On Fri, Sep 14, 2012 at 5:59 AM, Siranjeevi wrote:
> I changed the items in clamd.conf
> MaxScanSize = "157286400"
> MaxFileSize = "104857600"
>
> But Still, the changes are not reflected in clamscan. I couldn't scan
> large files which is of 75MB in size.
Did you mean clamdscan? Or are you
On Thu, Jan 19, 2012 at 8:09 AM, David Kentwood
wrote:
> That's a neater solution than what I found. Thanks.
>
> Just wondering, how do you set variables such as $malware_name? or are the
> variables automatically set by Exim or by the ClamAV?
You'll want to read through the docs, chapter 41 if I
On Tue, Jan 17, 2012 at 6:25 PM, David Kentwood
wrote:
> Sorry i am not experienced with exim configuration. When you say "reject at
> SMTP time", does adding the following to exim.conf suffice?
>
> check_message:
> deny message = This message contains malformed MIME ($demime_reason)
> demime =
Hi all, I'm having issues with clamav 0.96.1 where freshclam running
in daemon mode is growing very large. Here are the results of ps aux
on some different machines:
smtp1 (i386) :
clamav4005 2.2 18.8 394008 390868 ? Ss Jun09 88:31
freshclam --daemon
smtp2 (i386) :
clamav4023 2.
On Tue, Jan 26, 2010 at 5:19 PM, Rob Jennings wrote:
> I work for a school district and our new xserves have just been updated to
> the 10.6 server operating system. The problem I am experiencing on all 4 of
> these servers which are in different schools is the same. The log files are
> filling
On Thu, Jan 7, 2010 at 6:31 AM, Noah Sheppard wrote:
>
> I'm running postfix-2.3.3 with clamav-milter-0.95.3 (and therefore
> clamd-0.95.3). Postfix is running as user "postfix". OS is RHEL5,
> x86_64.
>
> When I start clamd, it creates clamd.sock like so:
> $ ls -l /var/run/clamav/clamd.sock
> sr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Jul 11, 2008 at 04:20:21PM +0200, shuttlebox wrote:
>>> > X-Virus-Scanned: Debian amavisd-new at tad.clamav.net
>>> just found this in the headers of this mailing list :(
>> honestly expect others to. This just means they are using clamav on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Just reporting to the ClamAV team:
I have repeatedly been getting failures downloading cdiffs from one
particular mirror:
WARNING: getpatch: Can't download daily-7359.cdiff from db.us.clamav.net
WARNING: getfile: daily-7359.cdiff not found on remote
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Apr 17, 2008 at 12:03:42PM -0400, Jerry Ferguson wrote:
>Problem: clamav-milter loads and immediately terminates
You gave lots of good build information, but didn't say how you were
calling the milter itself. To give you something to compare
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Apr 16, 2008 at 07:33:20PM +0100, Nigel Frankcom wrote:
>Similar problems here on CentOS 4.6/64 bit. I did find some info on
>...
> I'll probably give it a couple of days and if it doesn't
>resolve I'll do a manual build.
DAG rebuilt the pack
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Apr 06, 2008 at 12:18:22PM +0200, Robert Schetterer wrote:
>since yesterday update two older files on my sharedweb where marked as virus
>Submission-ID: 2142059
>Sender: Virus Total
>Submission notes: Signature by Michael Cichosz
>Added: Troja
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Jan 09, 2008 at 11:14:33AM +0200, Jean Jacques Siebrits wrote:
>Hey all
>As soon as I try and run my companies custom configuration for ClamAV (After
>extracted) it gives me this error message and configuration stops:
>checking how to run the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Nov 01, 2007 at 08:02:58AM -0600, Milton Calnek wrote:
>>> With no other options, this smells like selinux.
>> I second that.
>Yah... I'm a die hard RedHat fan... but I haven't had time to explore
>selinux, so when I build a system, I turn it
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Oct 31, 2007 at 11:33:17AM -0600, Milton Calnek wrote:
>[EMAIL PROTECTED] ~]# host -t txt current.cvd.clamav.net
>current.cvd.clamav.net descriptive text "0.91.2:44:4641:1193798066:1"
>[EMAIL PROTECTED] ~]# host db.ca.clamav.net
>db.ca.clamav.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Oct 21, 2007 at 08:50:17AM -0700, P T wrote:
>I downloaded clam av from the clam av site. However when I check the
>signature I get that basically it isn't a trusted signature. How am I doing
>this wrong?
