On NetBSD (1.6 anyway) the detection of gethostbyname_r is not sufficient. Compile and link detect the missing call (instead of just compiling with -c)
From rc2 to rc3 a call to setsockopt with SO_BINDTODEVICE has been introduced in clamav-milter. This option is not supported on netbsd.
Woul
Damian Menscher wrote:
Sorry if this has been reported already; I'm behind on email.
Running 0.80rc3.
[EMAIL PROTECTED] etc]# /etc/init.d/clamav-milter start
Starting clamav-milter: clamav-milter: ScanMail not enabled in
/usr/local/encap/clamav-0.80rc3/etc/clamd.conf
The .conf file says:
# Enable
I noticed my milter syslogs are now going to /var/log/messages instead
of the usual /var/log/maillog. After adding "LogFacility LOG_MAIL" to
my clamd.conf and clamav.conf it started logging to the original
location.
However I'm no getting the clamd logs in my maillogs. I want these to go
to the de
Hi all,
Hoping someone can shed some light on an issue we are having. A few days
ago ClamAV stopped being updated for some reason and doesn't appear to be
catching viruses. I've checked the logs, but there doesn't seem to be any
indication of something wrong (other places to check?), and a view
On Wed, 29 Sep 2004 [EMAIL PROTECTED] wrote:
On Wed, 29 Sep 2004, Dennis Peterson wrote:
Anyone got a plan for when encrypted zip'd jpeg files start showing up?
Either start a "password greper/parser" which should be able to be updated
to recognize new formats in a non-executable way (regex or some
> From rc2 to rc3 a call to setsockopt with SO_BINDTODEVICE has been
> introduced in clamav-milter. This option is not supported on netbsd.
>
> Would it be possible to #ifdef this single call to setsockopt?
Already fixed in the development version:
Tue Sep 28 15:46:18 BST 2004 (njh)
-
On Sep 30, 2004, at 9:56, Nigel Horne wrote:
From rc2 to rc3 a call to setsockopt with SO_BINDTODEVICE has been
introduced in clamav-milter. This option is not supported on netbsd.
Would it be possible to #ifdef this single call to setsockopt?
Already fixed in the development version:
Tue Sep
On Thu, 2004-09-30 at 08:26, Damian Menscher wrote:
> false positive. Only the third rule:
> Exploit.JPEG.Comment.3:5:0:ffd8fffe00(00|01)
> is 100% safe. (Note that I work for the Imaging Technology Group, so a
> false positive on a jpeg would be a Very Bad Thing. And even a 0.01%
> failure
Mike Cathey wrote:
From this point forward, please begin sending replies to the respective
list name (clamav-users/clamav-devel) @ lists.clamav.net. The
subscriber list has been imported into the database on the new ML
server(s) so you will _NOT_ need to resubscribe to the lists.
We sincerely appr
On 9/30/2004 10:53 AM +0200, JORT Emmanuel wrote:
i unsubscribed from the clamav-users list in June (before this change)
and now, since it has changed on the new ML i receive mail from the list.
so, i unsubscribed again there's a few minutes (near one hour) from
https://lists.sourceforge.net/lis
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello ClamAV users,
Using 0.80rc2 ... one local user sent another a zip file containing
various text files and an EXE program (compiled application from Delphi,
I think).
This file was blocked by ClamAV as "Suspected.Zip".
Can someone explain the re
Hi,
Dave Ewart wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello ClamAV users,
Using 0.80rc2 ... one local user sent another a zip file containing
various text files and an EXE program (compiled application from Delphi,
I think).
This file was blocked by ClamAV as "Suspected.Zip".
Can some
On Thu, 2004-09-30 at 10:49, Dave Ewart wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hello ClamAV users,
>
> Using 0.80rc2 ... one local user sent another a zip file containing
> various text files and an EXE program (compiled application from Delphi,
> I think).
>
> This file wa
Trog wrote:
It means the zip contains either a file with zero length name, or a file
thats zero bytes in length, or possibly that the unzip failed.
A file of zero bytes in length, that's completely normal to me.
False positive?
--
Paul Bijnens, XplanationTel +32 16 397.
On Sep 29, 2004, at 11:09 PM, Dennis Peterson wrote:
Anyone got a plan for when encrypted zip'd jpeg files start showing up?
I'm switching my userbase to OS X and Linux. :-)
-Bart
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
On Sep 30, 2004, at 3:26 AM, Damian Menscher wrote:
On Wed, 29 Sep 2004 [EMAIL PROTECTED] wrote:
... It's interesting that viruses are finally starting to implement
what
we were joking about in 1995 at high school...
I'm impressed with how far we've come. Less than a year ago, I could
most email
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday, 30.09.2004 at 11:26 +0100, Trog wrote:
> It means the zip contains either a file with zero length name, or a
> file thats zero bytes in length, or possibly that the unzip failed.
