Hi Brian, I am sorry to say that your compilation does not work in my box.
DailyCVS compilations at http://clamav.or.id/ work beautifully here. Your
previous compilation (67 I think) did not worked so I conclude that either
your compilation is different from http://clamav.or.id/ or the inclusion o
On Mon, 2004-03-22 at 05:59, Pubs wrote:
> Thu Mar 18 17:51:05 2004 -> Segmentation fault :-( Bye..
>
When this happens, you need to capture the file(s) it was scanning at
the time.
-trog
signature.asc
Description: This is a digitally signed message part
Hi,
I'm using clamav for 6 months on a SMTP gateaway and I'm really happy
with. Thanks to all the team especialy for her response time. Better
than commercial AV!
A little problem I have with clam it's the name of viruses. I know that
several viruses are detected before other av discover them and
Hi,
I run a mail server with RH9 (or RHEL3) with all updates,
sendmail+amavis+clamav, default settings. Now I'm trying to get rid off
the amavis and use the clamav-milter interface directly with sendmail
(through socket). The problem is that sendmail is not able to access the
clamav-milter inte
On Monday 22 Mar 2004 9:43 am, David Toman wrote:
> Is anybody running the clamav-milter interface and will be so kind to
> give me any hint how to solve this?
What version of clamav-milter? (clamav-milter --version will tell you this)
What version of clamav (clamscan -V will tell you this)
What
One thing I remember finding when I first installed p7 was that the
clamv entry was only included in the @av_scanners_backup list. In order
for it to be considered a primary, it has to be listed in the
@av_scanners list, and I've had it running like that for a long time
without trouble. But jus
Bonjour Cedric,
Indeed, CLAMAV is a very good product, I use it on a Mac OSX server and
I am quite happy about it too, but as far as the naming is concerned I
would prefer that AV editors spends much of their time on updating
virus definitions than finding a common name to every new viruses. Of
Tom Munro Glass wrote:
> I have installed ClamAv and amavisd-new to work with Postfix. They are mostly
> working except that when I start amavisd I get the following message in
> maillog:
>
> Found secondary av scanner Clam Antivirus - clamscan
> at /usr/local/bin/clamscan
>
> When a message
Nigel Horne wrote:
What version of clamav-milter? (clamav-milter --version will tell you this)
clamav-milter version 0.66n
What version of clamav (clamscan -V will tell you this)
clamav version 0.67
What operating system?
It's RedHat Linux 9, with all available updates applied
What co
Top posting to make it more readable - flames will be ignored. Please reply using top
post
to make it easier to follow the history.
Try updating to a later version, since it may give more helpful messages in
/var/log/messages.
What options do you give to clamav-milter when starting it (on linux
When ever the mail comes i see this log in 'main.log' and 'panic.log'
# tail -f main.log
2004-03-22 17:03:43 1B5Ngd-00014I-9a malware acl condition: clamd: ClamAV
returned /var/spool/exim/scan/1B5Ngd-00014I-9a: Can't access the file ERROR
2004-03-22 17:03:43 1B5Ngd-00014I-9a H=(mail.s7solutio
* Dilip M <[EMAIL PROTECTED]> [20040322 14:52]: wrote:
>
> When ever the mail comes i see this log in 'main.log' and 'panic.log'
>
> # tail -f main.log
> 2004-03-22 17:03:43 1B5Ngd-00014I-9a malware acl condition: clamd: ClamAV
> returned /var/sp
Hi all,
Are there any plans of making it possible to use ClamAV as a realtime
scanner of accessed (opened/read) files like the common antivirus
solutions for Windows like NAV and McAfee?
ClamAV could very well compete with the big guys on the Windows market if
it had support for realtime scanning
I have downloaded, compiled and installed the tarball of version 0.68,
the ClamAV is version 0.68, clamav-milter is version 0.67a
The clamav-milter is started with this option:
[EMAIL PROTECTED] log]# cat /etc/sysconfig/clamav-milter
CLAMAV_FLAGS="--max-children=2 local:/var/clamav/clamav.sock"
[
On Mon, Mar 22, 2004 at 05:16:57PM +0530, Dilip M said:
>
> When ever the mail comes i see this log in 'main.log' and 'panic.log'
>
> So thought that its would be a permission problem on
> "/var/spool/exim/scan/"
> # ls -ld /var/spool/exim/scan/
> drwxr-x---2 mailnull mailnull 1024 M
Just a heads up to all of you paranoid folks who don't allow TCP based
DNS queries from your mail servers: The record for database.clamav.net
is now too big to fit in a UDP response, so you will have to open up tcp
to your DNS servers in order to resolve it and find a mirror for
freshclam to work.
Hi,
I'm writing a summary about of the use of clamav on my network.
I use it on my SMTP gateway which controls 55 000 e-mails accounts. It's
the SMTP gateway of ac-rouen.fr (a part of french education.)
I'd like to know where clamav is used too on large networks.
