Re: [Clamav-users] Database initialize error

On Mon, 16 Feb 2004 at 18:36:31 +0100, Tomasz Papszun wrote: > On Mon, 16 Feb 2004 at 9:46:48 -0700, Chadwick Wachs wrote: > > There is an empty directory "/var/clamav_db". Where should the > > database be and how do I get it in there? > > Database files should be in the directory configured wi

Re: [Clamav-users] Problem scanning ZIP archives with clamdscan and not clamscan

On Mon, 16 Feb 2004 at 11:30:47 -0700, Lucas Albers wrote: > I've encounted this problem: > clamscan will scan zip files and detect a virus. > clamdscan will not. [...] > I'm using clamav 0.65-3 for debian. > > This was all run from the command line on a zipped virus file. Are these set in clama

[Clamav-users] Re: Implementation Questions

On Tue, 17 Feb 2004 12:38:37 +0700, Fajar A. Nugraha <[EMAIL PROTECTED]> wrote: > Very true! It can reject virus right at SMTP time, AND with less CPU > But I guess this rejecting does not work that well, when virus mail is not received directly from virus - for example in the server I run c

[Clamav-users] freshclam in deamon mode

Ok, after a couple days off, my brain is kinda eroded. How do people run freshclam in daemon mode, as opposed to via crontab? I hope I am not dreaming ;) cheers - wash +--+-+ Odhiambo Washington

Re: [Clamav-users] clamdmail how with sendmail?

Grzegorz Staleńczyk wrote: Hej there! Does someone know how to force to work clamdmail? Any particular reason why you choose clamdmail? clamav-milter is easier to integrate with sendmail (I tried this). Some people prefer mail-scanner (haven't tried this). Regards, Fajar A. Nugraha

[Clamav-users] new clamd in CVS

The new clamd code is now in CVS. This should resolve the problems people have been having with clamd dying. As always, if you encounter any problems, please report with a copy of the file causing a problem, and any debugging information (backtrace from gdb preferably). Thanks -trog signature

Re: [Clamav-users] freshclam in deamon mode

Odhiambo Washington wrote: How do people run freshclam in daemon mode, I'm not sure what you mean here. Tried freshclam -d yet? as opposed to via crontab? Well, when people put entry in crontab 0 * * * * /usr/local/bin/freshclam all updates will happen at hour-change (bad for database mirrors

Re: [Clamav-users] freshclam in deamon mode

* Fajar A. Nugraha <[EMAIL PROTECTED]> [20040217 12:52]: wrote: > Odhiambo Washington wrote: > > >How do people run freshclam in daemon mode, > > > I'm not sure what you mean here. > Tried freshclam -d yet? From cron??? > > >as opposed to via cronta

[Clamav-users] clamav-devel-20040217 working in windows here

Hi devel comunity: Only to say to win testers that clamav-devel-20040217 solved all problems I had with CYGWIN version of clamav in all the computers I have tested (5 so far). In case anyone knows: how was the problem of "handle_exceptions" solved ? Good job ! Best regards, I

Re: [Clamav-users] Re: Implementation Questions

Virgo Pärna wrote: On Tue, 17 Feb 2004 12:38:37 +0700, Fajar A. Nugraha <[EMAIL PROTECTED]> wrote: Very true! It can reject virus right at SMTP time, AND with less CPU But I guess this rejecting does not work that well, when virus mail is not received directly from virus - for exampl

Re: [Clamav-users] freshclam in deamon mode

Odhiambo Washington wrote: How do people run freshclam in daemon mode, Tried freshclam -d yet? From cron??? No, from command line. Just execute `/usr/local/bin/freshclam -d` as root or as clamav user. You can monitor its activities from freshclam.log (look for UpdateLogFile on /

Re: [Clamav-users] freshclam in deamon mode

Here's a feature idea: An option to freshclam in daemon mode that gives it a file to watch. When the file changes, we download updates (perhaps after a random delay). That way I can subscribe to the database mailing list, set up procmail to put mails from the list in a special folder, then use t

Re: [Clamav-users] clamdmail how with sendmail?

Hej! FAN> Any particular reason why you choose clamdmail? clamav-milter is easier FAN> to integrate with sendmail (I tried this). Because, my sendmail is from Solaris package and I can't recompile it with milter :-(( FAN> Some people prefer mail-scanner (haven't tried this). I so do sendmail wit

Re: [Clamav-users] freshclam in deamon mode

* Fajar A. Nugraha <[EMAIL PROTECTED]> [20040217 13:49]: wrote: > Odhiambo Washington wrote: > > >>>How do people run freshclam in daemon mode, > >>> > >>> > >>Tried freshclam -d yet? > >> > >> > > &

Re: [Clamav-users] Freshclam checks.

