On Mon, 16 Aug 2004 at 16:48:44 -0400, Mike Robinson wrote:
> Ok, so we can't do that, but can you suggest a better method than
> running freshclam every hour? I would think that the clamav development
> team would be interested in doing a "push" to sites that wanted them,
> because these are prob
On Tue, 17 Aug 2004 at 12:58:34 +1000, Rob Chanter wrote:
[...]
> VINFO="/tmp/siginfo.`date +%H%M%S`"
[...]
> echo >> $VINFO
[...]
> FCINFO="/tmp/fcinfo.`date +%H%M%S`"
[...]
> echo "The ClamAV updater freshclam has failed for some reason." >>$FCINFO
[...]
Such setup is vulnerable to "/tmp fil
Today, clamav reported that some old files where just infected with
Trojan.Delf.CB-1-enc
I suspect a false positive seems the files weren't modified since
several months.
All the infected files are executables autoextractable.
But if I unzip the files and run clamscan on those files I didn't get
On Tue, 17 Aug 2004 at 10:44:56 +0200, Xavier Poinsard wrote:
> Today, clamav reported that some old files where just infected with
> Trojan.Delf.CB-1-enc
> I suspect a false positive seems the files weren't modified since
> several months.
> All the infected files are executables autoextractable
On Mon, 2004-08-16 at 08:05, Brian Morrison wrote:
> > *Clamd successfully notified about the update.*
>
> Yes, I get that too.
>
> However, clamd does not immediately report that it has reloaded the
> database, that happens the next time the Database check happens. Is that
> what you see? If so
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
What about a freshclam cache.
Many users probably have several if not many servers all running clamav.
If we had a freshcached daemon running on a secure server we could point
all other servers to that cache. Or better yet have that daemon notify a
l
On Mon, 2004-08-16 at 16:42, Daniel Tiefnig wrote:
> Roman Suzi wrote:
> > I am not sure why do you worry. Can't see anything unusual.
>
> So you say it's usual, that clamd uses 14M of memory for about one day,
> and then suddenly jumps to 27M? Weird.
Thats not unusual.
>
> > The number of clam
On Tue, 17 Aug 2004 11:13:24 +0800
Wilson Mak <[EMAIL PROTECTED]> wrote:
> re-allocate memory to xxx bytes". And then I set it to 1800, it
> reduces lots of these error messages - but still got some. So I try
> increasing it to avoid getting these errrors. Perhaps, what is the
> best valu
On Tue, 17 Aug 2004 10:52:59 +0100 in [EMAIL PROTECTED]
Trog <[EMAIL PROTECTED]> wrote:
> Also, the libc memory allocation routines will almost certainly not
> free the used memory, but keep it in reserve to later usage.
Yes, there's almost no point to having free physical memory on a
machine,
Hi,
I get following output when starting clamd (0.75.1)
Starting virus daemon: clamdLibClamAV debug: Loading databases from
/usr/local/share/clamav
LibClamAV debug: Loading /usr/local/share/clamav/main.cvd
LibClamAV debug: /usr/local/share/clamav/main.cvd: CVD file detected
LibClamAV debug: in cli
On Tue, 17 Aug 2004 at 11:36:30 +0100, [EMAIL PROTECTED] wrote:
>
> What about a freshclam cache.
>
> Many users probably have several if not many servers all running clamav.
> If we had a freshcached daemon running on a secure server we could point
> all other servers to that cache. Or better ye
On Mon, 2004-08-16 at 22:48, Mike Robinson wrote:
> Ok, so we can't do that, but can you suggest a better method than
> running freshclam every hour? I would think that the clamav development
> team would be interested in doing a "push" to sites that wanted them,
> because these are probably the s
> Getting warning on signature and error on write. How do I fix?
>
>
> ClamAV update process started at Mon Aug 16 23:22:04 2004
> SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES
Ok, installed the gmp package and reinstalled clamav.
> main.cvd is up to date (version: 24, sigs: 21793, f-level
On Tue, 2004-08-17 at 16:28, Randall Perry wrote:
> > main.cvd is up to date (version: 24, sigs: 21793, f-level: 2, builder: tomek)
> > ERROR: Can't open new file ./clamav-18d5879888c45d2c to write
> So, where is freshclam trying to write this file -- I assume I need to
> change perms for a direct
On Tue, 17 Aug 2004 11:36:30 +0100 (BST)
[EMAIL PROTECTED] wrote:
> If we currently have four servers checking every hour. With a cache,
> just one update (through both our and clamav's valuable banmdwidth)
You can setup your own (internal) database mirror. Freshclam connects to
the httpd (80) po
>> ClamAV update process started at Mon Aug 16 23:22:04 2004
>> SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES
> Ok, installed the gmp package and reinstalled clamav.
