Anouncing a NEW phishing threat ... this is an excerpt from winXP news ...
how to disable the Windows Scripting Host (WSH) to prevent an insidious
new "phishing" technique that uses a script to redirect you to a
fraudulent Web site when you log on to do online banking.
So some of the phishing atta
As a riposte: I'm not alone in this, far from it, actually. A similar
request was recently issued by virusalert.nl, a dutch organisation
on virus prevention.
See http://www.virusalert.nl/?show=nieuws&id=559
I attempted to use the Fish to translate, and looked at their little
picture of the situat
> If you want to be able to sue someone then why don't you use a product
> like
> Symantec Corporate edition, or from any other large vendor?
I don't want to sue someone - I just like being protected against those
who do, and there are a lot of them out there.
That's why you pay so much for insura
All parties are willing and agreeable, and the vendor stands to make some
money. I can't imagine that would be a bad thing. I wouldn't underestimate
the importance of liability, tho.
Uhhh... but then what do you think someone providing such service would be
liable for then? Unable to download
Or, how about a subscription only (i.e. pay for) mirror which people can
query every five minutes if they like ?
Note that although you shouldn't, you CAN query any official mirror every
minute if you want :)
No mirror that I know of is able to prevent that. Yet.
iptables/netfilter :-)
So I would
Clamav is not the same as clamav-milter :) so if someone prefers not to use
milter or whatever to get viri before they hit the users mailbox they get
the mail into the mailbox. I'm running clamav-milter and find it s cool..
Ah...im running qmail so there is no milter. All this milter talk is
The viruses seem to be addressed to all the
permutations of the alphabet in the username, with the
domain always being goingware.com. Perhaps this was
meant to deliver the virus all to different people,
instead my personal email is being DOSed by this
virus.
Ask your hosting provider (or do it yo
FWIW, I would go for a solution with procmail :-)
Just curious, if clamav was running on the server, how did the infected
message
get into the mbox in the first place?
Jim
Clamav is not the same as clamav-milter :) so if someone prefers not to use
milter or whatever to get viri before they hit
This is a good reason to use maildirs.
Jim
Oh, come on! This is just shortcoming of ClamAV. Why have a --mbox option
if you can't identify the infected email?! RAV did this better.
Bert
So? Last time I checked RAV wasn't exactly free.
If it's not done in CVS yet then I suppose it might get done
Hello
Just a question about lastest clamav version.
I just downloaded clamav 0.73 and I found CVS directory in each directory.
It is normal ?
If a .tgz is created from CVS without any modifications then it's normal.
Not much to worry about really..
B.
---
At 08:01 11-05-2004 +0100, you wrote:
On Tue, 2004-05-11 at 00:58, Mitch (WebCob) wrote:
> I'm sure there are many (including myself) that could be convinced to host
> mirrors once the concept stabilizes...
I'm
certainly willing to open the front end, but I need to find out how easy
it is to mirror
My questions are, how are these temp files created? do they have a reason to
be there? is it safe to delete them? how do I avoid this issue?
On thing, all folders/files are from two days only (May 3rd and 4th),
something else, I don't have a quarantine option on my conf file.
I'll appreciate any i
What is the simplest and best solution for providing virus detection of
incoming email using Clamav with sendmail both assuming I don't have milter
and that I do?
Read the docs and pick your poisen.
Easy: recompile Sendmail to have Milter && compile Clamav with milter.
If you don't have somethin
How could I stop clamav-milter from responding with a bounce notice while
still rejecting infected messages from the incoming queue? The recipient
of the infected message should still receive a notification from clamav.
Someone suggested an option "-p" but it's not in the manpage or
`clamav-mi
Wed Apr 28 12:28:30 2004 ->
/var/spool/qmailscan/tmp/mx2108314810947010970/data.rtf
.scr: Win32.Mix FOUND
I am sure that is rather a sample of the Netsky worm, which other systems
running clam identify as "Worm.Somefool.xx"
What could be the cause of the wrong name?
Clamav is having it's own
> If I could make just one suggestion to the clam developers, it would
> be to consolidate all of the conf files into one.
Well, it looks like there are actually two projects here: clam-av, and
the one that enables this as a milter. Consolidation would be nice, as
separate sections in the same fi
Well, so here might be part of the problem:
[EMAIL PROTECTED] clamav]# ls -la /var/run/clamav/
total 8
drwxr-xr-x2 clamav clamav 4096 Apr 22 21:45 .
drwxr-xr-x 11 root root 4096 Apr 22 21:21 ..
srwx--1 clamav clamav 0 Apr 22 21:45 clamd.sock
A search o
Doubtful. There will always be diversity in computing, and as long as
users don't care one way or the other, Windows will always exist and
probably will hold the desktop for a LNG time. Which is fine.
The user only asks if he/she can do whatever needed on the OS that runs on
the deskt
At 02:24 22-04-2004 -0500, you wrote:
B. van Ouwerkerk wrote:
I've seen a message to this list about a GUI to maintain Clamav.
What I'm calling for is not just a GUI to set up and maintain clamav, but
a more comprehensive setup/maintenance utility for the complete package of
MUA (
At 14:49 21-04-2004 -0500, you wrote:
FYI. This is my last submission to the Mozilla Bugzilla that partially
addresses the needs of newbies who want a user-friendly gui or wizard to
set up and configure everything, requiring the user only to make choices
among easily-understood menu options.
I'v
The clamav dosen't work at the time 19:44-19:45 , on this time I received 5
virus email. why?
You're using milter? If so then you might have configured sendmail to let
through if milter is unavailable.
B.
---
This SF.Net email is sponso
Now how to find the infected ones ??? I have Bin looking for logfiles
but canot find it
Why do you assume you should be spoonfed here?