># to get the key
>> gpg --keyserv
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Sep 30, 2007 at 02:03:10PM -0500, René Berber wrote:
>> information from ClamScan about which email contains the hit? Is there a way
>> to have the line number of the hit spit out? Or the signature that was
>> matched revealed?
>http://www.c
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Aug 14, 2007 at 03:18:42PM -0600, Joshua Rubin wrote:
>Tue Aug 14 15:08:40 2007 -> No stats for Database check - forcing reload
>Tue Aug 14 15:08:40 2007 -> Reading databases from /var/share/clamav
>Tue Aug 14 15:09:16 2007 -> Database correct
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, Jul 16, 2007 at 11:49:15AM -0600, Gary V wrote:
>Looks like I can no longer resolve (from a couple different networks):
>www.sanesecurity.co.uk
This is from Savvis networks:
sanesecurity.co.uk. 172800 IN NS ns1129.dizinc.com.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Jul 05, 2007 at 07:12:21AM -0700, Thomas Spuhler wrote:
>> > ..there is a problem with in CPU or in clamscan ?
>> use clamdscan instead
>Why continuing with this answer. Clamdscan takes 50% of the time of clamscan
>and that still much to slow
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, May 30, 2007 at 05:43:59PM +0200, Salvatore wrote:
>..sorry but I don't have understood, what I must modify in clamav.spec ? or
>pheraps I must send to ml other information about my clamav.spec ?
>thanks.
In your first email, you pasted some
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, May 30, 2007 at 04:28:03PM +0200, Salvatore wrote:
>Hi, in my clamav.spec I have:
>
>%files
>%defattr(0644,root,root,0755)
>%doc AUTHORS BUGS COPYING ChangeLog FAQ INSTALL NEWS README TODO
>%doc docs/*.pdf docs/html/ test/ RPM-clamav.txt
>#%la
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, May 28, 2007 at 10:01:49PM +0200, gianni sissa wrote:
>Hi,
>I'm a qmail/qmailscan/clam user. I upgraded clam (version 0.90.1) on
>three different servers, and in two cases I had to downgrade to te
>previous version due to an error:
>
> clam
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Apr 26, 2007 at 07:56:10AM -0500, Dave Dumbeck wrote:
>I have a problem with clamav-milter. It is working short time before
>going to error state.
Let's check your virus database to see if it's in the range of
acceptability. Does your number
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Apr 27, 2007 at 05:49:35PM +0500, Sergey wrote:
>> Can you check the application/system logs for any problems with running
>> out of file descriptors, too many open files, or the like??
>Yes, I have not found problems. "messages" has only 21
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Apr 26, 2007 at 08:15:00PM +0500, Sergey wrote:
>On Thursday 26 April 2007, Todd Lyons wrote:
>> Apr 26 16:51:22 mx1 clamav-milter[30280]: Temporary quarantine file
>> /tmp/clamav-db5fe7f81e62a48f8c91bcf1d09e2d57/msg.80JZZY cre
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Apr 26, 2007 at 06:28:28PM +0500, Sergey wrote:
>> Apr 26 16:50:27 mx1 sendmail[27486]: l3QBnJ1T027486: Milter add:
>> header: X-Virus-Scanned: ClamAV version 0.90.2,
>It was working before 16:50:27, but is not working after 16:51:22 in
>this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Apr 25, 2007 at 01:00:43AM +0200, Urban Hillebrand wrote:
>With the newly introduced delays during the initialization of clamscan this
>would cause us significant problems. So my question is: Will this get fixed,
>or is this "working as expe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Apr 11, 2007 at 02:24:52PM -0400, Jim Maul wrote:
>However, it is illogical that clamd would die completely due to issues
>with a recently downloaded definition file. Why can it not just roll
>back to the old, previously working, definition
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Mar 29, 2007 at 11:13:11AM +0200, Greg McCarthy wrote:
>
>Now to my question :) Does anyone have a script or know how I can
>monitor the clamav milter so if it ever dies again I get an email
>alert, or the script can even restart the milter.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Mar 15, 2007 at 07:11:20PM -0400, John Fleming wrote:
>>>- And the clamav log is free of errors and indicated that the database is
>>>updated appropriately and clamd is being notified of changes.