I think it should be a good idea
On Mon, 2004-03-22 at 02:47, Wolfgang Cernohorsky wrote:
> Tom Munro Glass wrote:
>
> > I have installed ClamAv and amavisd-new to work with Postfix. They are mostly
> > working except that when I start amavisd I get the following message in
> > maillog:
> >
> > Found secondary av scanner Clam
Ryan Moore wrote:
The sock file was defined with one name in sendmail.mc and another in
the
configuration file for the milter itself. I made them the same and
sendmail is
happy.
so what's supposed to happen when it detects a virus? When I send
myself a
message with eicar.com attached, this he
Steven Stern wrote:
so what's supposed to happen when it detects a virus? When I send myself a
message with eicar.com attached, this header gets added, but nothing is done:
What does it mean "nothing is done" exactly?
Tha mail is delivered to recipient or is it rejected?
X-Virus-Scanned: clamd /
On Mon, 22 Mar 2004 15:42:01 +0100, Cedric Foll <[EMAIL PROTECTED]>
wrote:
>
>I'd like to know where clamav is used too on large networks.
>I think it should be a good idea to put a 'testify' page on the web site
>in order to list which are users of clamav.
>
>Regards.
http://clamav.sourceforge.ne
> You probably want the -b option to reject the DATA phase of the SMTP
> session if the milter detects a virus.
Using the -b option is not recommended.
-Nigel
---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial pr
--On Monday, March 22, 2004 03:42:01 PM +0100 Cedric Foll
<[EMAIL PROTECTED]> wrote:
I'd like to know where clamav is used too on large networks.
I think it should be a good idea to put a 'testify' page on the web site
in order to list which are users of clamav.
You might take a closer look at th
On second thought, maybe I should have a chance to look at incoming messages
rather than bouncing them with a 550. I've removed the -b from the
clamav-milter startup. I've replaced it with --quarantine=/var/spool/clamav.
Is this what's necessary to quarantine messages in /var/spool/clamav?
old:
C
On Mon, 22 Mar 2004 16:33:36 +0100, Kritof Petr <[EMAIL PROTECTED]>
wrote:
>
>Be sure your virus db is up to date by running freshclam.
>
>Petr
crontab -l
[snip]
17 */4 * * * /usr/bin/freshclam --quiet -l /var/log/clam-update.log
--
Steve
-
Hi,
When I run
# freshclam
I get this error
Can't change dir to /usr/local/share/clamav
This directory doesn't exist.
Working on a Debian, I had compiled this program.
After a while I did an other installation from a .deb packet
I think the only thing to do is to tell freshclam to look for some
Didi Rieder wrote:
--On Monday, March 22, 2004 03:42:01 PM +0100 Cedric Foll
<[EMAIL PROTECTED]> wrote:
I'd like to know where clamav is used too on large networks.
I think it should be a good idea to put a 'testify' page on the web site
in order to list which are users of clamav.
You might ta
You probably want the -b option to reject the DATA phase of the SMTP
session if the milter detects a virus.
No you dont need '-b option'.
I'm new to Clamav but from the manpage it looks like -N would be more
appropriate.
If I understand everything correctly then -b will bounce the message with
On Monday 22 March 2004 5:34 pm, Guillaume Jullien wrote:
> Hi,
>
> When I run
> # freshclam
>
> I get this error
>
> Can't change dir to /usr/local/share/clamav
>
> This directory doesn't exist.
Where are your signature files (virus.db or main.cvd)?
How about just creating the directory, owned
I have been getting various viruses through ClamAV (0.67), mainly:
[EMAIL PROTECTED]
[EMAIL PROTECTED]
I have checked my last update and is working fine...
--
ClamAV update process started at Mon Mar 22 10:51:55 2004
main.cvd is up to date (version: 21, sigs: 200
On Monday 22 March 2004 5:54 pm, Jorge Valdes wrote:
> I have been getting various viruses through ClamAV (0.67), mainly:
> [EMAIL PROTECTED]
That name is used by F-Prot and McAfee (maybe others) for what ClamAV detects
as Worm.SomeFool.Gen-1
> [EMAIL PROTECTED]
That name is used by F-Prot and
On Sunday 21 March 2004 20:08, Jim Maul wrote:
> because qmail does not "reject anything" at smtp time by default. Thefore
> it gets accepted, scanned, and then quarantined.
First posting about clamav-milter. This is sendmail specific part of Clam AV.
--
Regards,
Sergey
Has anyone seen the below article, is it really a problem and do users
of clamav need to move to .68 or better to be protected?
http://www.securitytracker.com/alerts/2004/Mar/1009502.html
Jim
---
This SF.Net email is sponsored by: IBM
On Monday 22 March 2004 03:16, Chris Meadors wrote:
> > The *only* way to pull this off, is to *reject* viruses. Yes, this
> > allows for a few false notifications (case 2) but those are fairly rare.