El Lunes, 16 de Febrero de 2004 14:52, Tom Gwilt escribió: > Check for a freshclam.conf file and check the settings there. Usually > found in an /etc or /usr/local/etc directory. Yes here is the explanation: # How often check for a new database. We suggest checking for it every # two hours. Checks

Re: [Clamav-users] freshclam in deamon mode

Erik Corry wrote: Here's a feature idea: An option to freshclam in daemon mode that gives it a file to watch. When the file changes, we download updates (perhaps after a random delay). That way I can subscribe to the database mailing list, set up procmail to put mails from the list in a special

Re: [Clamav-users] freshclam in deamon mode

Odhiambo Washington wrote: So what do you recommend for crontab? Earlier post from Luke Scharf suggests you put in crontab SHELL=/bin/bash 0 * * * * sleep $[ $RANDOM % 3600 ] ; /usr/bin/freshclam --quiet I would prefer daemon mode, but a simple 19 * * * * /usr/bin/freshclam --qu

Re: [Clamav-users] freshclam in deamon mode

On Tue, 17 Feb 2004, Erik Corry wrote: > Here's a feature idea: An option to freshclam in daemon mode that gives > it a file to watch. When the file changes, we download updates (perhaps > after a random delay). That way I can subscribe to the database mailing > list, set up procmail to put mai

Re: [Clamav-users] Clamav false positive?

On Tuesday 17 February 2004 4:18 am, Sam Miller wrote: > Firstly, I'd like to say thank you for such a useful utility. > > My question concerns scanning a Windows partition from a Linux partition > on the same drive. Running Clamav 0.65-3 on Debian based Libranet, scanned > a WinME partition and c

RE: [Clamav-users] Clamav false positive?

I ran across the same issue this morning. Fresh install of Clam from last night. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Antony Stone Sent: Tuesday, February 17, 2004 7:59 AM To: [EMAIL PROTECTED] Subject: Re: [Clamav-users] Clamav false positive?

Re: [Clamav-users] new clamd in CVS

Trog wrote: > The new clamd code is now in CVS. This should resolve the problems > people have been having with clamd dying. Is this the code to resolve the "Session timeout" errors that seem to be at the bottom of the milter problems? Mike.

Re: [Clamav-users] new clamd in CVS

On Tue, 2004-02-17 at 13:27, Mike Brodbelt wrote: > Trog wrote: > > The new clamd code is now in CVS. This should resolve the problems > > people have been having with clamd dying. > > Is this the code to resolve the "Session timeout" errors that seem to be > at the bottom of the milter problems?

Re: [Clamav-users] Upgrading to ClamAV 0.67 from 0.65

Ahh! Thank you ./configure --disable-clamav --enable-bigstack --with-group=mail \ --disable-clamuko --with-user=exim You can see what they do by doing ./configure --help | more cheers - wash Regards, Craig D. -- -- Craig Daters ([EMAIL PROTECTED]) Systems Administrator

Re: [Clamav-users] freshclam update rate

On Tue, 2004-02-17 at 01:22, Lionel Bouton wrote: > Yes > > But in the crontab case be aware that the mean time between updates in : > > 0 * * * * sleep $[ $RANDOM % 3600 ] ; /usr/bin/freshclam --quiet > > is 3600s, but between 2 updates the delay can be anywhere between 1 and 7199s. > Computin

Re: [Clamav-users] new clamd in CVS

Hey, the PGP sig isn't verifying. Might want to upload the key to a keyserver. -- Joseph A. Nagy, Jr. http://joseph-a-nagy-jr.homelinux.org Student at Motlow State Community College http://www.mscc.edu Political Activist Extraordinaire The only fallacy is the inaction on our part to stave off the

Re: [Clamav-users] Clamav false positive?

On Tuesday 17 February 2004 1:11 pm, isp-lists [at] beachcomp.com wrote: > I ran across the same issue this morning. > Fresh install of Clam from last night. Can anyone suggest why a genuine network driver for Windows ME should contain the text string "Fun" "Loving" "Criminals" (without the quot

[Clamav-users] Re: [Clamav-announce] announcing ClamAV 0.67

Hi, > I went to the download site and there > are two versions of 0.67 :- > clamav-0.67-1.tar.gz > and > clamav-0.67.tar.gz [snip] > A quick note to the list explaining this might ward of any fears by > upgraders. 0.67-1 contains only a few estetic fixes. Tho

[Clamav-users] Re: TNEF?

