On Wed, Jan 28, 2004 at 01:01:35PM -0300, Patricia Viana wrote :
> Hi.
[...]
> It seams to be the same virus as MyDoom or Novarg.
> Can anyone confirm this?!
>
> Thanks.
>
>
>
> Att,
>
> Patrícia Viana
>
Indeed, all those names belong to the same virus.
please, configure yo
I would like to install this and am looking
for some help to get it running in CHROOT and with OpenBSD, Postfix,
Amavisd-new, SpamAssassin, Razor and DCC. Can anyone point me to
an install guide i have tried some and have had no luck getting it to
work.
Paul
Noticed that clamav-milter wasn't running and then found the following
in the logs. I'm running clamd 0.65 and clamav-milter 0.60p. I'm
afraid I don't have much other information.
Jan 29 04:46:18 earth clamav-milter[983]: hit max-children limit (20 >=
20): waiting for some to exit
Jan 29 04:4
On Fri, 30 Jan 2004, Orion Poplawski wrote:
> Noticed that clamav-milter wasn't running and then found the following
> in the logs. I'm running clamd 0.65 and clamav-milter 0.60p. I'm
> afraid I don't have much other information.
>
> Jan 29 04:46:18 earth clamav-milter[983]: hit max-children
Hello, I'm trying to install ClamAV with real-time protection (on open,
on close, on exec) on a
Pentium II with RedHat Linux 9.0.
As far as I could understand, for that I need Dazuko installed and
ClamukoScanOnLine activated.
When I start the clamd service I get the following message in the
clam
As far as I can tell, running --quiet shouldn't send email to *anyone* from
clamav-milter. I'm still seeing it send 550 REJECT messages back to the
original sender. Is there another switch I need to set?
I'm running ClamAV from the FreeBSD 4.8 clamav-devel port (ClamAV version
'clamd / ClamAV vers
On Wednesday 28 Jan 2004 2:54 pm, Robert Middleswarth wrote:
> Does that mean they are simple deleted or are they passed though with a
> header saing virus?
There is currently no option to pass flagged viruses through the milter.
> Thanks
> Robert Middleswarth
-Nigel
--
Nigel Horne. Arranger,
Hi.
Here it dropped by 40% only
Still getting a lot of this plague.
Patrícia.
-Mensagem original-
De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Em nome de Jeff Gojkovich
Enviada em: quarta-feira, 28 de janeiro de 2004 19:52
Para: [EMAIL PROTECTED]
Assunto: Re: [C
I'm running qmail-scanner 1.20 and clamav 0.65. In watching the qmail-scanner logs,
I've found that clamscan is, indeed, being called with the proper arguments. I've
even added some debug messages to qmail-scanner-queue.pl and found that all of the
arguments are fine.
But here is the sectio
On Fri, 30 Jan 2004 at 11:42:25 -0600, Dan Bongert wrote:
> As far as I can tell, running --quiet shouldn't send email to *anyone* from
> clamav-milter. I'm still seeing it send 550 REJECT messages back to the
> original sender. Is there another switch I need to set?
>
> I'm running ClamAV from th
> As far as I can tell, running --quiet shouldn't send email to *anyone*
from
> clamav-milter. I'm still seeing it send 550 REJECT messages back to the
> original sender. Is there another switch I need to set?
0.66j added the --noreject option. Try that.
> Dan Bongert [EMAIL P
Hello Micha,
Thursday, January 29, 2004, 10:13:41 AM, you wrote:
MS> Last night I made a small change to qmail-scanner.pl- I added 'worm.sco.a'
MS> to the array $silent_viruses_array. (To prevent sending Virus Found messages
MS> to innocent "sender" addresses)
did you edit it with something lik
> On Wednesday 28 Jan 2004 2:54 pm, Robert Middleswarth wrote:
>
>> Does that mean they are simple deleted or are they passed though with a
>> header saing virus?
>
> There is currently no option to pass flagged viruses through the milter.
>
>> Thanks
>> Robert Middleswarth
>
> -Nigel
>
So that mea
Last night, in an attempt to stop the "Virus Found" notifications being
sent to a false sender address by the Worm.SCO.A, I added to my
silent_viruses_array in the Q-S.pl script 'worm.sco.a'. (right after
'klez','bugbear')
As soon as I did that, clamav stopped recognizing the virus.
I had been
[EMAIL PROTECTED] wrote:
That is due to hi traffic of SCO virus. Increase max-children
in CLAMAV_FLAGS of clamav-milter . Try with 40
I understand why it hit the limit, and I'm happy to increase it. But, I
posit that clamav-milter shouldn't *crash* because of it.
--
Orion Poplawski
System A
> > I'm running ClamAV from the FreeBSD 4.8 clamav-devel port (ClamAV version
> > 'clamd / ClamAV version devel-20040129', clamav-milter version '0.66g'), and
> > these are the switches I pass to clamav-milter:
> >
> > --quiet --quarantine-dir=/mail/quarantine/clamav --local --outgoing
> > --max-ch
I have worked on this for quite some time, and I'm not sure why Clam won't
detect the Eicar test virus. It does, however, detect other virii.