I'm still getting the error above stating no support for signatures -- is
there a way to check the apps to see if support is
On Tue, 2004-08-17 at 17:04, Randall Perry wrote:
> >> ClamAV update process started at Mon Aug 16 23:22:04 2004
> >> SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES
> > Ok, installed the gmp package and reinstalled clamav.
> I'm still getting the error above stating no support for signatures -
On Mon, 16 Aug 2004, Richard A Nelson wrote:
> On Mon, 16 Aug 2004, Todd Lyons wrote:
>
> > >It shouldn't, however change if a virus is accepted - since sendmail
> > >should be tempfailing mail until the milters are functioning.
> >
> > Incorrect, depending on how you define your milter call for se
Damian Menscher wrote:
> For most mailserver admins, the danger of losing our jobs
> is much greater if we tempfail all incoming mail due to a clamav crash
> than is the danger of losing our jobs due to a couple of viruses leaking
> through.
s/most/some/;
Spoken as one who has never gotten burned
On Tue, 17 Aug 2004 [EMAIL PROTECTED] wrote:
> Many users probably have several if not many servers all running clamav.
> If we had a freshcached daemon running on a secure server we could point
> all other servers to that cache. Or better yet have that daemon notify a
run freschclam on one machi
on 8/17/04 12:32 PM, Kevin Spicer at [EMAIL PROTECTED] wrote:
> Depending on your OS and how you installed clam you may need to install
> the gmp-devel package and configure; make; make install clam again.
>
I can only find gmp-devel in an RPM -- is there a src download for it
somewhere (it's not
On Tue, 17 Aug 2004 10:56:52 +0100 in [EMAIL PROTECTED]
Trog <[EMAIL PROTECTED]> wrote:
> On Mon, 2004-08-16 at 08:05, Brian Morrison wrote:
>
> > > *Clamd successfully notified about the update.*
> >
> > Yes, I get that too.
> >
> > However, clamd does not immediately report that it has reload
>
> run freschclam on one machine, use on-update-execute to run an
> rsync script
> after a successfull download to update all your other machines.
>
>
> ==
> Chris Candreva -- [EMAIL PROTECTED]
Does the clamd process need to be signaled on
On Tue, 17 Aug 2004 at 13:07:05 +0200, Marc wrote:
>
> I get following output when starting clamd (0.75.1)
> [...]
> LibClamAV debug: Loading /tmp/clamav-272bb8f2e537df50/viruses.db2
> LibClamAV debug: Not suported signature type detected at line 15. Skipping.
> LibClamAV debug: Not suported signa
Hi,
> You can try the latest development version which is far more memory
> efficient.
I have this memory-problems (using clamd) too (even with 0.75.1).
So I tried to get and compile the latest snapshot, but failed be-
cause some differences made with autoconf & co. I tried to compile
on de
Hi, i just installed clamav 0.75 on a redhat ES3 with amavis new.
I was wondering, when i look into the clamd.log, all i see is worm.somefool.p. I know
i'm getting more virii than that as my symantec corporate edition is catching netsky
and beagle and other varients.
i ran freshclam and updated
On Tue, 17 Aug 2004 12:38:17 -0700 in
[EMAIL PROTECTED] "Mitch \(WebCob\)"
<[EMAIL PROTECTED]> wrote:
> Does the clamd process need to be signaled on each machine to
> recognize the new db?
Yes.
--
Brian Morrison
bdm at fenrir dot org dot uk
GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.ne
On Tue, 2004-08-17 at 11:36, [EMAIL PROTECTED] wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
> What about a freshclam cache.
>
> Many users probably have several if not many servers all running clamav.
> If we had a freshcached daemon running on a secure server we could point
> al
On Tue, 17 Aug 2004, Mitch (WebCob) wrote:
> > run freschclam on one machine, use on-update-execute to run an rsync
> > script after a successfull download to update all your other
> > machines.
>
> Does the clamd process need to be signaled on each machine to recognize the
> new db?
Yes, but you
On Tue, 17 Aug 2004, Mitch (WebCob) wrote:
> Does the clamd process need to be signaled on each machine to recognize the
> new db?
Yes. Here are the pieces - there are probably simpler ways to do most of
this now.
The cron job:
/usr/local/bin/freshclam --daemon-notify --log=/var/adm/clam-updat
I've just installed Clamassassin and an error
message is appearing in the header, details below.
X-Virus-Status: FailedX-Virus-Report: Internal
error mktemp MSGTMP failedX-Virus-Checker-Version: clamassassin 1.2.1 with
clamdscan / ClamAV version 0.75.1 signatures 24.457Status:
The p
also, where can i configure clamav to send a notification if when a virus
is detected?
You configure amavisd to send notification.
