[sending notification to receiver]
It's possible with Amavisd-new to do this, but if it's wise??? It can
confuse the receiver, so inform them good about this kind of messages
(or make the message very good).
Here we just delete the worms, what is the use of a message that you
just received the ne
On Wednesday 26 Jan 2005 23:41, KriĆ
tof Petr wrote:
> Hi,
>
> trying to start clamav-milter from 0.81 I get:
>
> Starting clamav-milter: /usr/sbin/clamav-milter: ScanMail not defined in
> /etc/clamd.conf (needed without --external)
What are your clamav-milter options?
> Petr
--
Nigel Horne.
Tomasz Kojm <[EMAIL PROTECTED]>
> Date: Tue, 25 Jan 2005 18:09:59 +0100
> Subject: Re: [Clamav-users] Problem with clamd hanging
>On Tue, 25 Jan 2005 17:48:08 +0100
>[EMAIL PROTECTED] wrote:
>
>>
>> Trog <[EMAIL PROTECTED]>
>>
>> >Thats normal behaviour. A gdb backtrace of each thread when it
On Thu, 27 Jan 2005 02:01:28 +0100 in
[EMAIL PROTECTED] Tomasz Kojm <[EMAIL PROTECTED]>
wrote:
> There were problems generating HTML documentation (probably due to
> broken TeX installation in Debian). The tarball now includes
> clamdoc.tex so you can try to generate it yourself with latex2html
On Thu, 27 Jan 2005 09:51:48 +0100 in
[EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
> After 24hours with 0.81rc1 compiled with gcc I have not seen any
> hang-up.
And 0.81 is now released officially.
--
Brian Morrison
bdm at fenrir dot org dot uk
GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.n
On Thu, Jan 27, 2005 at 08:10:36AM +, Brian Morrison wrote:
> The clamdoc.aux file was not found, so sections will not be numbered
> and cross-references will be shown as icons.
>
> Is there a correct command for generating the html docs or the
> clamdoc.aux file? I'm not very TeX literate I'm
Using the latest CVS (from about 1 hour ago), when I start clamd and
clamavmilter I get a message from Libaclamav stating the Clamav engine is
outdated and saying that I should upgrade immediately.
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/cla
On Wed, 26 Jan 2005 at 13:17:40 -0600, [EMAIL PROTECTED] wrote:
[...]
> Secondly full file system scanning.
>
> [...] The second is easy enough, however,
> when I used clamdscan the file system scan consumes inordinate amount of
> CPU resources. I've tried starting clamd with a nice value of 17 an
I 'had' a beautiful Clamd installation working on a Debian distribution
with MIMEDefang.
I received the warning from freshclam that my ClamAV installation was
outdated. I entered Debian "dselect" and without changing any selections
took the option to upgrade. The upgrade warned me that freshclam.c
On Thu, 27 Jan 2005 10:35:47 +0100 in [EMAIL PROTECTED]
Jan Pieter Cornet <[EMAIL PROTECTED]> wrote:
> On Thu, Jan 27, 2005 at 08:10:36AM +, Brian Morrison wrote:
> > The clamdoc.aux file was not found, so sections will not be numbered
> > and cross-references will be shown as icons.
> >
> >
On Thu, Jan 27, 2005 at 10:08:08AM -, Christopher Roberts wrote:
> I 'had' a beautiful Clamd installation working on a Debian distribution
> with MIMEDefang.
> Replacing config file /etc/clamav/freshclam.conf with new version
> Starting ClamAV virus database updater: ERROR: Number of checks
On Thu, Jan 27, 2005 at 10:49:57AM +, Brian Morrison wrote:
> > TeX generates the .aux file itself. Just rerun the command you gave.
>
> Done that, same result. I ran latex2html, do I need to run another
> command first?
Hm, I'm not very familiar with latex2html. Maybe you should just run
"la
> Check the value of "Checks" in /etc/clamav/freshclam.conf (defaults to
> 12, I think)
Thanks GC, you're a genius. Or perhaps I'm just stupid - I just never
thought to read the error message that literally - it was set to zero
and instead I had added freshclam to cron.
I have now changed to 12 a
Luca Gibelli wrote:
> Dear ClamAV users,
>
> release 0.81 is now available for download.