Additionally, virii in zipped files are not detected. If I scan the files
manually, i.e. 'clamscan eicar.com' or 'clamscan eicar.zip', the following
is retur
On Thursday 29 January 2004 6:46 am, Allyn Baskerville wrote:
> I have worked on this for quite some time, and I'm not sure why Clam won't
> detect the Eicar test virus.
It does for most people
> It does, however, detect other virii.
> Additionally, virii in zipped files are not detected. If
Jessica Ruble-English wrote:
> Still getting plenty SCO.A's over herer too.
> Has anybody started seeing the variant "MyDoom.B" yet?
As of 2004/01/30 @ 09:44 AM EST I haven't seen a single MyDoom.B.
It would be REALLY slick to put together a restricted (trusted)
ClamAV polling system with select
I found the problem. My softlimit was too low. Raised it to 20 MB and it's fine.
On Fri, Jan 30, 2004 at 01:25:20PM -0500, Jeremy Doolin saith:
> I'm running qmail-scanner 1.20 and clamav 0.65. In watching the qmail-scanner logs,
> I've found that clamscan is, indeed, being called with the pr
All-
I am the Technology Director for a small, independent news organization. We are
running qmail for our internal email and for some of our subcsribers (<30 accts.).
With the recent rash of viruses, we see the need to run AV & Spam filters. My sys
admin and I, while *nix savvy, are not
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Thomas
> Lamy
> Sent: Thursday, January 29, 2004 3:06 AM
> To: [EMAIL PROTECTED]
> Subject: Re: [Clamav-users] Clamdscan problem
>
>
> Jose R. Ortiz Ubarri wrote:
>
> > # clamdscan readme.zip
> > /root/read
Quoting Jeff Gojkovich <[EMAIL PROTECTED]>:
> Nope, still getting hit with it.
>
I am seeing a few SCO.A along with Gibe.F. Total is slightly higher
than before the SCO outbreak, but numbers yesterday and today (-0500
UTC) are nothing like Tuesday. Odd.
Jeffrey
--
Hi all,
How does everyone handle the clamav quarantine? I'm running clamav w/
qmail-scanner and every virus laden email gets put into the quarantine
folder... Is it even worth it to quarantine at all?
I did look through the archives, but I didn't see anything about
this... So,
Tim Crouch wrote:
All-
I am the Technology Director for a small, independent news organization. We are running
qmail for our internal email and for some of our subcsribers (<30 accts.). With the recent
rash of viruses, we see the need to run AV & Spam filters. My sys admin and I, while *n
Hi!
I'm running sendmail 8.12.10 with
ClamAV version 'clamd / ClamAV version devel-20040108', clamav-milter
version '0.66c'
And in gerneral I'm very happy with it. There is only one problem (and I
reported it already several times!!). Sometimes clamd crashes and just
before it crashes I get a lot
On Wed, 28 Jan 2004 21:55:58 +0700
"Andrey V. Malyshev" <[EMAIL PROTECTED]> wrote:
> Hello!
>
> 1)
> clamav-devel-20040127: clamd crashes without any log records when
> virus bases reloading command sent.
> It appears _only_ when UseProcesses in clamav.conf is enable.
UseProcesses is completely
On Thu, 29 Jan 2004 at 9:28:51 -0500, Jim Maul wrote:
> > -Original Message-
> > Jose R. Ortiz Ubarri wrote:
> >
> > > # clamdscan readme.zip
> > > /root/readme.zip: Can't access the file ERROR
> > >
> > > And everything I try to scan gives me the same ERROR.
> > >
> > I suspect clamd is n
Quoting Jason Frisvold <[EMAIL PROTECTED]>:
> How does everyone handle the clamav quarantine?
I run a cron job that deletes any directory more than 2 weeks old. If
they haven't claimed their files in 2 weeks, their more-or-less out of
luck (it's actually on the backup tapes after deletion,
On Fri, 30 Jan 2004 09:50:12 -0500
Jesse Guardiani <[EMAIL PROTECTED]> wrote:
> Jessica Ruble-English wrote:
>
> > Still getting plenty SCO.A's over herer too.
> > Has anybody started seeing the variant "MyDoom.B" yet?
>
> As of 2004/01/30 @ 09:44 AM EST I haven't seen a single MyDoom.B.
>
> It
Begin forwarded message:
Date: Fri, 30 Jan 2004 14:21:30 -0500
From: "Vijay Sarvepalli" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: CLAMAV LOG ANALYZER
I have developed a log analyzer to graphical view virus data for AV
engine loggers
currently supported for
CLAMAV
RAV
VEXIRA
I am wor
Quoting Jim Maul <[EMAIL PROTECTED]>:
> Actually, it technically is clamscan, but for the installation i used
> (www.qmailrocks.org) a step in there says to copy clamscan to clamdscan
Arrr! Why are they advising to do such a stupid thing.
