it is at 50MB. Shall I make it larger?
Hi,
I am running Qmail+Qmail-Scanner+ClamAV on a FreeBSD 5.3 machine and
followed the qmailrocks.org directions to the tee. When running
test_installation.sh (bombs on step 2) i get this error in my
qmail-queue.log file:
1103226345:17359:ERROR:X-Antivirus-
At 09:51 AM 12/15/2004, you wrote:
On Wed, 2004-12-15 at 09:31 -0800, [EMAIL PROTECTED] wrote:
> At 11:44 AM 12/9/2004, Paul Theodoropoulos wrote:
> >0.75.1 was built on freebsd 5.2, gcc 3.3.3, and ran for months with never
> >a hint of unhappiness. no crashes that i ever recall happening.
> >
> >0
it is at 50MB. Shall I make it larger?
>
>> Hi,
>>
>> I am running Qmail+Qmail-Scanner+ClamAV on a FreeBSD 5.3 machine and
>> followed the qmailrocks.org directions to the tee. When running
>> test_installation.sh (bombs on step 2) i get this error in my
>> qmail-queue.log file:
>>
>> 1103226345
Hi,
I am running Qmail+Qmail-Scanner+ClamAV on a FreeBSD 5.3 machine and
followed the qmailrocks.org directions to the tee. When running
test_installation.sh (bombs on step 2) i get this error in my
qmail-queue.log file:
1103226345:17359:ERROR:X-Antivirus-ONETWENTYSEVEN-1.24-st-qms:clamdscan:
cor
Hi,
I am running Qmail+Qmail-Scanner+ClamAV on a FreeBSD 5.3 machine and
followed the qmailrocks.org directions to the tee. When running
test_installation.sh (bombs on step 2) i get this error in my
qmail-queue.log file:
1103226345:17359:ERROR:X-Antivirus-ONETWENTYSEVEN-1.24-st-qms:clamdscan:
co
On Fri, 17 Dec 2004 11:04:45 + in
[EMAIL PROTECTED] Matt <[EMAIL PROTECTED]>
wrote:
> Also, if that isn't the cause of the problem, make sure that exiscan
> and
> clam both have adequate permissions to the scanning directory.
Yep, my ClamAV setup has user clamav added to group mail, Exi
I'm aware of the following from the FAQ:
I get many false positives of Oversized.zip
Whenever a file exceeds ArchiveMaxCompressionRatio (see clamd.conf
man page), it's considered a logic bomb and marked as Oversized.zip . Try
increasing your ArchiveMaxCompressionRatio setting.
However, there i
on 12/17/04 2:31 PM, Carnegie, Martin at [EMAIL PROTECTED] wrote:
>
>>>
>>> on 12/17/04 1:09 PM, Carnegie, Martin at [EMAIL PROTECTED]
> wrote:
>>>
>>> Does your e-mail system have the means of using RTBL (Real Time Black
> List)
>>> servers? If so you might want to try that. Our spam load decr
>>
>> on 12/17/04 1:09 PM, Carnegie, Martin at [EMAIL PROTECTED]
wrote:
>>
>> Does your e-mail system have the means of using RTBL (Real Time Black
List)
>> servers? If so you might want to try that. Our spam load decreased
>> remarkably after we implemented our RTBL.
>>
>> My 2 cents,
>>
>> P
on 12/17/04 1:26 PM, Dennis Peterson at [EMAIL PROTECTED] wrote:
>>
>> on 12/17/04 1:09 PM, Carnegie, Martin at [EMAIL PROTECTED] wrote:
>>
>> Does your e-mail system have the means of using RTBL (Real Time Black List)
>> servers? If so you might want to try that. Our spam load decreased
>> rema
>
> on 12/17/04 1:09 PM, Carnegie, Martin at [EMAIL PROTECTED] wrote:
>
> Does your e-mail system have the means of using RTBL (Real Time Black List)
> servers? If so you might want to try that. Our spam load decreased
> remarkably after we implemented our RTBL.
>
> My 2 cents,
>
> Phil
If you
on 12/17/04 1:09 PM, Carnegie, Martin at [EMAIL PROTECTED] wrote:
>
>> Pardon, I didnt mean to imply that clamav doesnt provide the name of
> the
>> virus as well. The point i was trying to make was that clamav itself
>> doesnt know or care about what is actually done after the virus is
>> dete
On Fri, 17 Dec 2004 13:09:31 -0700
"Carnegie, Martin" <[EMAIL PROTECTED]> wrote:
> Again thanks for the feedback. Looks like I can drop Symantec :)
It's always good to have two or more independent scanners.
--
oo. Tomasz Kojm <[EMAIL PROTECTED]>
(\/)\. http
>Pardon, I didnt mean to imply that clamav doesnt provide the name of
the
>virus as well. The point i was trying to make was that clamav itself
>doesnt know or care about what is actually done after the virus is
>detected. That part is left up to something else (qmail-scanner in my
>case).
Jason Haar wrote:
Jim Maul wrote:
This is not really a function of the av scanner, but rather a function
of the program which is used to call the av scanner. clamav just says
YES or NO it is a virus or isnt. Just as an example, im using qmail
with qmail-scanner and clamav. qmail-scanner has t
Jim Maul wrote:
This is not really a function of the av scanner, but rather a function
of the program which is used to call the av scanner. clamav just says
YES or NO it is a virus or isnt. Just as an example, im using qmail
with qmail-scanner and clamav. qmail-scanner has the ability to
def
Carnegie, Martin wrote:
This is the ability to identify
mass-mailing viruses based on the name of the virus detected. For
example the W32.Beagle (or Bagle) from Symantec shows up as
[EMAIL PROTECTED] This means that can then drop any messages with the
@mm instead of just removing the attachment a
On Fri, 2004-12-17 at 10:56 -0700, Carnegie, Martin wrote:
> Hello all,
>
> Yep another newbie question.