[ NOTHING ABOUT FUNCTIONALITY UPGRADE ]
WARNING: Your ClamAV installation is OUTDATED - please update immediately!
WARNING: Current functionality level = 3, required = 4
This is the second time, that this h
On Thu, 27 Jan 2005 13:17:16 +0100
Ralph Angenendt <[EMAIL PROTECTED]> wrote:
> Luca Gibelli wrote:
> > Dear ClamAV users,
> >
> > release 0.81 is now available for download.
>
> [ NOTHING ABOUT FUNCTIONALITY UPGRADE ]
>
> WARNING: Your ClamAV installation is OUTDATED - please update
> immediat
On Thu, 27 Jan 2005 13:17:16 +0100 Ralph Angenendt wrote:
> Luca Gibelli wrote:
> > Dear ClamAV users,
> >
> > release 0.81 is now available for download.
>
> [ NOTHING ABOUT FUNCTIONALITY UPGRADE ]
>
> WARNING: Your ClamAV installation is OUTDATED - please update immediately!
> WARNING: Current
On Thu, 27 Jan 2005 13:37:33 +0100
Frank Elsner <[EMAIL PROTECTED]> wrote:
> > WARNING: Your ClamAV installation is OUTDATED - please update
> > immediately! WARNING: Current functionality level = 3, required = 4
> >
> > This is the second time, that this happened (last time was to 0.80).
>
> An
On Thu, 27 Jan 2005 13:42:12 +0100 in
[EMAIL PROTECTED] Tomasz Kojm <[EMAIL PROTECTED]>
wrote:
> Will ASCII-art flowers printed by freshclam satisfy you as well?
Won't your sheep(?) eat them?
--
Brian Morrison
bdm at fenrir dot org dot uk
GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pg
On Thu, 27 Jan 2005 12:55:33 +
Brian Morrison <[EMAIL PROTECTED]> wrote:
> On Thu, 27 Jan 2005 13:42:12 +0100 in
> [EMAIL PROTECTED] Tomasz Kojm <[EMAIL PROTECTED]>
> wrote:
>
> > Will ASCII-art flowers printed by freshclam satisfy you as well?
>
> Won't your sheep(?) eat them?
Actually it
On Thu, Jan 27, 2005 at 12:12:09PM -, Christopher Roberts wrote:
> > Check the value of "Checks" in /etc/clamav/freshclam.conf (defaults to
> > 12, I think)
>
> Thanks GC, you're a genius. Or perhaps I'm just stupid - ...
Please don't exagerate: you're NOT stupid!!! ;-)
bye,
gc :-)
_
On Thu, 27 Jan 2005 14:03:46 +0100
Gian Carlo <[EMAIL PROTECTED]> wrote:
> On Thu, Jan 27, 2005 at 12:12:09PM -, Christopher Roberts wrote:
> > > Check the value of "Checks" in /etc/clamav/freshclam.conf
> > > (defaults to 12, I think)
> >
> > Thanks GC, you're a genius. Or perhaps I'm just s
Tomasz Kojm wrote:
Won't your sheep(?) eat them?
Actually it's a turtle. I really hate when people confuse it with
a sheep! ;-)
Ehh? I really thought it was a snail!
those two little dots on top, are s like snail antennas. or eyes,
whatever.
If you've seen Gary, Spongebob Squarepants'
Is there an upgrade doc? I want to update to the latest version. Is it
best to install over the top of an old version? Or is there a preferred
method of upgrade?
Thanks!
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
On Thu, 27 Jan 2005 07:16:06 -0600
"Diane Rolland" <[EMAIL PROTECTED]> wrote:
> Is there an upgrade doc? I want to update to the latest version. Is
> it best to install over the top of an old version? Or is there a
> preferred method of upgrade?
http://wiki.clamav.net/index.php/UpgradeInstruct
> > > On Mon, 24 Jan 2005 at 3:04:22 -0700, Hal Goldfarb wrote:
> > > > [...]
> > > > Problem: When I run clamdscan (which uses the daemon), it generates
> > > > zillions of errors in the clamd.log file something like "Directory
> > > > recursion limit exceeded at /home/hal/.tvtime". However, w
On Thu, 27 Jan 2005 13:57:30 +0100 in
[EMAIL PROTECTED] Tomasz Kojm <[EMAIL PROTECTED]>
wrote:
> > Won't your sheep(?) eat them?