Just curious... I have all these Outlook users who claim they need "TNEF" files to not be blocked anymore, does clamav directly un-encode them for scanning, or do I need to get a perl module or external executable? Ask your Outlook users what they think the TNEF attachments do, because AFAIK, th

[Clamav-users] Re: clamav-devel 20040213 for windows

>From: Fajar A. Nugraha <[EMAIL PROTECTED]> > It seems Nigel already fixed that > Which means starting from devel-20040215 the daily build should work > fine too. But clamav-devel-latest.cygwin.zip from 02/16/04 - didn't work fine :( Will download more current version now... > >The fixed version

[Clamav-users] RE: clamav-devel 20040213 for windows

> >From: Fajar A. Nugraha <[EMAIL PROTECTED]> > > > It seems Nigel already fixed that > > Which means starting from devel-20040215 the daily build > should work > > fine too. > > But clamav-devel-latest.cygwin.zip from 02/16/04 - didn't work fine :( > Will download more current version now... The

[Clamav-users] RE: clamav-devel 20040213 for windows

> The same problem with the > clamscan.exe 383090 17.02.04 06:18 > from http://clamav.or.id/snapshot/clamav-devel-latest.cygwin.zip > it not detects MyDoom (Worm.SCO.A), Sircam and some others viruses. > On the WinXP PC with Cygwin installed. > > Looks strange. I will test it on other PC (Win20

Re: [Clamav-users] clamav-devel-20040217 working in windows here

On Tue, 17 Feb 2004 11:03:59 +0100 "Ignasi Prat" <[EMAIL PROTECTED]> wrote: > Hi devel comunity: > > Only to say to win testers that clamav-devel-20040217 solved all > problems I had with CYGWIN version of clamav in all the computers I > have tested (5 so far). >

THIS IS A VIRUS ??? --- Re: [Clamav-users] Clamav false positive?

For some reason beyond my understanding, ClamAV thinks this email contained the "FunLove" virus X-Virus: W32.FunLove.4099 FOUND Maybe simply the words "Fun Lov" in the text ? > Firstly, I'd like to say thank you for such a useful utility. > > My question concerns scanning a Windows partit

[Clamav-users] unable to compile clamav-0.66 with milter support

I configured my clamav-0.66 with these options: ./configure \ --prefix=/usr \ --sysconfdir=/etc \ --datadir=/var/clamav \ --enable-milter When I ran make, it got this reuslt: Making all in clamav-milter make[2]: Entering directory `/usr/src/clamav-0.66/clamav-milte

[Clamav-users] What exactly is the Worm.YoursID ?

What is the Worm.YoursID virus/worm? This is one virus/worm that has become active since last night. Any clue what it may be? Google searches, archived list searches and searches anywhere I can think of failed to find any record of the name. Is it just hitting this one instead of maybe Klez or

Re: *** VIRUS DETECTED *** THIS IS A VIRUS ??? --- Re: [Clamav-users] Clamav false positive?

On Tue, Feb 17, 2004 at 11:44:39AM -0500, David A. Lee wrote: > For some reason beyond my understanding, ClamAV thinks this email contained the > "FunLove" virus > > X-Virus: W32.FunLove.4099 FOUND > > Maybe simply the words "Fun Lov" in the text ? actually, it appears that the full text of

[Clamav-users] Re: clamdmail how with sendmail?

Grzegorz Staleñczyk <[EMAIL PROTECTED]> wrote: > Because, my sendmail is from Solaris package and I can't recompile it > with milter :-(( Definately look into using MailScanner. -- + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Chris Barnes AO

Re: [Clamav-users] Problem scanning ZIP archives with clamdscan and not clamscan

Tomasz Papszun said: > Are these set in clamav.conf? > > ScanArchive > StreamSaveToDisk No. Strange, when using debconf to configure and explicitly telling it to enable ScanArchive it still leaves these commented out. Fixed. -- Luke Computer Science System Administrator Security Administrator,Col

Re: [Clamav-users] What exactly is the Worm.YoursID ?

On Tuesday 17 February 2004 5:06 pm, Support ePaxsys/FRWS wrote: > What is the Worm.YoursID virus/worm? > > This is one virus/worm that has become active since last night. Any clue > what it may be? Google searches, archived list searches and searches > anywhere I can think of failed to find any r

Re: [Clamav-users] Clamav false positive?