>
> ...and are not your problem. You just closed the SMTP session with an
> error. If the rela
On Mon, 2004-03-22 at 00:38, Trog wrote:
> On Mon, 2004-03-22 at 05:59, Pubs wrote:
>
> > Thu Mar 18 17:51:05 2004 -> Segmentation fault :-( Bye..
> When this happens, you need to capture the file(s) it was scanning at
> the time.
Pardon my ignorance, but could you provide a method of capturing t
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Guillaume
> Jullien
> Sent: Monday, March 22, 2004 12:35 PM
> To: [EMAIL PROTECTED]
> Subject: [Clamav-users] freshclam config
>
>
> Hi,
>
> When I run
> # freshclam
>
> I get this error
>
> Can't ch
Cannot resolve database.clamav.net using the attbi.com name servers.
Some help please ! Is this a problem with the comcast's DNS servers ? I
checked verizon.net and speakeasy and they are resolving fine.
Thanks,
Moshe
$ nslookup
Note: nslookup is deprecated and may be removed from future releas
On Monday 22 March 2004 7:19 pm, Mark Moshe Kushinsky wrote:
> Cannot resolve database.clamav.net using the attbi.com name servers.
>
> Some help please ! Is this a problem with the comcast's DNS servers ? I
> checked verizon.net and speakeasy and they are resolving fine.
Do they support TCP-base
mirrors.txt is missing.
Which package (debian) should I install ?
Guillaume
Antony Stone a écrit :
Where are your signature files (virus.db or main.cvd)?
How about just creating the directory, owned by the clamav user?
Antony.
---
Thi
Howdy list,
I just upgraded from ClamAV 0.60 to 0.70-rc on my 4.8-RELEASE
machine. It seems to be working OK, but it's not standing up
very well under stress tests.
I attempted to push a 59M email through clamd via clamdscan
(all body, not attachment) and clamd has started chewing up
RAM and CPU.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Mark Moshe
> Kushinsky
> Sent: Monday, March 22, 2004 2:19 PM
> To: [EMAIL PROTECTED]
> Subject: [Clamav-users] database.clamav.net unresolvable ?
>
>
> Cannot resolve database.clamav.net using the attbi.
softlimit set to low? It's a release candidate, not a recognized stable
code. Just a thought.
Jesse Guardiani [EMAIL PROTECTED] wrote:
> Howdy list,
>
> I just upgraded from ClamAV 0.60 to 0.70-rc on my 4.8-RELEASE
> machine. It seems to be working OK, but it's not standing up
> very well under s
On Mon, Mar 22, 2004 at 02:19:11PM -0500, Mark Moshe Kushinsky wrote:
> Cannot resolve database.clamav.net using the attbi.com name servers.
>
> Some help please ! Is this a problem with the comcast's DNS servers ? I
> checked verizon.net and speakeasy and they are resolving fine.
database.clamav
On Monday 22 March 2004 9:34 pm, Everton da Silva Marques wrote:
> On Mon, Mar 22, 2004 at 02:19:11PM -0500, Mark Moshe Kushinsky wrote:
> > Cannot resolve database.clamav.net using the attbi.com name servers.
> >
> > Some help please ! Is this a problem with the comcast's DNS servers ? I
> > chec
On Mon, 22 Mar 2004 15:54:18 -0500
Jesse Guardiani <[EMAIL PROTECTED]> wrote:
> Any ideas on how to avoid this in the future? I'm running with
> ScanArchive and ScanMail (because I want the binhex feature on).
The problem may be connected with already discussed and fixed
/dev/urandom issue. Pleas
On Sun, Mar 21, 2004 at 01:14:53PM -0600, John Jolet wrote:
> If anything, i'd say it leaked less...course, i jumped from .65 to .7.
It seems to be worse for me. Much worse. I had archive scanning off
before the jump to 67, and then to 70-rc from 65. Both of these appear
to have the problem. I
> > I attempted to push a 59M email through clamd via clamdscan
> > (all body, not attachment) and clamd has started chewing up
> > RAM and CPU.
Does the e-mail include encapsulated RFC822 messages? If so, there has
been a fix to that recently.
-Nigel
--
Nigel Horne. Arranger, Composer, Typeset
anyone have any info on JS.Spam.Scramble.A? I'm seeing a lot of it, and
am curious as to what it does.
Tim
---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenTo
>
> > Cannot resolve database.clamav.net using the attbi.com name servers.
> >
> > Some help please ! Is this a problem with the comcast's DNS servers ? I
> > checked verizon.net and speakeasy and they are resolving fine.
>
> Do they support TCP-based DNS queries?
>
> All DNS servers (a
Last Snapshot seems ok but in case of here is my solution :-))
#!/usr/local/bin/bash
# clamwatch is getting an eye on clamd for you !
i=0
count=0
while [ $i -ne 1 ]
do
count=`ps aux | grep amavis | grep clamd | wc -l`
while [ $count -ne 1 ]
do
date=`date`
50 matches
Mail list logo