>
> Actually it's a turtle. I really hate when people confuse it with
> a sheep! ;-)
OK, but turtles like flowers too don't they?
--
Brian Morrison
bdm at fenri
On Thu, 27 Jan 2005 13:42:12 +0100 Tomasz Kojm wrote:
> On Thu, 27 Jan 2005 13:37:33 +0100
> Frank Elsner <[EMAIL PROTECTED]> wrote:
>
> > > WARNING: Your ClamAV installation is OUTDATED - please update
> > > immediately! WARNING: Current functionality level = 3, required = 4
> > >
> > > This is
Here are the upgrade instructions that I follow(ed)! These do work if
you follow them to the t! *oh ya ... Remember to backup your
Freshclam.conf and clamd.conf =P~
unpack the old distribution:
tar -zxf clamav-0.80.tar.gz
run configure
cd clamav-0.80
./configure
Unpack the
I'm thinking that someone has submitted this, and we already have the
update...but does anyone know for sure if we are safe from this.
WORM_BAGLE.AZ is what Trend Net is referring to this as, there message
to me this morning follows:
> As of January 27, 2005 1:42 AM PST (Pacific Standard Time/
On Thu, 2005-01-27 at 07:01 -0700, Craig Daters wrote:
> I'm thinking that someone has submitted this, and we already have the
> update...but does anyone know for sure if we are safe from this.
>
> WORM_BAGLE.AZ is what Trend Net is referring to this as, there message
> to me this morning follow
Trog wrote:
It is detected by Clam as Trojan.Downloader.Small-165, which was added
on 8th Nov 2004 by Christoph.
Wow, that was some time ago, and TrendNet is only just now putting out
an update! That's scarry!
Thanks Trog
--
Craig Daters ([EMAIL PROTECTED])
Systems Administrator
West Press Print
Hi List!
Please allow me to start by saying I'm relatively new here, having just
switched to clam from RAV. I'm very impressed with the responsiveness of
the Clam team, and with the Clam product. You guys do a great job.
I do have a question on the upgrade(s): Is there typically a period of
tim
[EMAIL PROTECTED] wrote:
> Trog wrote:
>> It is detected by Clam as Trojan.Downloader.Small-165, which was
>> added on 8th Nov 2004 by Christoph.
>>
> Wow, that was some time ago, and TrendNet is only just now
> putting out an update! That's scarry!
>
> Thanks Trog
>
> --
> Craig Daters ([EMAIL
On Thu, 2005-01-27 at 08:25 -0600, Sam wrote:
> I do have a question on the upgrade(s): Is there typically a period of
> time where the old version will work alongside the new version? (I read
> the faq and saw the mention of missing viruses if one doesn't upgrade).
> The reason I ask is, in my
Trog: Thanks for the advice on the new releases.
I have yet another question. I have noticed Clam stopping (or at
least to me it appears to be stopping) various phishing attempts. Or am I
wrong?
If this is the case, I will start submitting phishing attemps I see (I
probably get 3 - 4 a day).
>Craig Daters
>Wow, that was some time ago, and TrendNet is only just now putting out
>an update! That's scarry!
>
>Thanks Trog
What concerns me (if it is true that ClamAV has detected this specific
variant since November) is that ClamAV is not performing due diligence
and sharing samples to prote
Upgraded this morning to 0.81, and suddenly I have frequently the
error message "ScanStream: accept() failed" in my logs.
I have enable verbose logging, and notice that *most of the time*
all is ok, but frequently there is an accept error:
Thu Jan 27 16:09:06 2005 -> Accepted connection on port 125
[EMAIL PROTECTED] wrote:
>> Craig Daters
>> Wow, that was some time ago, and TrendNet is only just now putting
>> out an update! That's scarry!
>>
>> Thanks Trog
>
> What concerns me (if it is true that ClamAV has detected this
> specific variant since November) is that ClamAV is not
> performin
On Thu, 2005-01-27 at 09:13 -0600, [EMAIL PROTECTED] wrote:
> >Craig Daters
> >Wow, that was some time ago, and TrendNet is only just now putting out
> >an update! That's scarry!