>
>OK, clamav is finding viruses again, but th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Mar 08, 2007 at 12:51:36AM +0800, Awie wrote:
>Yes, seems the message was coming from Qmail-Scanner. But the Clamd consume
>a lot of CPU resource.
>I upgraded the new version for 11 servers. All servers have same
>configuration (setting) and b
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey, who's the guy who maintains the phishing sigs? They hacked my
webserver and sent out spams with a url that pointed to my webserver.
If you want the URL, email me offlist and I'll give it to you (want to
keep it out of the ML archives).
- --
Rega
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Jan 17, 2007 at 10:54:53AM -0500, Edward Dam wrote:
>Tue Jan 16 22:40:09 2007 -> SelfCheck: Database status OK. Reloading
>anyway.
>Tue Jan 16 22:40:09 2007 -> Reading databases from /var/clamav
>Tue Jan 16 22:40:09 2007 ->
>/var/spool/qmails
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Jan 17, 2007 at 03:34:01AM +0100, Sander Holthaus wrote:
>a very basic perl script which opens a listening socket and a shell? I
>found it after a hacker tried to gain entry. The script is nothing
>special (far from, 612 bytes) but I doubt peo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Jan 17, 2007 at 08:49:14AM -0500, Edward Dam wrote:
>Thanks again for all your help. Maybe once clamAV matures, it will be a
>better fit for my needs, but until then I need to remove it, as it's the
>cause of my headaches.
I would disagree on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Jan 02, 2007 at 10:41:21AM -0500, Ben Wilson wrote:
>LibClamAV Error: Cannot close file /tmp/clamav-29cad58e042679e3/main.fp.
>cli_untgz: No space left on device
>LibClamAV Error: cli_cvdload(): Can't unpack CVD file.
>LibClamAV Error: Can't l
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Nov 28, 2006 at 07:27:57PM -0300, René Bellora wrote:
>>>find . -type f -print0 | xargs -0 clamscan
>>If clamscan is complaining about a too long commandline with *, then
>>this will give him the same error.
>no, it won't. The xargs command kn
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Nov 28, 2006 at 05:55:44PM -0300, René Bellora wrote:
>this could be circumvented with xargs:
>cd /tmp/clamscan
>find . -type f -print0 | xargs -0 clamscan
If clamscan is complaining about a too long commandline with *, then
this will give hi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Nov 17, 2006 at 04:04:46PM -0600, [EMAIL PROTECTED] wrote:
>When attempting the rpm -Uvh command using both rpm packages together
>(i.e. clamav and clamav-db) I get dependencies back to the previous
>packages.
You have to upgrade all three
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Sep 20, 2006 at 05:04:41PM +0200, Jona Tallieu (T & T NV) wrote:
>configure: WARNING: ** GNU MP 2 or newer NOT FOUND - digital
>signature support will be disabled !
>I tried re-installing GMP, but still get the error.
>Anyone any idea wh
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Sep 06, 2006 at 09:44:01PM +0200, [EMAIL PROTECTED] wrote:
>I do think that there is too much of a danger of denial of service attacks
>or mail failure due to the milter crashing if you scan your mail during
>the SMTP phase. I have regularly s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Sep 05, 2006 at 08:57:25AM +0300, nikos wrote:
>Yesterday seemed that clamav-milter blocked sendmail and we couldn't send
>any mails.
>I receive the next message:
>Sep 4 17:41:36 server clamav-milter[24326]: hit max-children limit (5 >=
>5):
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Aug 31, 2006 at 01:13:21AM +0100, Stephen Gran wrote:
>> It tries to run:
>> It should be running:
>-AC_CHECK_HEADER(resolv.h,[FRESHCLAM_LIBS="$FRESHCLAM_LIBS $resolv_lib";
>AC_DEFINE(HAVE_RESOLV_H,1,have resolv.h)], AC_MSG_WARN([** D
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Aug 30, 2006 at 10:22:06PM +0200, [EMAIL PROTECTED] wrote:
>btw: ./configure && make is working here, too; the --enable-milter part
>is giving me difficulties...