On Tuesday 17 February 2004 5:12 pm, Jim Mercer wrote: > On Tue, Feb 17, 2004 at 11:44:39AM -0500, David A. Lee wrote: > > For some reason beyond my understanding, ClamAV thinks this email > > contained the "FunLove" virus > > > > X-Virus: W32.FunLove.4099 FOUND > > > > Maybe simply the words

[Clamav-users] RE: clamav-devel 20040213 for windows

> > The same problem with the > > clamscan.exe 383090 17.02.04 06:18 > > from http://clamav.or.id/snapshot/clamav-devel-latest.cygwin.zip > > it not detects MyDoom (Worm.SCO.A), Sircam and some others viruses. > > On the WinXP PC with Cygwin installed. I found, this problem in the clamscan.exe

[Clamav-users] Re: What exactly is the Worm.YoursID ?

On Tue, 17 Feb 2004 10:06:10 -0700, Support ePaxsys/FRWS wrote: > What is the Worm.YoursID virus/worm? > F-prot and Kaspersky AV recognize it as Bagle.B. http://www.viruslist.com/eng/alert.html?id=983343 -- Virgo Pärna [EMAIL PROTECTED] ---

Re: [Clamav-users] What exactly is the Worm.YoursID ?

On a related note, is there an easy way to map the virus names used by clamav with those used by macafee, symantec, et al? I may be missing something obvious, but when I look at symantec's (for example) web site I would like to know if clam is catching the same viruses. On Tue, Feb 17, 2004 at 10

Re: [Clamav-users] What exactly is the Worm.YoursID ?

Here is a description: http://www.sophos.com/virusinfo/analyses/w32tanxa.html Kudos to the ClamAV people for adding the signature so quickly! Regards, Vlad On Tue, 17 Feb 2004, Support ePaxsys/FRWS wrote: > What is the Worm.YoursID virus/worm? > > This is one virus/worm that has become active

Re: [Clamav-users] Clamav 0.66 -- Bugs

Tomasz Kojm schrieb: On Sat, 14 Feb 2004 21:39:34 +0100 "C.Dornig" <[EMAIL PROTECTED]> wrote: The Orig line: VirusEvent echo "Virus Alert %f: %v " | smbclient -M admin01 Try to call smbclient with an absolute path. Best regards, Tomasz Kojm I have so called in Conf. but nothing has doing. Als

[Clamav-users] Re: What exactly is the Worm.YoursID ?

On Tue, 17 Feb 2004 17:23:27 +, Antony Stone wrote: > > Inoculan, Kaspersky and McAfee don't seem to have a signature for it yet (as > of 15:50 UTC today - last time my system updated its signatures). > Strange, before 16:00 EET whitch should be 14:00 UTC Kaspersky online scan recogn

Re: [Clamav-users] What exactly is the Worm.YoursID ?

Thank ya kindly all. Had me baffled for a time. JPP At 12:51 PM 2/17/04 -0500, you wrote: Here is a description: http://www.sophos.com/virusinfo/analyses/w32tanxa.html Kudos to the ClamAV people for adding the signature so quickly! Regards, Vlad On Tue, 17 Feb 2004, Support ePaxsys/FRWS wrote:

Re: [Clamav-users] What exactly is the Worm.YoursID ?

On Tue, 17 Feb 2004, Support ePaxsys/FRWS wrote: > What is the Worm.YoursID virus/worm? > I'm not sure, but I think it may be the same as what some of my other scanners identify as W32.Bagle.B.worm Maybe someone here can confirm or reject that??? If so, then you may be able to find some info a

RE: [Clamav-users] Re: clamdmail how with sendmail?

I agree. Look into using MailScanner. It will integrate with the Solaris sendmail. -Original Message- From: Chris Barnes [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 17, 2004 9:05 AM To: [EMAIL PROTECTED] Subject: [Clamav-users] Re: clamdmail how with sendmail? Grzegorz Staleñczy

Re: [Clamav-users] What exactly is the Worm.YoursID ?

On Tue, 2004-02-17 at 12:51, Vlad Jebelev wrote: > Here is a description: > > http://www.sophos.com/virusinfo/analyses/w32tanxa.html > > Kudos to the ClamAV people for adding the signature so quickly! Definitely! Good job -- according to my logs, 15 copies of it have been stopped already. -Luk

[Clamav-users] Re: Implementation Questions

On Tue, 17 Feb 2004 17:10:33 +0700, Fajar A. Nugraha <[EMAIL PROTECTED]> wrote: > Even then it is better than accept-and-reject method. This way your > server does not > have to create and deliver rejection emails ; the relaying ISP will. > Well, yes, but it does not solve the problem of rej

Re: [Clamav-users] Re: clamdmail how with sendmail?

On Tue, 17 Feb 2004, Chris Barnes wrote: > Grzegorz Stalenczyk <[EMAIL PROTECTED]> wrote: > > Because, my sendmail is from Solaris package and I can't recompile it > > with milter :-(( > > Definately look into using MailScanner. > > Another very good option (which I use myself) is Amavis (http:/

Re: [Clamav-users] What exactly is the Worm.YoursID ?