Hmm, yes, the unzip failed. The perl module Archive::Zip
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Bart
> Silverstrim
> Sent: Thursday, September 30, 2004 7:50 AM
>
>
> On Sep 30, 2004, at 3:26 AM, Damian Menscher wrote:
>
> > On Wed, 29 Sep 2004 [EMAIL PROTECTED] wrote:
> >> ... It's interesting that vi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday, 30.09.2004 at 12:27 +0200, Bogus??aw Brandys wrote:
> Maybe unsupported zip format ? What unzip.exe says when unzipping ?
That's the problem (see other post in the thread). Thanks for info.
Dave.
- --
Dave Ewart
[EMAIL PROTECTED]
Comp
Brian wrote:
> Hoping someone can shed some light on an issue we are having. A few
> days ago ClamAV stopped being updated for some reason and doesn't appear
> to be catching viruses. I've checked the logs, but there doesn't seem
> to be any indication of something wrong (other places to check?)
On 9/30/2004 3:33 PM +0200, Brian wrote:
Hi all,
Hoping someone can shed some light on an issue we are having. A few days
ago ClamAV stopped being updated for some reason and doesn't appear to be
catching viruses. I've checked the logs, but there doesn't seem to be any
indication of something wro
Hi
> I can run the freshclam and manually update, but it was doing this
automatically. I tried restarting clamav, but doesn't seem to have fixed
the problem.
clamd does not update itself.
Try restarting freshclam-daemon!
> I am using clamav ver. 0.70.
Update. 0.75.1 is current, and even that d
On Thu, 30 Sep 2004 15:43:19 +0200 in
[EMAIL PROTECTED] "Steffen Heil"
<[EMAIL PROTECTED]> wrote:
> The only way to catch everything is 0.80rc3, which is not stable.
But may be stable enough depending on your needs.
--
Brian Morrison
bdm at fenrir dot org dot uk
GnuPG key ID DE32E5C5 - http
On Wed, 29 Sep 2004 [EMAIL PROTECTED] wrote:
> ... It's interesting that viruses are finally starting to implement what
> we were joking about in 1995 at high school...
It's interesting we were making similar jokes in 1985 in high school.
=
Christopher X. Candreva said:
> On Wed, 29 Sep 2004 [EMAIL PROTECTED] wrote:
>
>> ... It's interesting that viruses are finally starting to implement
>> what
>> we were joking about in 1995 at high school...
>
> It's interesting we were making similar jokes in 1985 in high school.
>
>
And back in
On Sep 30, 2004, at 8:32 AM, Samuel Benzaquen wrote:
As I remember... there IS a plugin for using Clam on Squid =P
Methinks it isn't as widely deployed as it may become, or there'd be
more mentions of it and howtos...and we'd probably have to be running
it by now, and the ClamAV team would be hou
Hey all,
Just a quick question. I would like to update ClamAV on our mail
servers before the weekend. Is .80rc4 (or a full release) expected
today or tomorrow? If so I'll wait.
If not, would you suggest .80rc3 or last night's snapshot? It looks
like the snapshot may have a fix to solve the
On Thu, 30 Sep 2004, Kevin Old wrote:
I'm running a RH9 server with clamav-0.75 and am trying to build the
0.80rc3 but am getting the following error:
/usr/bin/ld: cannot find -lgssapi_krb5
collect2: ld returned 1 exit status
make[2]: *** [libclamav.la] Error 1
make[2]: Leaving directory `/tmp/clam
Hi,
The Bagle.AP (dd 29/09/2004) is only recognized by clamd 0.80rc3 (according to
the message from the site below) and not by 0.75.1.
I did run a freshclam today but the virus was not stopped.
Since I only like to run a stable versions (0.75.1) of clamd Bagle.AP is not
found, or do I miss some
On Thu, 2004-09-30 at 18:37 +0200, Filbert wrote:
> Hi,
>
> The Bagle.AP (dd 29/09/2004) is only recognized by clamd 0.80rc3 (according to
> the message from the site below) and not by 0.75.1.
I caught Bagle.AP for three days with 0.75-1 before upgrading to
0.80rc3...
_
Greetings!
I have just upgraded to the latest version of ClamAV that is said to be able
to detect the new JPEG vulnerability. I'm using ClamAV with MailScanner to
scan e-mail. How can I test to see if ClamAV is indeed detecting the JPEG
exploit?
Thanks,
Rod
Todd Lyons wrote:
> Kevin Old wanted us to know:
>
>> /usr/bin/ld: cannot find -lgssapi_krb5
>> ...