Yeah, I got the error too. I poked at it for a bit, but I didn't get
any furth
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Aug 30, 2006 at 09:32:18PM +0200, [EMAIL PROTECTED] wrote:
>oh well - i for one am too stupid to work with cvs code:
>__cut__
>clamav-milter.o(.text+0x81f1): In function `main':
>: undefined reference to `__res_query'
>clamav-milter.o(.text+0x
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Aug 29, 2006 at 12:31:44PM -0700, .rp wrote:
>> > INPUT_MAIL_FILTER(`clamav',`S=unix:/var/run/clamav/clmilter.sock,
>> > F=T, T=S:4m;R:4m')dnl
>You use clamav as the milter? Is this better than using clamav-milter as the
>milter?
It's just a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Aug 03, 2006 at 06:09:25PM -0500, Chris wrote:
>I was looking at my clamav stats file and noticed that it kept giving me the
>same amount of virus's detected as of 1 Aug. Looking at
>my /var/log/clamav/clamd.log I noticed that it quit loggi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, May 24, 2006 at 11:33:31AM +0200, Egoitz Aurrekoetxea wrote:
>Im quite worried about that because in FAQ tells if it happens only
>once to ignore it but when it happens often
what should I do? I use my
>isp dns servers so no dns caching or s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, Apr 14, 2006 at 07:20:28PM -0700, Dennis Peterson wrote:
>You need to uninstall all the packages and build from source. And before
Before I begin, let me first say that if the guy is proficient and
comfortable compiling/installing/configurin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Mar 22, 2006 at 09:06:05PM +0200, Panagiotis Christias wrote:
>> >we tried to run clamav-milter without the quarantine option:
>> > clamav-milter -enNqd -m 150 -U /var/tmp/clamav
>> >Now some of the messages that exceed the StreamMaxLength l
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Mar 21, 2006 at 02:25:11AM +0200, Panagiotis Christias wrote:
>we tried to run clamav-milter without the quarantine option:
> clamav-milter -enNqd -m 150 -U /var/tmp/clamav
>Now some of the messages that exceed the StreamMaxLength linger aro
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Mar 12, 2006 at 02:53:21PM +0100, MP wrote:
>ok, that's fine, so when I need to scan a directory, I'll use clamdscan
>in the future.
Point to note: the clamd daemon by default changes user when it starts
from root down to a regular user, us
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Feb 08, 2006 at 10:35:01PM +, Brian Morrison wrote:
>> Dig doesn't seem to have any trouble getting a record,
>> date/time on my server is correct.
>> % dig current.cvd.clamav.net txt
>> ;; ANSWER SECTION:
>> current.cvd.clamav.net.
>> 5
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Jan 25, 2006 at 06:40:37PM +, Steve Basford wrote:
>If you look at Section 3.3 (Basic Signature format) you'll see that
>these databases are .db format, which
>doesn't have a html type, it looks for matches in ALL file types, which
>I th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, Jan 24, 2006 at 08:49:03PM +, Steve Basford wrote:
>Note 2: Use the unofficial phish.ndb at your own risk.
Any reason to call it phish.ndb instead of phish.db? Just a way to make
automating it easier?
- --
Regards... Todd
w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, Jan 23, 2006 at 02:12:44PM +, Nigel Horne wrote:
>>Dec 7 11:54:46 lionhead sendmail[13045]: jB7Askgv013045: SYSERR(root):
>>out of memory: Cannot allocate memory
>>ClamAv is configured in sendmail.mc as:
>>INPUT_MAIL_FILTER(`clamav', `S=l
On Thu, Dec 29, 2005 at 12:55:14AM -0500, PBR wrote:
>Every couple of weeks my server slows down from too many clamscan
>processes running. They seem to be running on the bounced mail account as
>a result of spammers.
>I changed /etc/clamav.conf to MaxThreads 5 but I still get dozens of
>clamscan
C. Andrews Lavarre wanted us to know:
>Fajar hi, thanks.