Type
man clamscan
in your shell and it will give you all information you need.
B.
Slackware rocks.
-
At 17:23 15-04-2004 +0200, you wrote:
Hi,
What command can I use to scan my compleet system ???
For all those questions just type:
man clamav
And you'll find out more then you ever wanted to know about the commandline.
B.
---
This SF.Net e
> If you do not have the same, then either freshclam is not working correctly
> (or not running at all) or freshclam is downloading the virus database to
> one location and clamav is looking for it in another location. I have seen
> this problem more and more lately on this list.
Thank you for yo
If we had two lists then the subscribers to the standard clamav list would
see
far fewer (note: not zero, I grant you) postings about milter, because even
if the question gets cross-posted, I would like to think that responders will
reply to the appropriate list and not the inappropriate one. T
At 13:08 14-04-2004 -0600, you wrote:
I just installed ClamAV, but Worm.SomeFool.P (in a zip file) is getting
through, although the online scanner at
http://www.gietl.com/test-clamav/ detects it.
Am I missing something in my configuration?
If you are using milter, is it really running and is Sendma
At 20:48 14-04-2004 +0400, you wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I use sendmail,clamd and clamav-milter.
1.Is it possible to pass mails with virus to special acount?
man clamav-milter :)
-Q, --quarantine=EMAILADDRESS
If this e-mail address is given, messages containing a virus or
> I have seen lists split up in the past.. like the PHP lists. The results of
> this:
> - cross posting
> - questions send to the wrong list
I think both of these examples are things which would be improved by having
two lists.
Ofcourse not. Do we have cross postings right now? No.
At the momen
At 17:01 14-04-2004 +0300, you wrote:
May I propose a separate mailing list for milter users? There seems to
be alot of discussions about milter (now I even know it's some form of
sendmail plugin) that warrants this.
Some of us use Exiscan and we find milter quite a 'strange' idea ;-))
The list cou
> A central repository of cross-references would probably be the best and
> most resilient solution.
I definitely agree, but that's a lot of work.
I partially disagree. It would be possible to fill a database with the
announcements on the virusdb list without user intervention.. procmail and
PHP
At 18:02 13-04-2004 +0200, you wrote:
Is there a way to tell Clamav to scan outgoing pop3 mail???
I am using Mandrake 10 with evolution.
$ more /etc/mandrake-release ; rpm -qa|grep -i kernel
Mandrake Linux release 10.0 (RC1) for i586
kernel-2.6.2.3mdk-1-1mdk
http://www.clamav.net/3rdparty.html
Look
For the record, I'm using clamav-0.67-1 with the stock RH9 sendmail
(8.12.8). Clamav-milter is version 0.67a. I'm not feeling up to trying
0.68 or 0.70rc since reports are they're not particularly stable.
I'm using 0.70rc one on a testbox for almost one month and about 2 weeks on
a production b
I have been using ClamWin more and more lately, really like it, fee scanner,
etc... now running on my kids systems even! I thought you had mentioned
that there were docs on SF about how to use the Windows Scheduler to
schedule scans? For the life of me I cannot find them?
I have tried to creat
> thanks all for ur good advises.. i managed to install
> and get clamd and clamav-milter running:
>
> clamav36624 0.0 8.5 22572 21136 ?? Ss4:24PM
> 0:00.01 clamd
> clamav85905 0.0 0.5 2608 1272 ?? Ss5:01PM 0:00.01
> /usr/local/sbin/clamav-milter --max-children=2 -olb
> -Oorspronkelijk bericht-
> Van: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Namens Spades
> Verzonden: Sunday, April 11, 2004 12:55 AM
> Aan: [EMAIL PROTECTED]
> Onderwerp: [Clamav-users] sendmail
>
>
> any idea, how can i get clam to work with sendmail?
http://www.clamav.net/doc/0.
At 10:22 08-04-2004 -0400, you wrote:
Recent discussions on other names...what about an improved version of
http://www.nfllab.com/projects/cvnr/
Maybe adding an encyclopedia of virus information to each name?
I was more thinking along the line of a database filled with the
announcements on the cla
At 22:12 06-04-2004 +0200, you wrote:
Diego d'Ambra wrote:
And that is what we'll (try to) do in the future (if a common name has
been established).
But that would break statistics. I don't mind if the name is different as
long as it can be cross-referenced. Someone was working on a web site with
At 23:38 05-04-2004 -0500, you wrote:
Question:
If Worm.SomeFool is Netsky, then why is not labeled as netsky?
Also, is there a way to make an alias in the virus database so my users can
see netsky instead of Worm.Somefool?
Basically that's because the users keep complaning about the virus names
th
At 11:09 05-04-2004 +0200, you wrote:
Thanks i had a look in my clam.log and i've got this line :
ERROR: Socket file /usr/local/sbin/clamd exists. Either remove it, or
configure a different one.
if i remove this file /usr/local/sbin/clamd and i try to launch again clamd
i've got this :
I am trying to setup sendmail, clamd, and clamav-milter. Here are the
software packages: (btw, I am also running procmail and spamassassain)
#Software version
redhat v8
sendmail-cf-8.12.5-7
sendmail-devel-8.12.5-7
sendmail-8.12.5-7
sendmail-doc-8.12.5-7
clamd-0.68-1.rh80.dag
clamav-devel-0.68-1.rh
You probably want the -b option to reject the DATA phase of the SMTP
session if the milter detects a virus.
No you dont need '-b option'.
I'm new to Clamav but from the manpage it looks like -N would be more
appropriate.
If I understand everything correctly then -b will bounce the message with
41 matches
Mail list logo