On 2003-12-02, Tomasz Kojm wrote:
>> --- SIGSEGV (Segmentation fault) @ 0 (0) ---
>> stat("/var/log/clamav/clamd.log", {st_mode=S_IFREG|0644,
>> st_size=2287932, ...}) = 0 write(3, "Tue Dec 2 01:52:44 2003 ->
>> ERROR: accept() failed.\n", 52) = 52 accept(0, ^C
>> Process 15124 detached
>> [EMAIL
On Wed, 03 Dec 2003 11:49:11 +1300
Jason Haar <[EMAIL PROTECTED]> wrote:
> On Wed, 2003-12-03 at 09:38, Matthew Trent wrote:
> > Ok, when the ArchiveMaxFileSize is set higher, the file goes
> > through. I also see the new ArchiveMaxCompressionRatio option; I
> > assume that's intended to safely al
On Tuesday 02 December 2003 02:39 pm, Tomasz Kojm wrote:
> > Ok, when the ArchiveMaxFileSize is set higher, the file goes through.
> > I also see the new ArchiveMaxCompressionRatio option; I assume that's
>
> Oh, sorry for my last posts - your problem is not connected with the
> ratio limit - you m
On Tuesday 02 December 2003 02:49 pm, Jason Haar wrote:
> Indeed - the commercial AV products do that. If you set a max level of
> checking, they simply stop processing after their internal limits have
> been reached.
>
> If clamav exits with an error status under such conditions (I don't know
> if
On Tue, 2 Dec 2003 10:38:45 -0500 (EST)
Ed Phillips <[EMAIL PROTECTED]> wrote:
> Also, from another glance at the source, it appears that clamd will go
> into a "buzz-loop" waiting for a free thread slot if there are already
> MaxThreads threads active. Not the best solution for the "busiest"
> s
On Tue, 2 Dec 2003 02:03:13 +0100 (CET)
Jakub Jankowski <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED]:~# strace -s 512 -p 15124
> Process 15124 attached - interrupt to quit
> accept(0, 0, NULL) = ? ERESTARTSYS (To be
> restarted)--- SIGTERM (Terminated) @ 0 (0) ---
> time([10
--- Patrick Boutilier <[EMAIL PROTECTED]> wrote:
> Send yourself one of the test viruses that come with ClamAV. (test
> subdirectory)
Ah, I didn't even realize that was there. Thanks!
__
Do you Yahoo!?
Protect your identity with Yahoo! Mail AddressGuard
http://ant
On Wed, 2003-12-03 at 09:38, Matthew Trent wrote:
> Ok, when the ArchiveMaxFileSize is set higher, the file goes through. I also
> see the new ArchiveMaxCompressionRatio option; I assume that's intended to
> safely allow a larger ArchiveMaxFileSize? What about an option to return
> success and a
On Tue, 2 Dec 2003 12:38:22 -0800
Matthew Trent <[EMAIL PROTECTED]> wrote:
> On Tuesday 02 December 2003 12:29 pm, you wrote:
> > Dec 2 12:21:07 mail1 clamd[5980]: /var/spool/exim/
> > scan/1ARH14-0001YJ-Q8/1ARH14-0001YJ-Q8-0.zip: File size limit
> > exceeded. ERROR
> >
> > Same thing with th
On Tuesday 02 December 2003 12:29 pm, you wrote:
> Dec 2 12:21:07 mail1 clamd[5980]: /var/spool/exim/
> scan/1ARH14-0001YJ-Q8/1ARH14-0001YJ-Q8-0.zip: File size limit exceeded.
> ERROR
>
> Same thing with the latest CVS. Same 3.1mb .zip as last time.
Ok, when the ArchiveMaxFileSize is set high
On Tuesday 02 December 2003 11:00 am, Tomasz Kojm wrote:
> Matthew Trent <[EMAIL PROTECTED]> wrote:
> > I'm using the 20031124 snapshot, and the above-mentioned change is
> > already in there. Yet I still get:
>
> Update to the latest CVS version.
>
> Best regards,
> Tomasz Kojm
Dec 2 12:21:07 mai
Ed
I just installed Clamav snapshot from last night and I'm using the
processes instead of threads and it's only got 3 clamd's running now.
Seems to be just as fast as before with 6 clamd threads.