>> The weird part is, I've checked my /etc/ld.so.conf file and it
>> lists: /usr/kerberos/lib /usr/X11R6/lib
>> /usr/lib
>
> That is for runtime. The issue you're having is that it cannot find
> t
> I have just upgraded to the latest version of ClamAV that is said to be able
> to detect the new JPEG vulnerability. I'm using ClamAV with MailScanner to
> scan e-mail. How can I test to see if ClamAV is indeed detecting the JPEG
> exploit?
Download an example here: http://www.easynews.com/virus
Reading the manual and loking at the man page ...
--from=EMAIL-a EMAILError messages come from here.
The command line I use hasn't changed from 74, 75.1, and now
80rc3.clamav-milter -lo -p [EMAIL PROTECTED] -Q clamav
/var/run/clamd/clmilter.sock
Ok, how will this resolve my is
Rodney Green wrote:
> Greetings!
>
> I have just upgraded to the latest version of ClamAV that is said to
> be able to detect the new JPEG vulnerability. I'm using ClamAV with
> MailScanner to scan e-mail. How can I test to see if ClamAV is indeed
> detecting the JPEG exploit?
>
> Thanks,
> Rod
>Download an example here: http://www.easynews.com/virus.html (watch it,
it's a real virus, don't open it on unpatched >system, it may crash your
pc) and scan it, or check the logging for Exploit.JPEG.
Thanks Ralf. I downloaded the example and just left it zipped up. I sent the
zipped fil
On Thu, 30 Sep 2004 10:04:28 -0700, [EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote:
> Todd Lyons wrote:
> > Kevin Old wanted us to know:
> >
> >> /usr/bin/ld: cannot find -lgssapi_krb5
> >> ...
> >> The weird part is, I've checked my /etc/ld.so.conf file and it
> >> lists: /usr/kerberos/lib /usr/X11R6
On Thu, 30 Sep 2004 13:37:55 -0400, Kevin Old <[EMAIL PROTECTED]> wrote:
> On Thu, 30 Sep 2004 10:04:28 -0700, [EMAIL PROTECTED]
> <[EMAIL PROTECTED]> wrote:
> > Todd Lyons wrote:
> > > Kevin Old wanted us to know:
> > >
> > >> /usr/bin/ld: cannot find -lgssapi_krb5
> > >> ...
> > >> The weird part
On Thu, 30 Sep 2004 09:38:45 -0700, Todd Lyons <[EMAIL PROTECTED]> wrote:
> Kevin Old wanted us to know:
>
> >I'm running a RH9 server with clamav-0.75 and am trying to build the
> >0.80rc3 but am getting the following error:
> >/usr/bin/ld: cannot find -lgssapi_krb5
> >collect2: ld returned 1 exi
On Thu, 30 Sep 2004 13:50:16 -0400, Kevin Old <[EMAIL PROTECTED]> wrote:
> On Thu, 30 Sep 2004 09:38:45 -0700, Todd Lyons <[EMAIL PROTECTED]> wrote:
> > Kevin Old wanted us to know:
> >
> > >I'm running a RH9 server with clamav-0.75 and am trying to build the
> > >0.80rc3 but am getting the followi
Kevin Old wrote:
>> Can I just link libgssapi_krb5.so to libgssapi_krb5.so.2 in
>> /usr/kerberos/lib?
>
> I just did this and now during make I get:
>
> /usr/bin/ld: cannot find -lkrb5
>
> Guess that didn't fix it.
>
> Any ideas?
>
> Kevin
What I meant was
For every X in /usr/kerberos/lib:
l
>> The Bagle.AP (dd 29/09/2004) is only recognized by clamd 0.80rc3
>> (according to the message from the site below) and not by 0.75.1.
>
> I caught Bagle.AP for three days with 0.75-1 before upgrading to
> 0.80rc3...
I'm currently on 0.75.1 as well and trapping Bagle.AP successfully. I
can't a
On Thu, 30 Sep 2004, Kevin Old wrote:
On Thu, 30 Sep 2004 10:04:28 -0700, [EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote:
Todd Lyons wrote:
Kevin Old wanted us to know:
/usr/bin/ld: cannot find -lgssapi_krb5
...
The weird part is, I've checked my /etc/ld.so.conf file and it
lists: /usr/kerberos/lib /u
Hi,
Now that we have 2 mailing lists, please take note of the following.
If you hit Reply all in your mail client,
make sure you remove the old mailing list addy:
[EMAIL PROTECTED]
The new address is: [EMAIL PROTECTED]
So please make sure thats the old address in the To field when you reply.
I've s
On 9/30/2004 8:28 PM +0200, Niek wrote:
So please make sure thats the old address in the To field when you reply.
My god i suck, what i meant was:
So please make sure that the old address is _not_ in the To:
field when you hit send.