At 10:06 2004-02-17 -0700, Support ePaxsys/FRWS wrote: What is the Worm.YoursID virus/worm? This is one virus/worm that has become active since last night. Any clue what it may be? Google searches, archived list searches and searches anywhere I can think of failed to find any record of the name.

[Clamav-users] Re: *** VIRUS DETECTED *** THIS IS A VIRUS ??? --- Re: [Clamav-users] Clamav false positive?

On Tue, 17 Feb 2004, Jim Mercer wrote: > On Tue, Feb 17, 2004 at 11:44:39AM -0500, David A. Lee wrote: > > For some reason beyond my understanding, ClamAV thinks this email contained the > > "FunLove" virus > > > > X-Virus: W32.FunLove.4099 FOUND > > > > Maybe simply the words "Fun Lov" in

[Clamav-users] Re: THIS IS A VIRUS ??? --- Aplogies

I would like to apologize to the list and everyone who has had a problem with my posting, evidently due to my unfortunate choice of words. I didn't realize a Windows text string in Linux could trigger such a reaction. If this should happen again to me, how can I post without making this happen? Pu

[Clamav-users] RE: clamav-devel 20040213 for windows

> I found, this problem in the clamscan.exe itself. It not read clamav.conf and not autodetects many mailbox formats. But works fine when options set in command line. > Is it modified source code or do you compile it in a special way? Below are changes made in 'configure' script to allow using cl

RE: [Clamav-users] What exactly is the Worm.YoursID ?

It is also known as W32/[EMAIL PROTECTED] (McAfee) Alua (symantec) http://vil.nai.com/vil/content/v_101030.htm Phil - Phil Randal Network Engineer Herefordshire Council Hereford, UK > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EM

[Clamav-users] Doomjuice.B Signature

I have two files here which Clam identified as Worm.Doomjuice.B but which appear to be completely different virii (certainly their file sizes are completely different). McAfee identifies them as W32/Pate.b and W32/Valla.a (Interestingly, F-Prot agrees with Clam) I tried to submit these samples u

Re: [Clamav-users] Re: clamdmail how with sendmail?

Grzegorz Staleñczyk <[EMAIL PROTECTED]> wrote: > Because, my sendmail is from Solaris package and I can't recompile it > with milter :-(( Clamav-milter compiles fine under Solaris, but you must follow the instructions in the INSTALL file. -Nigel -- Nigel Horne. Arranger, Composer, Typesetter. N

Re: [Clamav-users] unable to compile clamav-0.66 with milter support

On Tuesday 17 Feb 2004 4:43 pm, M.W. Chang wrote: > I configured my clamav-0.66 with these options: > Making all in clamav-milter > make[2]: Entering directory `/usr/src/clamav-0.66/clamav-milter' > make[2]: Nothing to be done for `all'. > make[2]: Leaving directory `/usr/src/clamav-0.66/clamav-mi

Re: [Clamav-users] Re: THIS IS A VIRUS ??? --- Aplogies

On Tuesday 17 February 2004 6:20 pm, Sam Miller wrote: > I would like to apologize to the list and everyone who has had a problem > with my posting, evidently due to my unfortunate choice of words. I > didn't realize a Windows text string in Linux could trigger such a > reaction. Not a problem.

Re: [Clamav-users] clamav-devel-20040217 working in windows here

On Tuesday, February 17, 2004 5:03 AM [EST], Ignasi Prat <[EMAIL PROTECTED]> wrote: > Hi devel comunity: > > Only to say to win testers that clamav-devel-20040217 solved all problems I > had with CYGWIN version of clamav in all the computers I have tested (5 so > far). >

[Clamav-users] WinME md5ums

Had to change to my laptop. There were six instances of the virus (?)in total, 3 of 8255xdel.exe and 3 of prounstl.exe. 1) 8b87a96989efac84991f394184531f4b 8255xdel.exe 2) 8b87a96989efac84991f394184531f4b 8255xdel.exe 3) cf95646ca1ea49379349d5024ea3824f prounstl.exe 4) 8b87a

[Fwd: RE: [Clamav-users] Clamav false positive?]

I received this earlier. Does this shed any more light? Sam --- Begin Message --- Sam: Sorry I didn't post this reply back to the list, but for some reason sourceforge's spam filter says it cannot verify our mail server and attempts to post using our local MTA fail. Anyway, FWIW, clam did not I

Re: [Clamav-users] RE: clamav-devel 20040213 for windows

On Tuesday, February 17, 2004 11:36 AM [EST], Andrey Cherezov <[EMAIL PROTECTED]> wrote: > On the Win2003 Server this clamscan.exe build also NOT detects MyDoom. > And clamDscan.exe not usable because inserts /cygdrive/... in the path, > and clamD.exe unable to use such path: > > clamdscan.exe C:\

[Clamav-users] cvd digital signatures in clamav under windows - OK !