>> My guess is you have both /usr/bin/clamscan ( from RPM) and
>> /usr/local/bin/clamscan (from manual build). The same goes for libs also.
>. You are correct, thanks:
>/usr/bin/ contains May 18, 2005 versions of
> clamav-config
>
G.W. Haywood wanted us to know:
>And you're not nervous about running a Linux distro that old?
>That would make *me* very nervous.
>Do _everyone_ a favour and install a more recent distro.
Old distros are ok under controlled circumstances.
1) Firewall all listening ports to the Internet except th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Todd Lyons wanted us to know:
>Tomasz Kojm wanted us to know:
>
>>It's a problem of the OP and not ClamAV that he is running an outdated
>>version. The problem with AES encrypted zip archives was fixed more
>>than five mo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tomasz Kojm wanted us to know:
>It's a problem of the OP and not ClamAV that he is running an outdated
>version. The problem with AES encrypted zip archives was fixed more
>than five months ago in 0.86:
The daemon says it's 0.87.1 when it starts (aft
Grant Basson wanted us to know:
>>Should you ever come back to visit this list you'll learn that everything
>>you need to know about this can be found in your clamd.conf file. That
>>leaves for you the challenge of finding that clamd.conf file.
>I feel like a twit, but here goes anyway.
>How the h
Shaun Bügler - Hetzner wanted us to know:
>Any suggestions besides "fix the php code" ?
Run it manually and do an lsof on it to see what files it has open.
Run it manually and do an strace on it to see what the heck it's doing.
Run it manually and do whatever you gotta do to figure out where this
Joanna Roman wanted us to know:
>> I believe timestamps are stored internally in
>> seconds-since-the-epoch. So whatever your ls -l
>> command says in your time zone, that's the correct
>> time.
>No, I believe you are incorrect. I am talking about
>the timestamp stored in each main.cvd and daily.
Daniel Mons wanted us to know:
>In Debian at a command prompt: /etc/init.d/clamav-freshclam start
>In Gentoo at a command prompt: /etc/init.d/clamd start
>...etc. From memory, Fedora puts these sorts of things in /etc/rc.d/init.d
>or something like that.
We can actually standardize a bit here b
Sergey wanted us to know:
>Hello.
>
>Why subj ? should the clamav-milter write to clamd.log ?
Normally you would write to its own log file. Make it log to
/var/log/clamav/clamav-milter.log and your permission problem should go
away.
--
Regards... Todd
OS X: We've been fighting th
Mark wanted us to know:
>> ... The result is processes that hang forever
>> on our system. We have a cronjob that does a
>> killall -HUP sendmail every 2 hours.
>> that clears out those hanging processes.
>That seems a bit crude. :) I wrote a cronjob like that, in Perl; but,
>based on 'ps' output,
R. Steven Rainwater wanted us to know:
>Thanks Todd, this was the first thing I've tried that helped. Prior to
>0.87, we were running max children at 25 and never had problems. I
>bumped it up to 40 now and that seems to have helped somewhat. We're
>still getting a couple of the error messages in
R. Steven Rainwater wanted us to know:
>> Have you tried running clamd and using --external on clamav-milter?
>Just tried it. Already had two more crashes in less than 10 minutes!
>:-( Both were of the "write(A) return -1, expected 5: Broken pipe"
>variety, if that means anything.
Pick up the ma
[EMAIL PROTECTED] wanted us to know:
>R. Steven Rainwater wrote:
>> Update. I tried changing -T=0 to --timeout=0 as one person suggested
>> but it had no effect. For the moment, I've added a chron job that
>> restarts clamav-milter hourly, which is at least keeping the mail
>> flowing for now. If
Michal Kochanowicz wanted us to know:
>A user forwarded an email with worm to me. This email passed our
>clamav on 2005.09.20 22:10:41 CEST. When I checked forwarded email with
>clamscan around 2005.09.21 10:00:00 CEST it correctly detected
>Worm.Bagle.Gen-5.