Niek
--
__
On Thu, Sep 30, 2004 at 08:31:35PM +0200, Niek wrote:
> On 9/30/2004 8:28 PM +0200, Niek wrote:
> >So please make sure thats the old address in the To field when you reply.
> My god i suck, what i meant was:
> So please make sure that the old address is _not_ in the To:
> field when you hit send.
On Sep 30, 2004, at 1:08 PM, ralf bosz wrote:
I have just upgraded to the latest version of ClamAV that is said to
be able
to detect the new JPEG vulnerability. I'm using ClamAV with
MailScanner to
scan e-mail. How can I test to see if ClamAV is indeed detecting the
JPEG
exploit?
Download an exa
|My mail sorting rules are going crazy already! And I thought I was messing
|something up.
|
|;)
|
|--
|Kelsey Cummings - [EMAIL PROTECTED] sonic.net, inc.
|System Administrator 2260 Apollo Way
|707.522.1000 (Voice) Santa Rosa, CA 95407
|707.54
On Thursday 30 September 2004 01:34 pm, Kelsey Cummings wrote:
> My mail sorting rules are going crazy already! And I thought I was messing
> something up.
hah. Hence the beauty of the .qmail file:
[EMAIL PROTECTED] ~ $ cat .qmail-clamav
./Maildir/.lists.clamav/
-Jeremy
--
Jeremy Kitchen ++ S
On Thursday 30 September 2004 01:34 pm, Kelsey Cummings wrote:
> My mail sorting rules are going crazy already! And I thought I was messing
> something up.
Procmail is great:
:0
* ^List-Id.*clamav-users\.lists\.(clamav.net|sourceforge.net)
.Clamav-Users/
Jeff
pgpT3zMmCdm2H.pgp
Description: PG
Kevin Old wanted us to know:
>> Pass to gcc "-L/usr/kerberos/lib".
>Sorry, for the basic question, but which line in the Makefile should
>I put this on?
None. Read Damien Menscher's reply to you that states exactly what the
problem is and then install the rpm that he told you to. That will fix
Kelsey Cummings wrote:
My mail sorting rules are going crazy already! And I thought I was messing
something up.
Mine only look for "clamav" in the List-Id header. (I route clamav-users
and clamav-announce to the same folder.) They never blinked.
Sometimes it's better not to be *too* specific.
--
Jeff Smelser wanted us to know:
>On Thursday 30 September 2004 01:34 pm, Kelsey Cummings wrote:
>> My mail sorting rules are going crazy already! And I thought I was messing
>> something up.
>Procmail is great:
>:0
>* ^List-Id.*clamav-users\.lists\.(clamav.net|sourceforge.net)
>.Clamav-Users/
Le
Nigel,
I think I'm getting closer to finding the cause of this. Further testing
shows that clamav-milter does not scan messages unless BOTH the -l and
-o switches are added (or the -f switch).
This is regardless of whether the message is sent from the LAN or from
an external host.
My tentative
I've just run into a problem where clam is taking about 2 minutes to scan a
4.5 mb MS access database file. I'm seeing this on .80rc2 and the Sept 29
snap.
Unfortunately the data is proprietary and it doesn't look like I'm going to
be able to submit it. I'm trying to get an empty schema of the
I won't make a habit of posting these, but I wanted to brag on our
first month of running clamav live at the University of Texas Pan American.
These are all the viruses stopped at the edge of campus by a filter
in the SMTP stream in the month of September.
(A small number of the reported names ar
Hello everyone,
I'm running a RH9 server with clamav-0.75 and am trying to build the
0.80rc3 but am getting the following error:
/usr/bin/ld: cannot find -lgssapi_krb5
collect2: ld returned 1 exit status
make[2]: *** [libclamav.la] Error 1
make[2]: Leaving directory `/tmp/clamav-0.80rc3/libclamav
Bill Maidment wanted us to know:
>I've spent this afternoon trying to find out why this one should work
>and not the others. All the software versions are the same and the
>configs. The only difference is the Linux version. Bad ones are RH 7.2
>RH 9 FC1 and FC3-test1. The good one is FC1.
So o
As a result of user pressure the "--from" argument was added, and has been
in place since 0.75k.
-Nigel
On Wednesday 29 Sep 2004 19:55, Ken Jones wrote:
> I guess a better way of putting it is this. Here is a copy of what my
> inbox looks like:
>
> With 80RC3:
> [EMAIL PROTECTED] 9:00 Virus in
Kevin Old wanted us to know:
>I'm running a RH9 server with clamav-0.75 and am trying to build the
>0.80rc3 but am getting the following error:
>/usr/bin/ld: cannot find -lgssapi_krb5
>collect2: ld returned 1 exit status
>make[2]: *** [libclamav.la] Error 1
>make[2]: Leaving directory `/tmp/clamav
60 matches
Mail list logo