I'm recompiled clamav under cygwin with GNU MP enabled (static) to support digital signatures. clamd: LibClamAV debug: ./share/clamav/daily.cvd: CVD file detected LibClamAV debug: in cli_cvdload() LibClamAV debug: MD5(.tar.gz) = fdb603f18c089ba34fef74c8a87bec85 LibClamAV debug: Decoded signature:

Re: [Clamav-users] RE: clamav-devel 20040213 for windows

On Tuesday, February 17, 2004 12:36 PM [EST], Andrey Cherezov <[EMAIL PROTECTED]> wrote: > > I found, this problem in the clamscan.exe itself. > But clamDscan.exe (via clamd.exe) detects all viruses successfully now. > > The only required additional fix - change the file clamdscan/client.c: > line

Re: [Clamav-users] Re: THIS IS A VIRUS ??? --- Aplogies

On Tue, Feb 17, 2004 at 06:48:56PM +, Antony Stone wrote: > No - the quotes would simply be before and after the detected string, making > no difference to the string being detected or not. You need to make some > change *within* the string - such as Jim Mercer's excellent example of using

Re: [Clamav-users] Re: clamdmail how with sendmail?

On Tue, 17 Feb 2004 19:01:44 +0100 (CET) Jesper Juhl <[EMAIL PROTECTED]> wrote: > > > On Tue, 17 Feb 2004, Chris Barnes wrote: > > > Grzegorz Stalenczyk <[EMAIL PROTECTED]> wrote: > > > Because, my sendmail is from Solaris package and I can't recompile it > > > with milter :-(( > > > > Definate

RE: [Clamav-users] Re: clamdmail how with sendmail?

Actually, his problem is probably that the Solaris Sendmail is not Milter enabled. > -Original Message- > From: Nigel Horne [mailto:[EMAIL PROTECTED] > Sent: Tuesday, February 17, 2004 10:40 AM > To: [EMAIL PROTECTED] > Subject: Re: [Clamav-users] Re: clamdmail how with sendmail? > > >

[Clamav-users] ClamAV 3.4 & OpenBSD 0.66

Are there any success stories involving OpenBSD 3.4 and ClamAV 0.66? Is there someone who wants to share a package? --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD soft

[Clamav-users] clamav_rmdirs problem

I am hooking clamscan into a procmail filter like this: :0 CLAMAV=|/usr/bin/clamscan --disable-summary --stdout --mbox - :0 * CLAMAV ?? .*: \/.* FOUND { :0 fhw | /usr/bin/formail -a"X-ClamAV: ${MATCH}" } But clamscan seems to hang and never return. From strace it seem to be stuck in a loop:

Re: [Clamav-users] Re: clamdmail how with sendmail?

On Tuesday 17 Feb 2004 7:58 pm, Michael St. Laurent wrote: > Actually, his problem is probably that the Solaris Sendmail is not Milter > enabled. If you look through the INSTALL file as I mentioned, you'll see that I cover exactly that point for Solaris (line 56 of the most recent INSTALL file).

Re: [Clamav-users] WinME md5sums

On Tuesday 17 February 2004 7:02 pm, Sam Miller wrote: > Had to change to my laptop. There were six instances of the virus(?) in > total, 3 of 8255xdel.exe and 3 of prounstl.exe. > > 1)8b87a96989efac84991f394184531f4b 8255xdel.exe > 2)8b87a96989efac84991f394184531f4b 8255xdel.exe > 3)

RE: [Clamav-users] Re: clamdmail how with sendmail?

Oh, excellent! I've not looked at it as our Sun system has not been our email server for several years. > -Original Message- > From: Nigel Horne [mailto:[EMAIL PROTECTED] > Sent: Tuesday, February 17, 2004 12:36 PM > To: [EMAIL PROTECTED] > Subject: Re: [Clamav-users] Re: clamdmail how w

Re: [Clamav-users] clamav_rmdirs problem

On Tue, 17 Feb 2004, Brian J. France wrote: > I am hooking clamscan into a procmail filter like this: > > :0 > CLAMAV=|/usr/bin/clamscan --disable-summary --stdout --mbox - This looks like a variation of my script -- but you've made changes that will keep it from working, such as remving the back

[Clamav-users] Clamuko?