>Between an original email and my test
Chris wanted us to know:
>${LOGFILE}, and running "service freshclam start" from the cli resulted in
>the process starting "Starting Clam AntiVirus Update Daemon:" but the 'ok'
>was not given. My guess is because of the "sleep" variable. Tried after the
Try "restart". If it was already runni
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Stephen Gran wanted us to know:
>> However, the VERSION command and clamdscan -V report the new database
>> version immediately after putting the new databases in place.
>Both do indeed scan the on disk databases for version information.
Verified her
Brian Morrison wanted us to know:
>> And it would be nice to obtain the currently loaded database from the
>> daemon without having to parse the log files.
>clamscan -V
That's not what he's asking. That only tells you what version of the
database clamscan finds and loads when you run it. That d
Nigel Horne wanted us to know:
>> This is a feature request. The first line in the log carries a lot of
>> useful information, almost everything. Would it be possible to also
>> include the sender's IP address? It would save us a few lines of
>> scripting when analyzing the logs.
>Given the number
Ken Goods wanted us to know:
>Niek wrote:
>> On 6/16/2005 8:04 PM +0200, Ken Goods wrote:
>>> So you're saying these are MailScanner generated messages?
>> That should tell you enough, or did you pay for clamav ?
>>
>> Niek Baakman
>> ___
>> http://lurk
Troy Ayers wanted us to know:
>When compiling the latest snapshot of clam I too get
>clamav-milter.c:1573: undefined reference to `smfi_opensocket'
>>I just built 85f on a solaris 9 x86 box without trouble grabbed the
>>CVS an hour ago ..
>Grabbed the CVS 15 mins ago. .85f exact sam
Odhiambo Washington wanted us to know:
>Someone said I have disabled ScanPE, which is correct. It's apparent
>that this was a major factor. It also appears that restarting clamd
>was necessary. I however don't understand why it should be, since
>freshclam does notify it...
Notify it of a new data
Jim Popovitch wanted us to know:
>should be doing for the masses. I'll shutup now since it is all too
>apparent that ppl think I came here to get individual assistance in
>solving a problem rather than to identify a potential oversight in
>clamav.
Don't take it personally until an actual develop
Odhiambo Washington wanted us to know:
>> Please, set the "Debug" flag in your clamd.conf, rescan the sample, and send
>> us the logs.
>I cannot do that on the box where this phenomena is manifesting itself
>because it's a production box, processing large volumes of mail. I'll
Very quickly, do t
Damian Menscher wanted us to know:
>On Fri, 27 May 2005, lattera wrote:
>
>>can't use strace, because I don't know the email that is making it
>>hang. that is why I need to use gdb, so I can look through the
>>stack/heap for the email...
>You're saying it's hung, taking 100% of CPU. So just use t
haplopelma lividum wanted us to know:
>>>my system is rh7.3 clamd + clamav-milter v.0.85.1 and i have a little
>>>problem. when i execute "service clamav-milter stop" system is
>>>answering "ok", but don't delete clmilter.sock. so when i execute
>>>"service clamav-milter start" syste
Souza Simbota wanted us to know:
>checking for curl >= 7.10.0... FAILED
>configure: WARNING: curl-config was not found
Install curl-devel
>checking for mi_stop in -lmilter... no
>checking for library containing strlcpy... no
>checking for mi_stop in -lmilter... no
>configure: error: Cannot find
haplopelma lividum wanted us to know:
>my system is rh7.3 clamd + clamav-milter v.0.85.1 and i have a little
>problem. when i execute "service clamav-milter stop" system is
>answering "ok", but don't delete clmilter.sock. so when i execute
>"service clamav-milter start" system get er
Matt Fretwell wanted us to know:
>> clamav-milter: (-q && !LogSyslog): warning - all interception message
>> methods are off
>> /var/log/clamav/clamav.log: Permission denied
>> Well, duh. The clamd daemon has that file open, so clamav-milter can't
>> open it. Can someone tell me how to tel
Installing clamav-0.85.1 (custom rpms) onto a CentOS 4.0 box. I'm
modeling the configs after our production systems which are Gentoo boxen
and running fine.
When I try to start the milter, I get an error:
[EMAIL PROTECTED] mail]# clamav-milter --max-children=100 --quiet --force-scan
--externa
Brian Read wanted us to know:
>>Block all mails from dynamic IP.
