I'm getting a permission denied message when trying to start clamav-milter
under version 0.85. I says "/dev/console: Permission denied"
Clamav 0.84 works fine on the same system.
Here's the debug output.
clamav-milter -fNnqD /var/spool/MIMEDefang/clmilter.sock
LibClamAV debug: Running as user d
I have an updated set of Perl scripts that now tie into a Mysql database. So
if you have multiple Mail servers and/or you want to query for past virus
statistics then this is it.
Three main sets of scripts are provided do the following:
push.pl - Puts the virus log entries into a table
source_vi
I have an updated set of Perl scripts that now tie into a Mysql database. So
if you have multiple Mail servers and/or you want to query for past virus
statistics then this is it.
Three main sets of scripts are provided do the following:
push.pl - Puts the virus log entries into a table
source_vi
On Monday 07 February 2005 13:59, Jamie Wilch wrote:
> I just upgraded from .081b to .082. After the upgrade I started
> receiving the following in my logs:
>
> Feb 7 11:41:05 mail sendmail[22494]: j17Idpkg022494: Milter: data,
> reject=451 4.7.1 Please try again later
> Feb 7 11:41:05 mail send
On Tuesday 01 February 2005 12:40, Niek wrote:
>
> unfortunately, the --unrar parameter is for clamscan only.
The clamd.conf file says...
# Due to license issues libclamav does not support RAR 3.0 archives (only the
# old 2.0 format is supported).
If this is still an issue then maybe a clamav-mi
On Monday 31 January 2005 10:25, Ken Jones wrote:
> > Made change to account for milter logging changes in ClamAV 0.81
> In the heading you refer to version .36. The attached version if .35 and
> appears not to function on the new logs
Oops... accidentally sent the .35 version. I just resent
Made change to account for milter logging changes in ClamAV 0.81
Enjoy,
Brett
Options:
-h Help
-f Log file
-l Log type - valid types are: amavis and milter - Defaults to milter
-r Show recipients
-s Show senders - Milter only
-c Minimum virus count for unique hosts
-v Minimum virus type c
Made change to account for milter logging changes in ClamAV 0.81
Enjoy,
Brett
Options:
-h Help
-f Log file
-l Log type - valid types are: amavis and milter - Defaults to milter
-r Show recipients
-s Show senders - Milter only
-c Minimum virus count for unique hosts
-v Minimum virus type c
Added in MIME:Lite functionality so the email is properly formatted and can
have a real name. This helps them fly under the SpamAssassin Radar. However
you will need MIME:Lite, CGI, and a recent CPAN version of Net::SMTP.
Enjoy,
Brett
Options:
-h Help
-f Log file
-l Log type - valid types a
I have corrected a bug were some Exploits and Worms were not reported.
For smtp support you will need to define your smtp server and email address in the
perl script.
You will also need "LogSyslog" enabled in your clamav.conf for Milter logging.
Options:
-h Help
-f Log file
-l Log type - valid
I noticed my milter syslogs are now going to /var/log/messages instead
of the usual /var/log/maillog. After adding "LogFacility LOG_MAIL" to
my clamd.conf and clamav.conf it started logging to the original
location.
However I'm no getting the clamd logs in my maillogs. I want these to go
to the de
I have the MailFollowURLS feature enabled on a low priority mail server and was
wondering if there is a way to log that a virus was found from a url.
So far it only logs the name of the virus.
Thanks,
Brett
---
This SF.Net email is sponsored
I have corrected a few bugs, added smtp support, and added a minimum virus count.
For smtp support you will need to define your smtp server and email address in perl
script.
You will also need "LogSyslog" enabled in your clamav.conf for Milter logging.
Options:
-h Help
-f Log file
-l Log type -
On Mon, 2004-08-30 at 18:33, Internet Helpdesk wrote:
> > For example:
> > ./source_virus_count.pl -l amavis -f amavis/amavis.log -r -c 10
> For this to work for milter, what logging to I need to have? Do I enable
> verbose logging in clamav.conf? Right now In my log I have:
>
> Mon Aug 2
AIL PROTECTED]>; Fri, 20 Aug 2004 08:02:17 -0400
Subject: Test url
From: Brett Simpson <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Content-Type: text/plain
Message-Id: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Date: Fri, 20 Aug 2004 08:02:17 -0400
Content-Tran
Not sure if I'm reinventing the wheel but I wrote a perl script that
will report on:
1: Unique virus's and the total times they were seen.
2: Hosts by IP address who sent over 10 virus's.
3: Per host breakdown of which virus's were sent along with the count.
4: Per host breakdown of which recipien
>>> [EMAIL PROTECTED] 8/10/2004 3:49:05 PM >>>
> It looks good. I might steal some of this to do reporting for some
> clients - do you mind?
Go right ahead and use it anyway you want.
---
SF.Net email is sponsored by Shop4tech.com-Lowest p
On Mon, 2004-08-09 at 22:21, Stephen Gran wrote:
> Don't loop - make a more complicated data structure, like a multi level
> hash (ugly pseudo-code to follow):
Ok.
> Just read the file once, fill in the bits as you go, and process the
> whole thing at the end.
I wrote this and it's much much fas
Is there a way I can configure the following log entry for Clamav-milter to also
output the origin address? The reason I'm asking is because I'm using a script to go
through the log file and count all of the big virus senders but it takes forever to
run since I'm having to loop through my maillo
I'm seeing this too. I've updated ClamAV to the latest CVS version to see if that
helps.
>>> [EMAIL PROTECTED] 07/26/04 12:48PM >>>
- Original Message -
From: "Mike Brodbelt" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, July 26, 2004 11:28 AM
Subject: [Clamav-users] New vari
Yussef ElSirgany wrote:
Has anyone here implemented a Transparent proxy or a standard proxy
server with virus scanning? I am looking at implementing this and would
sure appreciate your experience!
It looks like http://dansguardian.org/ is the main clam + proxy solution
right now. There is als
>>> [EMAIL PROTECTED] 3/4/2004 5:35:34 PM >>>
> Nope, that won't work. Besides blocking purely based on name we also run
> 'file' on the attachments and block based on the type of file returned by
> 'file'. So, a windows executable renamed from foo.exe to foo.txt will
> still be caught as a banned
Jesper Juhl wrote:
Nope, that won't work. Besides blocking purely based on name we also run
'file' on the attachments and block based on the type of file returned by
'file'. So, a windows executable renamed from foo.exe to foo.txt will
still be caught as a banned 'exe' file - blocking only based o
Following a Mimedefang post about virus writers possibly renaming Zip files to .txt
and asking the users to rename the file I decided to test if Clam would pick it up.
I renamed a Messages.zip file, that was picked up as Worm.Bagle.Gen-zippwd, to
Messages.txt. If I scan the file with clamscan --
I noticed it was added to the database on Aug 1st at 13:20 (see link below). I'm
running clamav-20030320 and it's filtering out that virus ok.
http://sourceforge.net/mailarchive/forum.php?thread_id=2886216&forum_id=34654
Brett
>>> [EMAIL PROTECTED] 08/04/03 10:24AM >>>
Hi,
Looks like th
Getting these malformed errors today from one of my servers but not the others. I can
browse clamav.elektrapro.com ok from the ok server but not the bad one. It was working
ok yesterday. Maybe an internet routing problem?
Checking for a new database - started at Fri Mar 7 15:39:38 2003
Current
26 matches
Mail list logo