> so
> running clamscan and clamdscan effectively means
>From the recent CVS source, I am getting the following compile error. Did I
miss something? I saw the notes on the new code for checking OLE2 objects (or
some such).
Configure looks like this:
./configure --prefix=/opt/csw --sysconfdir=/opt/csw/etc --disable-clamav
--enable-milter --with-dbdir=
On Wed, 28 Jan 2004 at 16:01:43 -0600, Erick Ivaan Lopez Carreon wrote:
> > >>
> > >> I am using Amavis-ng, and the amavisd.conf doesn't seem to have that
> > >> line in it. However it does seem to know about other ones which spoof
> > >> the reply, so i guess it must be somewhere?
> > >
>
> a
Ok Nigel,
You were absolutely right, the msgs I was refering to were all bounces, my
mistake. Is there a fix in the works for this?
Shawn
On Tue, 27 Jan 2004 16:59:08 + Nigel Horne <[EMAIL PROTECTED]>
exclaimed:
> On Tuesday 27 Jan 2004 2:31 pm, Shawn Tayler wrote:
> > Nigel,
> >
> > I hav
Hi there,
I'm at the point where I need to implement a Virus filter on my mail server.
I'm running CommuniGatePro (4.1.8) on an xServe (running 10.3.2) and I want
to install Clam AV 6.5. Is anyone doing this with a similar setup? Does it
work? Is there much documentation on how to make it work? If
On 28 Jan 2004 17:11:23 -0400, Jose R. Ortiz Ubarri <[EMAIL PROTECTED]> wrote:
> # clamdscan readme.zip
> /root/readme.zip: Can't access the file ERROR
>
If clamd runs as non-root user (clamav), then this user must have
right to read file for clamd to be able to scan it (don't know, if
this
> Try adding "-v" option. Maybe it'll show some important details.
>
> I suspect that your proxy (or settings concerning it) is the
> culprit.
Tomasz,
Thanks for the reply. I tidied up my freshclam script so that it
wasn't passing the "http-proxy" parameter. I then re-ran it with the
-v opti
Quoting Jeffrey L. Taylor <[EMAIL PROTECTED]>:
> I noticed that the virus count has dropped back to pre-SCO.A levels
> starting around 0330 UTC this morning. I have not seen a single SCO.A
> since then. Has anyone also seen this?
>
> Jeffrey
>
ClamAV did find one SCO.A this afternoon. But the r
Hello, I'm trying to install ClamAV with real-time protection (on open, on close, on
exec) on a
Pentium II with RedHat Linux 9.0. (sorry if this is a duplicate mail, I received an
error message
when I was sending the original).
As far as I could understand, for that I need Dazuko installed and Cl
version devel-20040130
Regards,
Fajar A. Nugraha
---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclips
ClamAV's just detected Worm.Mimail.R here.
McAfee calls it Mimail.s - http://vil.nai.com/vil/content/v_100989.htm
Cheers,
Phil
-
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK
---
Anyone experience this error on compilation?
checking size of short... configure: error: cannot determine a size for
short
I have sucessfully installed this package before. For some strange reason it
won't recompile without this error.
Any help would be appreciated..
Quoting spiralvoice <[EMAIL PROTECTED]>:
> Hi,
>
> I have some problems compiling the latest snapshot
> (http://www.clamav.net/snapshot/clamav-devel-20040128.tar.gz).
>
> Here is what happens, I used this compiler:
> Reading specs from /usr/lib/gcc-lib/i486-linux/2.7.2.1/specs
> gcc version 2.7
I just installed clamav and clamav-milter (CVS from 20040126 (0.66g), FreeBSD
4.8 port clamav-devel), and am very happy with it. It's very fast, and is
doing a wonderful job of blocking various viruses to my users--nearly 7000
MyDooms since last night at 7pm. I'm very impressed.
However, I'm wonde
-Original Message-
> Please don't top post.
> Please check /usr/include/libmilter exists.
> -Nigel
Sorry about the top posting...
Anyway, as I said before, libmilter is definitely installed.
/usr/include/libmilter does exist! Also, the appropriate sections of the
.configure, find th
Shot myself in the foot with this one. Here's the story:
I made the change to qmail-scanner.pl by copying the file to
qmail-scanner.tmp, editing the .tmp then moving the .tmp back to
qmail-scanner.pl. But when you do this as root, the .tmp file is owned by
root, but qmail-scanner.pl *must* be owne
Micha Silver wrote:
Last night I made a small change to qmail-scanner.pl- I added 'worm.sco.a'
to the array $silent_viruses_array. (To prevent sending Virus Found messages
to innocent "sender" addresses)
It now looks like:
my
@silent_viruses_array=('klez','bugbear','worm.sco.a','hybris','yaha','br
48 matches
Mail list logo