I don't think I'm Disk I/O bound. I'm using SDS to do RAID 1+O on a 2
SCSI controllers and a D100
On Tue, 2 Dec 2003 10:02:44 -0800
Matthew Trent <[EMAIL PROTECTED]> wrote:
> I'm using the 20031124 snapshot, and the above-mentioned change is
> already in there. Yet I still get:
Update to the latest CVS version.
Best regards,
Tomasz Kojm
--
oo. [EMAIL PROTECTED]
On Tue, 2 Dec 2003, Ken McKittrick wrote:
> Ed
>
> Amavisd-new and Clamd are the bottleneck on this system. With 8 amavisd
> processes, clamd runs with 5 threads. That goes up to 6 threads with 12
> amavisd processes. This might be the most I can get on an 8 cpu system.
We use MIMEDefang + clamd
Hi!
On Tue, 2 Dec 2003, [UTF-8] Kriе║tof Petr wrote:
KP>The number of open files counted via 'lsof | grep clam | wc -l'
KP>show astronomical values.
KP>
KP>I guess it goes wrong when some with slow connectivity try to send
KP>really big email. The timeouts are reach, and everything goes to [EMAIL
Ed
Amavisd-new and Clamd are the bottleneck on this system. With 8 amavisd
processes, clamd runs with 5 threads. That goes up to 6 threads with 12
amavisd processes. This might be the most I can get on an 8 cpu system.
I'm still fine tuning this machine for maximal throughput.
Thanks
Ken McKit
Dean Plant wrote:
> I posted a similar problem on 13/11. The answer from Tomasz Kojm, which
> worked for me, shown below.
>
> Please edit libclamav/scanners.c, the line 64:
>
> #define ZIPOSDET 20 /* FIXME: Make it user definable */
>
> and increase the value to 50.
>
> Regards
>
> Dean Plant
Hi,
the stable version 0.65 has the same problems as all old versions.
After some time it stops work.
Clamd is running, checks for db updates and writes to log file,
but do not communicate with clamav-milter.
No info on logs except "Session 0 stopped due to timeout."
The number of open files coun
On Tue, 2 Dec 2003 15:36:04 +0100, Tomasz Kojm <[EMAIL PROTECTED]> wrote:
>
> UPX support will be available very soon.
>
I'm glad to hear this:)
--
Virgo Pärna
[EMAIL PROTECTED]
---
This SF.net email is sponsored by OSDN's Audience Surv
On Tue, 2003-12-02 at 13:42, Benny Pedersen wrote:
> > ONAY, Gabriel wrote:
> > I have heard, that is possible to use clamav with squid.
> > Is that right?
We use clamav with DansGuardian Anti-Virus (
http://freshmeat.net/projects/dgvirus/?topic_id=907%2C43 ) which sits
between squid and users and
On 2003-12-01, Tomasz Kojm wrote:
>> Looks like clamd refuses to die on `killall clamd' when UseProcesses
>> directive is turned on:
>
>Hmm... it shutdowns cleanly under my Linux (2.4.18, workstation) and
>under Solaris 8 (SPARC).
[EMAIL PROTECTED]:~# strace -s 512 -p 15124
Process 15124 attached
On Mon, 1 Dec 2003 23:39 , Tomasz Kojm <[EMAIL PROTECTED]> sent:
>On Fri, 28 Nov 2003 18:24:02 +0100
>Tomasz Papszun [EMAIL PROTECTED]> wrote:
>
>> I think that this parameter should be made runtime configurable (in
>> clamav.conf). Not every site compiles Clamav on its own.
>
>You can now setup
On Tue, 2 Dec 2003, Ed Phillips wrote:
> On Tue, 2 Dec 2003, Ken McKittrick wrote:
>
> > Hello
> >
> > I have Postfix 2.0.16, Amavisd-new, SpamAssassin, and Clamav 0.65
> > running on a Enterprise 4500 with 8 CPU's. It's configured to use 16
> > Amavisd processess and the Clamav.conf has MaxThread
On Tue, 2 Dec 2003, Ken McKittrick wrote:
> Hello
>
> I have Postfix 2.0.16, Amavisd-new, SpamAssassin, and Clamav 0.65
> running on a Enterprise 4500 with 8 CPU's. It's configured to use 16
> Amavisd processess and the Clamav.conf has MaxThreads set to 40. I only
> see 6 clamd threads. I don't th
On Tue, 2003-12-02 at 05:58, Josh wrote:
> I just installed MailScanner and ClamAV and I'm wondering how one tests
> the ClamAV installation. I've gotten a couple "infected" messages, but
> they were for wacky code in HTML emails so they are probably from
> MailScanner rather than ClamAV. Amazingly
Hello
I have Postfix 2.0.16, Amavisd-new, SpamAssassin, and Clamav 0.65
running on a Enterprise 4500 with 8 CPU's. It's configured to use 16
Amavisd processess and the Clamav.conf has MaxThreads set to 40. I only
see 6 clamd threads. I don't think that Clamd is keeping up with
Amavisd.