Uncomment and edit to meet your needs:
# $virus_admin = "[EMAIL PROTECTED]";
You may also want to configure and enable:
#$mailfrom_notify_admin = "[EMAIL PROTECTED
Kern, Tom wrote:
Hi, i just installed clamav 0.75 on a redhat ES3 with amavis new.
I was wondering, when i look into the clamd.log, all i see is worm.somefool.p. I know
i'm getting more virii than that as my symantec corporate edition is catching netsky
and beagle and other varients.
i ran fresh
on 8/17/04 1:43 PM, Randall Perry at [EMAIL PROTECTED] wrote:
> on 8/17/04 12:32 PM, Kevin Spicer at [EMAIL PROTECTED] wrote:
>> Depending on your OS and how you installed clam you may need to install
>> the gmp-devel package and configure; make; make install clam again.
>>
> I can only find gmp-
> On 8/17/2004 10:23 PM GMT+2, lnx wrote:
>
> >
> > I've just installed Clamassassin and an error message is appearing in
the header, details below.
> >
> > X-Virus-Status: Failed
> > X-Virus-Report: Internal error mktemp MSGTMP failed
> > X-Virus-Checker-Version: clamassassin 1.2.1 with clamd
On Tue, Aug 17, 2004 at 11:36:30AM +0100, [EMAIL PROTECTED] said:
>
> What about a freshclam cache.
[snip]
> Do it the unix way -> "split the problem into separate processes that do
> their job and only their job the best way possible".
squid, anyone?
--
--
> What about a freshclam cache.
>
> Many users probably have several if not many servers all running clamav.
> If we had a freshcached daemon running on a secure server we could point
> all other servers to that cache.
Why not use squid and point httpproxy in freshclam.conf to there?
> Jim :-)
On Tue, 2004-08-17 at 18:43, Randall Perry wrote:
> on 8/17/04 12:32 PM, Kevin Spicer at [EMAIL PROTECTED] wrote:
> > Depending on your OS and how you installed clam you may need to install
> > the gmp-devel package and configure; make; make install clam again.
> >
> I can only find gmp-devel in a
On 8/17/2004 10:23 PM GMT+2, lnx wrote:
I've just installed Clamassassin and an error message is appearing in the header, details below.
X-Virus-Status: Failed
X-Virus-Report: Internal error mktemp MSGTMP failed
X-Virus-Checker-Version: clamassassin 1.2.1 with clamdscan / ClamAV version 0.75.1 s
I've just installed Clamassassin and an error
message is appearing in the header, details below.
X-Virus-Status: FailedX-Virus-Report: Internal
error mktemp MSGTMP failedX-Virus-Checker-Version: clamassassin 1.2.1 with
clamdscan / ClamAV version 0.75.1 signatures 24.457Status:
The pr
On Tue, 17 Aug 2004, Damian Menscher wrote:
> On Mon, 16 Aug 2004, Richard A Nelson wrote:
> >
> > Yes, I guess one cant legislate sanity, can one :(
> > But spamassassin and clamav should default to tempfail !
> >
> > ...still cant believe that
> > people aren't recommending a safe, by default se
On Tue, 17 Aug 2004, Richard A Nelson wrote:
> On Tue, 17 Aug 2004, Damian Menscher wrote:
> > On Mon, 16 Aug 2004, Richard A Nelson wrote:
> > >
> > > Yes, I guess one cant legislate sanity, can one :(
> > > But spamassassin and clamav should default to tempfail !
> > >
> > > ...still cant believe
On Tue, Aug 17, 2004 at 09:04:11AM +0200, Tomasz Papszun wrote:
> On Tue, 17 Aug 2004 at 12:58:34 +1000, Rob Chanter wrote:
> [...]
> > VINFO="/tmp/siginfo.`date +%H%M%S`"
> [...]
> > echo >> $VINFO
> [...]
> > FCINFO="/tmp/fcinfo.`date +%H%M%S`"
> [...]
> > echo "The ClamAV updater freshclam h
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of
> [EMAIL PROTECTED]
>
>
> Damian Menscher wrote:
> > For most mailserver admins, the danger of losing our jobs
> > is much greater if we tempfail all incoming mail due to a clamav crash
> > than is the dan
On Tue, 17 Aug 2004 13:43:53 -0400 in [EMAIL PROTECTED]
Randall Perry <[EMAIL PROTECTED]> wrote:
> on 8/17/04 12:32 PM, Kevin Spicer at [EMAIL PROTECTED] wrote:
> > Depending on your OS and how you installed clam you may need to
> > install the gmp-devel package and configure; make; make install c
Trog wrote:
Also, the libc memory allocation routines will almost certainly not free
the used memory, but keep it in reserve to later usage.
Eh?
So if at some point it decides to use over 3GB of memory (like once
happened here, Solaris/Sparc, for devel versions after 0.75.1), it will
not free
46 matches
Mail list logo
