Re: [Clamav-users] Sourcefire acquires ClamAV

2007-08-17 Thread Jay West
David wrote...
> Sourcefire is a public company.  As such, its directors have a
> fiduciary duty to act in the best interests of Sourcefire investors.
Pendantic mode...
Public/Private has no bearing on the issue. Private companies mostly act in 
the interest of the private shareholders which is generally the same 
interest shown by public shareholders in public companies.

> So: How is Sourcefire planning to make money from ClamAV?  I would
> feel much more comforted if a Sourcefire rep could explain this.
> (Public companies don't make acquisitions for the good of the
> community; they make them for the good of their shareholders.)
I can think of two possible scenarios from other examples in the industry: 
First, they may offer priority support contracts which many corporate users 
will want to pay for so they have direct and/or priority support, etc. 
Second, they may provide specific add-ons and features that are available 
for a fee, just like Sendmail.Org has done. This doesn't mean the code is 
really "forked", as the commercial version may be merely addons, conditional 
compiles, etc.

I am not implying having any special knowledge or information. I'm merely 
illustrating what I have seen other companies do.

I would suggest waiting and seeing what happens over a period of time, say a 
year. As long as some of the new enhancements, bugfixes, etc. trickle into 
the code (or the free version of the code, if they go that route)... I'd be 
quite happy. May even pay for the commercial support.

Jay West 

___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html


[Clamav-users] Issue with Clamav Logging

2006-07-09 Thread Jay West
Hopefully someone can nudge me in the right direction, I feel like I'm 
grossly missing something here.


Platform: FreeBSD 6.1, Clamav 0.88.2, Sendmail 8.13.6

I do not have LogClean defined in my clamav config file. According to the 
docs, the default is disabled. However, my logfile has scads of lines as 
follows:


/u1/clamav/tmp/clamav-f7641294d0b85f9f/msg.nikROF: OK
/u1/clamav/tmp/clamav-f7641294d0b85f9f/msg.vG1SKW: OK
/u1/clamav/tmp/clamav-f7641294d0b85f9f/msg.uY6Eth: OK
/u1/clamav/tmp/clamav-f7641294d0b85f9f/msg.ltJrmi: OK

So I am guessing these lines are in fact referring to emails scanned as 
'clean'. If so, why are they showing up? I do not see a way to "undefine 
LogClean" if in fact it's getting set somewhere else.


Am I correct that these are log messages of clean scans? I get hundreds of 
them and they appear to correspond to each incoming email. If that's what 
they are, why am I getting them in the log file if I don't have LogClean 
defined?


Any help or advice would be most appreciated!

Jay West



___
http://lurker.clamav.net/list/clamav-users.html


[Clamav-users] Can someone help with clamav logging issue?

2006-08-04 Thread Jay West
Hopefully someone can nudge me in the right direction, I feel like I'm 
grossly missing something here.


Platform: FreeBSD 6.1, Clamav 0.88.2, Sendmail 8.13.6

I do not have LogClean defined in my clamav config file. According to the 
docs, the default is disabled. However, my logfile has scads of lines as 
follows:


/u1/clamav/tmp/clamav-f7641294d0b85f9f/msg.nikROF: OK
/u1/clamav/tmp/clamav-f7641294d0b85f9f/msg.vG1SKW: OK
/u1/clamav/tmp/clamav-f7641294d0b85f9f/msg.uY6Eth: OK
/u1/clamav/tmp/clamav-f7641294d0b85f9f/msg.ltJrmi: OK

So I am guessing these lines are in fact referring to emails scanned as 
'clean'. If so, why are they showing up? I do not see a way to "undefine 
LogClean" if in fact it's getting set somewhere else.


Am I correct that these are log messages of clean scans? I get hundreds of 
them and they appear to correspond to each incoming email. If that's what 
they are, why am I getting them in the log file if I don't have LogClean 
defined?


Any help or advice would be most appreciated!