>
> We are currently looking at switching to Clamav from Symantec SMTP and
> there is one feature that I really like from Symantec that I cannot find
> in Clamav (at least I cannot find). Thi
st the result here.
>
> Sorry but I can receive no mail at the time (relaying troubles for my
> domain). Can you put the .db file somewere I can download it?
http://scriptkitchen.com/clamav/test-20041217.db
-Jeremy
--
Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologie
Carnegie, Martin wrote:
Hello all,
Yep another newbie question.
We are currently looking at switching to Clamav from Symantec SMTP and
there is one feature that I really like from Symantec that I cannot find
in Clamav (at least I cannot find). This is the ability to identify
mass-mailing viruses b
On Thursday 16 December 2004 11:08 pm, ads nat wrote:
> Hi,
> I am running Redhat 9 with sendmail 8.13 and
> clamav-0.80 working o.k.
> /etc/freshclam.conf is configured for
> ###
> Checks 12
> ##
>
> But freshclam updates virus databse more frequent than
> specified. Here is log.
> ###
Hello all,
Yep another newbie question.
We are currently looking at switching to Clamav from Symantec SMTP and
there is one feature that I really like from Symantec that I cannot find
in Clamav (at least I cannot find). This is the ability to identify
mass-mailing viruses based on the name of th
Hello list,
When I scan a CD-Rom from Office2000, it appears to be clean. But then
I make a.iso file of the CD with Nero, and scan the .iso file, clamav
reports:
CD.iso: Exploit.IFrame.Gen FOUND
Happens with clamav on my Linuxbox and ClamWin on my MS box.
Am I doing something wrong?
Please scan the
On Fri, 17 Dec 2004 12:56:56 +0100
Ariën Huisken <[EMAIL PROTECTED]> wrote:
> Hello list,
>
> When I scan a CD-Rom from Office2000, it appears to be clean. But then
> I make a.iso file of the CD with Nero, and scan the .iso file, clamav
> reports:
>
> CD.iso: Exploit.IFrame.Gen FOUND
>
> Happen
Just wanted to post an update...
After building RPMs from the latest snapshot, updating my zlib to 1.2.2 and
deleting the clam database and forcing freshclam to redownload it, we had the
same problem. In fact, the lastest snapshot would die after five minutes at
most. It was the clamav-milter
Odhiambo Washington wrote:
Could you please try this and see if the virus will be detected:
formail -Y -s sendmail [EMAIL PROTECTED] < undetected
NB: That way you will have sent the mail to yourself, hopefully.
i tried, and it didnt reach my mailbox. The logs show the detection
René
* ads nat <[EMAIL PROTECTED]> [20041217 17:19]: wrote:
> Hi,
> I am using Redhat 9 Linux, sendmail 8.13, clamav-0.80.
> Working fine.
> Freshclam updates virus database twice a minute,
> thrice a minute. In freshclam.conf I have specified
> "Check 12"
> It mus
* René Bellora <[EMAIL PROTECTED]> [20041217 17:11]: wrote:
> Odhiambo Washington wrote:
>
> >Could it be that when a virus is hidden in a file named
> >.filename, then clamd cannot detect it?
> >
> >
> >
> it works fine in here:
> # clamdscan u
Hi,
I am using Redhat 9 Linux, sendmail 8.13, clamav-0.80.
Working fine.
Freshclam updates virus database twice a minute,
thrice a minute. In freshclam.conf I have specified
"Check 12"
It must be eating bandwidth.
Need help to solve problem?
Do you have a crontab running?
_
Hi,
I am using Redhat 9 Linux, sendmail 8.13, clamav-0.80.
Working fine.
Freshclam updates virus database twice a minute,
thrice a minute. In freshclam.conf I have specified
"Check 12"
It must be eating bandwidth.
Need help to solve problem?
Thanks
__
Odhiambo Washington wrote:
Could it be that when a virus is hidden in a file named
.filename, then clamd cannot detect it?
it works fine in here:
# clamdscan undetected
/tmp/undetected: Worm.Mydoom.I FOUND
--- SCAN SUMMARY ---
Infected files: 1
Time: 0.113 sec (0 m 0 s)
# clamdsc
Hello list,
Is it possible to disable the detection of the Eicar-Test-Signature?
The reason is that I scan the serversystems every week, and this signature is
packed in some other AV scanning tools like McAfee. Clamscan is configured to
move infected files, and it keeps moving my software that con
Hello list,
When I scan a CD-Rom from Office2000, it appears to be clean. But then I make a
.iso file of the CD with Nero, and scan the .iso file, clamav reports:
CD.iso: Exploit.IFrame.Gen FOUND
Happens with clamav on my Linuxbox and ClamWin on my MS box.
Am I doing something wrong?
All sugges
* Matt <[EMAIL PROTECTED]> [20041217 14:06]: wrote:
> Ron McKeating wrote:
>
> > /usr/local/exim/spool//scan/1CfFUm-0003g3-1r
>^
> notice the above?
Yes, the above is _not_ a problem!
> Also, if that isn't the caus
Ron McKeating wrote:
> /usr/local/exim/spool//scan/1CfFUm-0003g3-1r
^
notice the above?
Also, if that isn't the cause of the problem, make sure that exiscan and
clam both have adequate permissions to the scanning directory.
Matt
__
Hi I am a newbie with clamav, we are just testing it as we thing it is
better than our current av. We are using it to check email and call it
using exiscan from the exim config file, thus
in the main config
av_scanner = $acl_m0
and then in the contents check acl
discard message = ClamAV:Rejecte
36 matches
Mail list logo
