Noel Jones-2 wrote:
>
> On 4/22/2010 10:51 AM, Thomas Herzog wrote:
>>
>>
>>
>> Török Edwin wrote:
>>>
>>> On 04/22/2010 10:24 AM, Török Edwin wrote:
> lxhv1m02:~# grep ctl /etc/amavis/conf.d/15-av_scanners
> \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
>>>
>>> You
Noel Jones wrote:
Clam must scan the whole email message because (as you know) some
signatures only trigger on files that look like a mail message.
To have both attachment blocking and full email scanning, the mail
ends up being scanned twice. Maybe I'll put in a request for a "don't
scan
On 4/22/2010 12:30 PM, aCaB wrote:
Paul Whelan wrote:
I think your amavis tried to decode the message, and pass only parts of
it to ClamAV.
In general then, clamav may only recognise some malware when it is
still attached to a mail message and not after it has been
separately stored. Is that
Paul Whelan wrote:
>> I think your amavis tried to decode the message, and pass only parts of
>> it to ClamAV.
>
> In general then, clamav may only recognise some malware when it is
> still attached to a mail message and not after it has been
> separately stored. Is that correct?
It may or ma
On 22 Apr 2010 at 12:06, Török Edwin wrote:
> You need to tell amavis to pass the entire message to ClamAV, try:
> $bypass_decode_parts = 1;
>
> I think your amavis tried to decode the message, and pass only parts of
> it to ClamAV.
In general then, clamav may only recognise some malware when
On 4/22/2010 10:51 AM, Thomas Herzog wrote:
Török Edwin wrote:
On 04/22/2010 10:24 AM, Török Edwin wrote:
lxhv1m02:~# grep ctl /etc/amavis/conf.d/15-av_scanners
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
You need to tell amavis to pass the entire message to ClamAV,
On 04/22/2010 06:51 PM, Thomas Herzog wrote:
>
>
>
> Török Edwin wrote:
>>
>> On 04/22/2010 10:24 AM, Török Edwin wrote:
lxhv1m02:~# grep ctl /etc/amavis/conf.d/15-av_scanners
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
>>
>> You need to tell amavis to pass the ent
Török Edwin wrote:
>
> On 04/22/2010 10:24 AM, Török Edwin wrote:
>>> lxhv1m02:~# grep ctl /etc/amavis/conf.d/15-av_scanners
>>>\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
>
> You need to tell amavis to pass the entire message to ClamAV, try:
> $bypass_decode_parts = 1;
>
Török Edwin wrote:
>
> On 04/22/2010 10:24 AM, Török Edwin wrote:
>>> lxhv1m02:~# grep ctl /etc/amavis/conf.d/15-av_scanners
>>>\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
>
> You need to tell amavis to pass the entire message to ClamAV, try:
> $bypass_decode_parts = 1;
>
Török Edwin wrote:
>
> On 04/22/2010 10:01 AM, Thomas Herzog wrote:
>>
>> Amavis seems to be calling the clam deamon, it finds also some other
>> exploits, viruses...
>> /var/log/clamav/clamav.log:
>> Thu Apr 22 08:15:07 2010 -> /tmp/UPS_invoice_4557.zip:
>> Suspect.Bredozip-zippwd-5 FOUND
>
On 04/22/2010 10:24 AM, Török Edwin wrote:
>> lxhv1m02:~# grep ctl /etc/amavis/conf.d/15-av_scanners
>>\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.ctl"],
You need to tell amavis to pass the entire message to ClamAV, try:
$bypass_decode_parts = 1;
I think your amavis tried to decode
On 04/22/2010 10:01 AM, Thomas Herzog wrote:
>
> Amavis seems to be calling the clam deamon, it finds also some other
> exploits, viruses...
> /var/log/clamav/clamav.log:
> Thu Apr 22 08:15:07 2010 -> /tmp/UPS_invoice_4557.zip:
> Suspect.Bredozip-zippwd-5 FOUND
BTW attachments are automatically r
Rob MacGregor wrote:
>
> On Thu, Apr 22, 2010 at 07:16, Thomas Herzog
> wrote:
>>
>> Thanks for your reply, just to get this right.
>> The virus is detected by the binaries clamdscan or clamscan, but not by
>> the
>> deamon called through amavis -> see the attachment of my first post.
>
> The
On Thu, Apr 22, 2010 at 07:16, Thomas Herzog wrote:
>
> Thanks for your reply, just to get this right.
> The virus is detected by the binaries clamdscan or clamscan, but not by the
> deamon called through amavis -> see the attachment of my first post.
Then you have a problem with the way Amavis i
Thomas Herzog wrote:
>
>
> Rob MacGregor wrote:
>>
>> On Wed, Apr 21, 2010 at 16:02, Thomas Herzog
>> wrote:
>>>
>>> Hello,
>>> We're running clamav 0.95.3 with amavisd-new-2.6.1and postfix 2.5.5.
>>>
>>> Sending a message with a virus attached clamav-daemon didn't find it. ->
>>
>> http://w
Rob MacGregor wrote:
>
> On Wed, Apr 21, 2010 at 16:02, Thomas Herzog
> wrote:
>>
>> Hello,
>> We're running clamav 0.95.3 with amavisd-new-2.6.1and postfix 2.5.5.
>>
>> Sending a message with a virus attached clamav-daemon didn't find it. ->
>
> http://www.clamav.net/lang/en/sendvirus/
>
> -
On Wed, Apr 21, 2010 at 16:02, Thomas Herzog wrote:
>
> Hello,
> We're running clamav 0.95.3 with amavisd-new-2.6.1and postfix 2.5.5.
>
> Sending a message with a virus attached clamav-daemon didn't find it. ->
http://www.clamav.net/lang/en/sendvirus/
--
Please keep list traffi
Hello,
We're running clamav 0.95.3 with amavisd-new-2.6.1and postfix 2.5.5.
Sending a message with a virus attached clamav-daemon didn't find it. ->
Please take a look at the attachment.
When copying this msg onto the servre and scanning it manually withclamdscan
or clamscan the Virus is found
18 matches
Mail list logo