Sorry to bother, but I've read: "Dazuko support is temporarily not available (if you really need it please use a CVS version or wait for a next stable release)." So I've just downloaded the CVS version and installed it. clamd.log says: ERROR: Clamuko is not available Do I have to configure somet

Re: [Clamav-users] clamav_rmdirs problem

Strange, I can't get yours to work: procmail: Executing "/usr/bin/clamscan,--mbox,--disable-summary,--stdout,-" procmail: [19069] Tue Feb 17 13:33:13 2004 procmail: Skipped "OK" procmail: Assigning "LASTFOLDER=CLAMAV=/tmp/3a8832cab5f07762/textportionEu4EUx:" procmail: Opening "CLAMAV=/tmp/3a88

[Clamav-users] How to handle quarantined SPAM

Hi all, Does someone know a software, that allows users to browse and handle quarantined Mails? Preferably a Web-interface... rgds Luc --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linu

Re: [Clamav-users] Re: clamav-0.66 for Zaurus 5600 - ERROR: Verification:Broken or not a CVD file

[EMAIL PROTECTED]:/mnt/card/clamuser> freshclam ClamAV update process started at Tue Feb 17 05:33:27 2004 Reading CVD header (main.cvd): OK main.cvd is up to date (version: 19, sigs: 19987, f-level: 1, builder: ddm) Reading CVD header (daily.cvd): OK Downloading daily.cvd [*] daily.cvd updated (ver

Re: [Clamav-users] RE: clamav-devel 20040213 for windows

On Tue, 17 Feb 2004 20:22:05 +0200 "Andrey Cherezov" <[EMAIL PROTECTED]> wrote: > > I found, this problem in the clamscan.exe itself. > It not read clamav.conf and not autodetects many mailbox > formats. But works fine when options set in command line. clamscan doesn't depend on clamav.conf > >

Re: [Clamav-users] Clamav 0.66 -- Bugs

On Tue, 17 Feb 2004 18:52:47 +0100 "C.Dornig" <[EMAIL PROTECTED]> wrote: > When is command this VirusEvent Try with something less complicated: VirusEvent date > /tmp/ve.test Best regards, Tomasz Kojm -- oo. [EMAIL PROTECTED] www.ClamAV.net (\/)\.

Re: [Clamav-users] Re: *** VIRUS DETECTED *** THIS IS A VIRUS ??? --- Re: [Clamav-users] Clamav false positive?

On Tue, 17 Feb 2004 19:03:23 +0100 (CET) Jesper Juhl <[EMAIL PROTECTED]> wrote: > On Tue, 17 Feb 2004, Jim Mercer wrote: > > > On Tue, Feb 17, 2004 at 11:44:39AM -0500, David A. Lee wrote: > > > For some reason beyond my understanding, ClamAV thinks this email > > > contained the"FunLove" virus >

Re: [Clamav-users] Doomjuice.B Signature

On Tue, 17 Feb 2004 18:38:50 + (GMT) Andy Fiddaman <[EMAIL PROTECTED]> wrote: > > I have two files here which Clam identified as Worm.Doomjuice.B but > which appear to be completely different virii (certainly their file > sizes are completely different). > > McAfee identifies them as W32/Pat

Re: [Clamav-users] unable to compile clamav-0.66 with milter support

using caldera openlinux 3.1 gcc-3.2.1 linux kernel-2.4.22 Nigel Horne wrote: On Tuesday 17 Feb 2004 4:43 pm, M.W. Chang wrote: I configured my clamav-0.66 with these options: Making all in clamav-milter make[2]: Entering directory `/usr/src/clamav-0.66/clamav-milter' make[2]: Nothing to be done fo

Re: [Clamav-users] ClamAV 3.4 & OpenBSD 0.66

ask Loyett Jerome, he seems pretty on top of this build. On Feb 17, 2004, at 3:23 PM, Björn Ketelaars wrote: Are there any success stories involving OpenBSD 3.4 and ClamAV 0.66? Is there someone who wants to share a package? --- SF.Net is spon

Re: [Clamav-users] RE: clamav-devel 20040213 for windows

Tomasz Kojm wrote: Below are changes made in 'configure' script to allow You should modify configure.in and rebuild it with autoconf. Any chance this code will be integrated in CVS? Regards, Fajar A. Nugraha --- SF.Net is sponsored by

Re: [Clamav-users] unable to compile clamav-0.66 with milter support

automake 1.4 autoconf 2.13 gcc 3.2.1 kernel 2.4.22 Nigel Horne wrote: On Tuesday 17 Feb 2004 4:43 pm, M.W. Chang wrote: I configured my clamav-0.66 with these options: Making all in clamav-milter make[2]: Entering directory `/usr/src/clamav-0.66/clamav-milter' make[2]: Nothing to be done for `all