Jay West

___
http://lurker.clamav.net/list/clamav-users.html


Re: [Clamav-users] how to uninstall ClamAV from FreeBSD server?

2006-09-27 Thread Jay West

Frank wrote

  how to uninstall ClamAV from FreeBSD server?


Assuming you installed from the ports collection, use:

pkg_delete -ix clamav

Answer Y or N as appropriate.

Jay West
___
http://lurker.clamav.net/list/clamav-users.html


Re: [Clamav-users] clamav-milter problem

2006-10-26 Thread Jay West

Nicholas Anderson wrote
... then i decided to install another milter 
tool, and it solved the problem.


So, what one did you switch to?

Jay West
___
http://lurker.clamav.net/list/clamav-users.html


Re: [Clamav-users] Re: Re: scan performance

2007-01-30 Thread Jay West

It was written...

It's been a while, but things that took minutes to scan now take seconds.


Well, then I'm looking forward to the next release!


Pardon me if this is a silly question, but I'm not up on how development of 
clamav is structured


If these performance enhancements are in 0.90RC2, can one also assume that 
they are in the development snapshot from 20061217 which is dated after the 
release of 0.90RC2?


Thanks in advance for the enlightenment!

Jay 



___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html


Re: [Clamav-users] Upgrade to .90?

2007-02-21 Thread Jay West

It was written...

I had the same problems.  FreeBSD/i386 6.2p1 and 6.2p0.  Compiled
directly from the ports collection, without --experimental.

As far as we could tell, it just scanned slower and slower and then
stopped scanning.


That sounds like what happened here.  See the "ScanStream: accept
timeout, unkillable" thread for a potential solution--it works for us
at least.  I hope the issues with the various FreeBSD versions and
pthread get sorted out in an official way soon--I rather like 0.90
otherwise. :-)


Glad this came up and people were talking about it. I was preparing to 
upgrade a few servers and this would have bit me hard. I saw the solution 
for modifying libmap.conf, but I wonder if this could be handled by tweaking 
the makefiles instead.


I wonder how soon a freeBSD port will be updated to fix all this too.

So if the above fixed clamav.90 on FreeBSD 6.2 without --experimental... 
anyone have stress tests with clamav.90 on FreeBSD 6.2 WITH --experimental?


Thanks for any comments!

Jay West 



___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html


Re: [Clamav-users] clamav vs norton

2007-03-02 Thread Jay West

Sean wrote
I trusted clamav for a long time but ran across an interesting problem 
today.


You aren't looking at the other side of that coin. You can bet (I see it 
rather frequently) that there are times that clamav catches a virus that 
norton does not! Don't throw the baby out with the bathwater


It is for this very reason that inbound mail in setups that I design passes 
through two different AV packages. I used to think this was rather silly, 
until a situation arose where I had to have inbound mail go through two 
different AV packages (my proposed front-end and the customers existing 
backend). After watching the logs on both packages, I noticed that it was 
actually pretty frequent/routine that clamav would catch something the other 
package didn't AND VICE-VERSA. Now I always design in two AV packages - I 
have learned it is not silly at all.


Jay West


___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html


Re: [Clamav-users] Upgrade to .90?

2007-03-07 Thread Jay West

Kevin wrote

Follow-up:  The above work-around almost works, but clamd occasionally
dies without warning now.  This is somewhat easier to live with than the
previous behavior, where it would be alive but would stop responding,
but it's still broken.


Doesn't the port currently in the FreeBSD ports tree online - 0.90_3 (NOTE 
the _3 part)that was just modified to _3 a few days ago... already 
include the above mentioned workaround by virtue of the parameterized 
pthreadlib setup? Or do I still need to put those entries in 
/etc/libmap.conf with the 1.91 version port makefile? I think the last (_3) 
FreeBSD port makefile basically took care of the libmap.conf a different 
way. I'd like to be sure ;)


Can anyone offer clarification?

Jay West





___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html