Any id
On Tue, 2 Dec 2003 14:27:58 + (UTC)
Virgo Pärna <[EMAIL PROTECTED]> wrote:
> Are there any plans to add upx and other executable packers
> support to Clamav? I recently got Worm.Gibe.F, of which .exe was not
UPX support will be available very soon.
Best regards,
Tomasz Kojm
--
Are there any plans to add upx and other executable packers
support to Clamav? I recently got Worm.Gibe.F, of which .exe was not
detected as virus and since exiscan didn't pass message body to
antivirus was not recognised as virus. In last virus definitions
update it was mentioned, that
Josh,
Send yourself one of the test viruses that come with ClamAV. (test
subdirectory)
Josh wrote:
I just installed MailScanner and ClamAV and I'm wondering how one tests
the ClamAV installation. I've gotten a couple "infected" messages, but
they were for wacky code in HTML emails so they are pr
I just installed MailScanner and ClamAV and I'm wondering how one tests
the ClamAV installation. I've gotten a couple "infected" messages, but
they were for wacky code in HTML emails so they are probably from
MailScanner rather than ClamAV. Amazingly (ha), neither myself nor any
of my coworkers hav
On Tue, 2 Dec 2003 12:32:35 +0100
Denis Ducamp <[EMAIL PROTECTED]> wrote:
> I just saw that mirrors.txt in clamav-0.65 has just
> database.clamav.net (3 times) instead of a list of 4 hosts which none
> resolve as database.clamav.net. Should I upgrade my mirrors.txt ?
No, you should upgrade to 0.
> ONAY, Gabriel wrote:
> I have heard, that is possible to use clamav with squid.
> Is that right?
in FreeBSD 4.9 there is a apache mod clamav, other then that i don't know
> If yes, there are any experience with this konfiguration?
nope, not tryed here
--
On Tue, Dec 02, 2003 at 01:31:25AM +0100, Denis De Messemacker wrote:
> ClamAV database updated (2003.12.02 00:05 GMT): daily.cvd, viruses.db2
All mirrors aren't synced. Here is what I had this night :
--
Checking for a new database - started at Tue Dec 2 03:0
> > Both CLAM 0.60 and Solo Antivirus identify the following file as bieng
> > infected with W97/Marker. But since upgrading to CLAM 0.65, CLAM does
> > not detect the infection; either as a regular file or as a mail
> > attachment via clamav-milter. But the message -
> X-Virus-Scanned: ClamAV ve
On Mon, 01 Dec 2003 at 14:00:56 -0600, Joshua French wrote:
>
> I am trying to find out the difference(s) between ClamAV's virus db and
> any given commercial product. In the latter, I've noted that they have
> covered 70-80k viruses, whereas ClamAV has somewhere around 10k in its
> definitions.
Somehow it works great now!
Thanks alot everybody.
-Patrik
- Original Message -
From: "Patrik" <[EMAIL PROTECTED]>
Newsgroups: gmane.comp.security.virus.clamav.user
Sent: Monday, December 01, 2003 8:04 PM
Subject: Re: Re: Problems with clamav-milter + sendmail
> See my earlier just pos
At least I have this options enabled. this is my conf:
And I have restarted clamd.
linux:/etc/clamav# cat clamav.conf
#To reconfigure clamd run #dpkg-reconfigure clamav-daemon
LocalSocket /var/run/clamd.ctl
ScanMail
ScanArchive
StreamSaveToDisk
StreamMaxLength 50M
ArchiveMaxRecursion 5
ArchiveMaxF
Thanks a lot
Niber
Brian Bruns wrote:
Right now, there is no programs to integrate clamav with windows based apps.
I've got something in development, but its still a long ways away.
---
This SF.net email is sponsored by: SF.net Giveback Pro
38 matches
Mail list logo