[Clamav-users] Solaris 9 & clamav

Hi, I was install clamav on solaris 9, and my installation based on http://www.clamav.or.id. But I got truble after running /usr/local/bin/freshclam command : ld.so.1: /usr/local/bin/freshclam: fatal: /usr/local/lib/libgmp.so.3: wrong ELF class: ELFCLASS64 Killed I was install libgcc (SMClibgcc)

Re: [Clamav-users] Solaris 9 & clamav

On Wed, 18 Feb 2004, Muhamad Soleh Fajari wrote: > Hi, > I was install clamav on solaris 9, and my installation based on > http://www.clamav.or.id. But I got truble after running > /usr/local/bin/freshclam command : > > ld.so.1: /usr/local/bin/freshclam: fatal: /usr/local/lib/libgmp.so.3: wrong >

Re: [Clamav-users] unable to compile clamav-0.66 with milter support

argh.. sorry. I didn't install libmilter for sendmail. sorry about that. Nigel Horne wrote: On Tuesday 17 Feb 2004 4:43 pm, M.W. Chang wrote: I configured my clamav-0.66 with these options: Making all in clamav-milter make[2]: Entering directory `/usr/src/clamav-0.66/clamav-milter' make[2]: Nothin

[Clamav-users] clamav/windows: 15 viruses per second :)

clamd+clamDscan under Windows 2003 PIII/1GHz --- SCAN SUMMARY --- Infected files: 7611 Time: 478.706 sec (7 m 58 s) --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux wit

Re: [Clamav-users] ClamAV 3.4 & OpenBSD 0.66

Flinn Mueller wrote: ask Loyett Jerome, he seems pretty on top of this build. On Feb 17, 2004, at 3:23 PM, Björn Ketelaars wrote: Are there any success stories involving OpenBSD 3.4 and ClamAV 0.66? Is there someone who wants to share a package? Just want to comment on the subject. ClamAV *3.4*

Re: [Clamav-users] Solaris 9 & clamav

Muhamad Soleh Fajari wrote: I was install clamav on solaris 9, ld.so.1: /usr/local/bin/freshclam: fatal: /usr/local/lib/libgmp.so.3: wrong ELF class: ELFCLASS64 Killed Yeah. I seem to remember something like that. Which gmp did you use? My build or your own build? ELFCLASS64 usually means you

Re: [Clamav-users] How to handle quarantined SPAM

* Luc de Louw <[EMAIL PROTECTED]> [20040218 03:34]: wrote: > Hi all, > > Does someone know a software, that allows users to browse and handle > quarantined Mails? > > Preferably a Web-interface... Could you please tell us how you quarantine them? The methodology? If that's too much to ask, I su

Re: [Clamav-users] freshclam in deamon mode

* Fajar A. Nugraha <[EMAIL PROTECTED]> [20040217 15:31]: wrote: > Odhiambo Washington wrote: > > >So what do you recommend for crontab? > > > > > Earlier post from Luke Scharf suggests you put in crontab > >SHELL=/bin/bash >0 *

Re: [Clamav-users] clamav-devel-20040215 : automake build error on Fedora Core 1

Tomasz Kojm wrote: automake-1.6 --gnu Makefile aclocal.m4:4200: version mismatch. This is Automake 1.6.3, but aclocal.m4 aclocal.m4:4200: was generated for Automake 1.6.1. You should recreate aclocal.m4:4200: aclocal.m4 with aclocal and run automake again. make: *** [Makefile.in] Error 1 F

Re: [Clamav-users] Solaris 9 & clamav

> Muhamad Soleh Fajari wrote: > >> I was install clamav on solaris 9, >> >> ld.so.1: /usr/local/bin/freshclam: fatal: >> /usr/local/lib/libgmp.so.3: wrong ELF class: ELFCLASS64 >> Killed >> > Yeah. I seem to remember something like that. > Which gmp did you use? My build or your own build? > first

[Clamav-users] clamd 0.67 keeps dying

Any hints? This is on Solaris 8 Generic_108528-15 sun4u sparc SUNW,Sun-Blade-100 running with sendmail 8.12.11 / Mimedefang 2.39 using a file owned by defang as a network socket. Thanks! --- SF.Net is sponsored by: Speed Start Your Linux

Re: [Clamav-users] How to handle quarantined SPAM

On Wed, 2004-02-18 at 00:19, Luc de Louw wrote: > Hi all, > > Does someone know a software, that allows users to browse and handle > quarantined Mails? > > Preferably a Web-interface... > You don't say what you are using to quarantine, but if using MailScanner then I think Mailwatch for MailSc

  1   2   >