other companies do. I would suggest waiting and seeing what happens over a period of time, say a year. As long as some of the new enhancements, bugfixes, etc. trickle into the code (or the free version of the code, if they go that route)... I'd be quite happy. May even pay for the commercial support. Jay West ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Issue with Clamav Logging
Hopefully someone can nudge me in the right direction, I feel like I'm grossly missing something here. Platform: FreeBSD 6.1, Clamav 0.88.2, Sendmail 8.13.6 I do not have LogClean defined in my clamav config file. According to the docs, the default is disabled. However, my logfile has scads of lines as follows: /u1/clamav/tmp/clamav-f7641294d0b85f9f/msg.nikROF: OK /u1/clamav/tmp/clamav-f7641294d0b85f9f/msg.vG1SKW: OK /u1/clamav/tmp/clamav-f7641294d0b85f9f/msg.uY6Eth: OK /u1/clamav/tmp/clamav-f7641294d0b85f9f/msg.ltJrmi: OK So I am guessing these lines are in fact referring to emails scanned as 'clean'. If so, why are they showing up? I do not see a way to "undefine LogClean" if in fact it's getting set somewhere else. Am I correct that these are log messages of clean scans? I get hundreds of them and they appear to correspond to each incoming email. If that's what they are, why am I getting them in the log file if I don't have LogClean defined? Any help or advice would be most appreciated! Jay West ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Can someone help with clamav logging issue?
Hopefully someone can nudge me in the right direction, I feel like I'm grossly missing something here. Platform: FreeBSD 6.1, Clamav 0.88.2, Sendmail 8.13.6 I do not have LogClean defined in my clamav config file. According to the docs, the default is disabled. However, my logfile has scads of lines as follows: /u1/clamav/tmp/clamav-f7641294d0b85f9f/msg.nikROF: OK /u1/clamav/tmp/clamav-f7641294d0b85f9f/msg.vG1SKW: OK /u1/clamav/tmp/clamav-f7641294d0b85f9f/msg.uY6Eth: OK /u1/clamav/tmp/clamav-f7641294d0b85f9f/msg.ltJrmi: OK So I am guessing these lines are in fact referring to emails scanned as 'clean'. If so, why are they showing up? I do not see a way to "undefine LogClean" if in fact it's getting set somewhere else. Am I correct that these are log messages of clean scans? I get hundreds of them and they appear to correspond to each incoming email. If that's what they are, why am I getting them in the log file if I don't have LogClean defined? Any help or advice would be most appreciated! Jay West ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] how to uninstall ClamAV from FreeBSD server?
Frank wrote how to uninstall ClamAV from FreeBSD server? Assuming you installed from the ports collection, use: pkg_delete -ix clamav Answer Y or N as appropriate. Jay West ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] clamav-milter problem
Nicholas Anderson wrote ... then i decided to install another milter tool, and it solved the problem. So, what one did you switch to? Jay West ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Re: Re: scan performance
It was written... It's been a while, but things that took minutes to scan now take seconds. Well, then I'm looking forward to the next release! Pardon me if this is a silly question, but I'm not up on how development of clamav is structured If these performance enhancements are in 0.90RC2, can one also assume that they are in the development snapshot from 20061217 which is dated after the release of 0.90RC2? Thanks in advance for the enlightenment! Jay ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Upgrade to .90?
It was written... I had the same problems. FreeBSD/i386 6.2p1 and 6.2p0. Compiled directly from the ports collection, without --experimental. As far as we could tell, it just scanned slower and slower and then stopped scanning. That sounds like what happened here. See the "ScanStream: accept timeout, unkillable" thread for a potential solution--it works for us at least. I hope the issues with the various FreeBSD versions and pthread get sorted out in an official way soon--I rather like 0.90 otherwise. :-) Glad this came up and people were talking about it. I was preparing to upgrade a few servers and this would have bit me hard. I saw the solution for modifying libmap.conf, but I wonder if this could be handled by tweaking the makefiles instead. I wonder how soon a freeBSD port will be updated to fix all this too. So if the above fixed clamav.90 on FreeBSD 6.2 without --experimental... anyone have stress tests with clamav.90 on FreeBSD 6.2 WITH --experimental? Thanks for any comments! Jay West ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] clamav vs norton
Sean wrote I trusted clamav for a long time but ran across an interesting problem today. You aren't looking at the other side of that coin. You can bet (I see it rather frequently) that there are times that clamav catches a virus that norton does not! Don't throw the baby out with the bathwater It is for this very reason that inbound mail in setups that I design passes through two different AV packages. I used to think this was rather silly, until a situation arose where I had to have inbound mail go through two different AV packages (my proposed front-end and the customers existing backend). After watching the logs on both packages, I noticed that it was actually pretty frequent/routine that clamav would catch something the other package didn't AND VICE-VERSA. Now I always design in two AV packages - I have learned it is not silly at all. Jay West ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Upgrade to .90?
Kevin wrote Follow-up: The above work-around almost works, but clamd occasionally dies without warning now. This is somewhat easier to live with than the previous behavior, where it would be alive but would stop responding, but it's still broken. Doesn't the port currently in the FreeBSD ports tree online - 0.90_3 (NOTE the _3 part)that was just modified to _3 a few days ago... already include the above mentioned workaround by virtue of the parameterized pthreadlib setup? Or do I still need to put those entries in /etc/libmap.conf with the 1.91 version port makefile? I think the last (_3) FreeBSD port makefile basically took care of the libmap.conf a different way. I'd like to be sure ;) Can anyone offer clarification? Jay West ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html