>>They are 99,99% spam.
Agreed.
>No they aren't that "rule" causes quite a few of my customers a
>headache, as the (linux) mailserver I often install sends the email
>direct, irrespective of whether there Ip is "dynamic" or "stat
Kri?tof Petr wanted us to know:
>0.84 is last, stable *working* version.
>0.85 is buggy. Wait until someone fix it.
0.83 worked for me.
0.84 worked for me.
0.85 is working for me.
My systems are small to medium level systems (around 100K emails/day).
Clam ran stable with 0.80, 0.83, 0.84, and if
Matt Fretwell wanted us to know:
>> as it is harder to scan those messages for viruses
> Nonsense. Mail is mail. If you are running a mailserver, it should be
>able to cope with all types of mail, irrelevant of (creation|submission)
>method.
Nonsense. A user clicks on a webmail message, opens th
Chris de Vidal wanted us to know:
>Is our situation that foreign? I was half expecting someone to tell me
>"We have a 5TB FTP server and can scan it all under 40 minutes with .25
>extra load average! You just have to do this..."
Most people with stuff that large have a three teir system:
1) AV
[EMAIL PROTECTED] wanted us to know:
>Hello
>
>Please, we have seen this in one of our servers:
>
>qscand 20687 13.4 0.0 19528 936 ?RApr13 389:37
>/usr/local/clamav/bin/clamscan --verbose --debug
>/var/spool/qmailscan/tmp/servername111342211948731875
Turn off --debug.
>Any one ha
.rp wanted us to know:
>sm-mta[27416]: j3D3etk5027410: forward /tmp/.forward: World writable
>directory
>net sm-mta[27416]: j3D3etk5027410: [EMAIL PROTECTED], delay=00:00:06,
>xdelay=00:00:00, mailer=local, pri=63883, dsn=2.0.0, stat=Sent
>_
Julian Mehnle wanted us to know:
>| To those of you who argue that ClamAV should detect phishing attacks
>| even though tools like SpamAssassin are designed and inherently better
Perhaps marketing speak would better suit you. McAffee detects phishing
emails. What better way to give *ALL* AV com
[EMAIL PROTECTED] wanted us to know:
>>>Yes, it will (already supported in CVS).
>this is ridiculous. my clamd system is now broken due to these changes that
>are being propogated. i'm running the current .83 release. you should at
>S60clamd start
>LibClamAV Error: Wrote 0 instead of 512
>(/var/tm
[EMAIL PROTECTED] wanted us to know:
>> When a milter is configured to reject at the SMTP level, it never gets
>> to the second milter in the chain. So if clamav-milter detects a
>> virus, the CPU intensive content scanning process never sees the
>> message (hence much lower load).
>Your site pol
Dennis Peterson wanted us to know:
>> Of the two processes (spam scanning and virus scanning), spam scanning is
>> more resource-intensive (at least the way I do it) - so I virus scan
>> first, and spam-scan second.
>Interesting - that is exactly the opposite of my experiences so I'm
>interested i
[EMAIL PROTECTED] wanted us to know:
>Dennis Peterson wrote:
>> It is frequently most efficient to test for spam content prior to scanning
>> for viruses - there is no point in virus scanning a file if it has
>> failed a spam content test. That's more than you asked but not bad to
>> know.
>The r
Junior wanted us to know:
>/usr/local/sbin/clamav-milter -dlDo --max-children=2
Try setting --max-children to something like 20 or 40.
--
Regards... Todd
We should not be building surveillance technology into standards.
Law enforcement was not supposed to be easy. Where it is
Brad Morgan wanted us to know:
>> --max-ratio=#n
>>Set maximum archive compression ratio limit.
>>This option protects your system against DoS attacks
>> (default: 250).
>I created the zip file myself so I don't think there's anything wrong
ladha wanted us to know:
>> My /etc/logrotate.conf is :
logrotate also supports the /etc/logrotate.d/* files for packages to
easily add/remove logrotate support for their logrotations needed.
Here's how I do mine:
smtp1 root # cat /etc/logrotate.d/clamav /etc/logrotate.d/freshclam
/var/log/c
1 - 100 of 228 matches
Mail list logo