> >
> >Thanks Trog
>
> What concerns me (if it is true that ClamAV has detected this specific
> variant since November)
>Randal, Phil:
>
>Hold on a minute there! ClamAV detects it because it matches an
>existing ClamAV virus pattern - that is serendipitous rather than
>malicious.
My apoligies if that is the case. However, I do know that Trend
detected this before the new definitions were released as well.
However
On Thu, 27 Jan 2005, Sam wrote:
I have yet another question. I have noticed Clam stopping (or at
least to me it appears to be stopping) various phishing attempts. Or am I
wrong?
If this is the case, I will start submitting phishing attemps I see (I
probably get 3 - 4 a day).
Please don't. Phishing
On Jan 27, 2005, at 10:13 AM, <[EMAIL PROTECTED]> wrote:
Craig Daters
Wow, that was some time ago, and TrendNet is only just now putting out
an update! That's scarry!
Thanks Trog
What concerns me (if it is true that ClamAV has detected this specific
variant since November) is that ClamAV is not per
On Jan 27, 2005, at 10:25 AM, Damian Menscher wrote:
There was a discussion about this several months ago. Unfortunately,
many people (including part of the signature-generation team) are too
dogmatic about their feelings that "phishing is bad, so we should
block it" to look at it logically.
Ca
On Thu, 27 Jan 2005 10:32:55 -0500
Bart Silverstrim <[EMAIL PROTECTED]> wrote:
>
> On Jan 27, 2005, at 10:25 AM, Damian Menscher wrote:
>
> > There was a discussion about this several months ago.
> > Unfortunately, many people (including part of the
> > signature-generation team) are too dogmat
Damian Menscher wrote:
Please don't. Phishing attempts do not automatically propagate (by
infecting a machine and being re-sent) and therefore are generally
one-time events. As such, they can be trivially changed to evade any
signature-based filter, which must obviously generate a signature
_
On Thu, 2005-01-27 at 16:19 +0100, Paul Bijnens wrote:
> Upgraded this morning to 0.81, and suddenly I have frequently the
> error message "ScanStream: accept() failed" in my logs.
>
> I have enable verbose logging, and notice that *most of the time*
> all is ok, but frequently there is an accept
Damian Menscher wrote:
On Thu, 27 Jan 2005, Sam wrote:
I have yet another question. I have noticed Clam stopping (or at
least to me it appears to be stopping) various phishing attempts. Or am I
wrong?
If this is the case, I will start submitting phishing attemps I see (I
probably get 3 - 4 a day).
Trog wrote:
What software are you using to pass requests/data to clamd?
clamscan-procfilter.pl, a little perlprog to be used in procmail
essential boiling down to
"cat themsg | clamdscan --stdout - > $tempfile",
and examining $tempfile for results.
--
Paul Bijnens, Xplanation
On Thu, 27 Jan 2005, Jim Maul wrote:
> Is it causing you (or anyone for that matter) a problem by clamav
> catching some phishing attempts as opposed to spamassassin catching
> them? Whats really the issue here? You just dont believe clamav is the
> right tool for that job, but is there REALLY
On Thu, 2005-01-27 at 09:45 -0600, Sam wrote:
> (This is directed more at Trog than anyone...) So if one were to submit
> phishing attempts, what do you need? I don't think the virus submission
> page will allow one to submit something without an attachment?
>
> Do you need headers?
>
> Do you
On Thu, Jan 27, 2005 at 12:12:09PM -, Christopher Roberts said:
> > Check the value of "Checks" in /etc/clamav/freshclam.conf (defaults to
> > 12, I think)
>
> Thanks GC, you're a genius. Or perhaps I'm just stupid - I just never
> thought to read the error message that literally - it was set
On Thu, 2005-01-27 at 16:44 +0100, Paul Bijnens wrote:
> Trog wrote:
> > What software are you using to pass requests/data to clamd?
>
> clamscan-procfilter.pl, a little perlprog to be used in procmail
> essential boiling down to
> "cat themsg | clamdscan --stdout - > $tempfile",
> and examining $
On Jan 27, 2005, at 10:33 AM, Tomasz Kojm wrote:
No problem. As a bonus we will create a signature for your domain name
;-)
Just kidding! Honest! I'd NEVER think of having Windows thought of as
a virus... :-)
___
http://lists.clamav.net/cgi-bin/mailma
> [sending notification to receiver]
> It's possible with Amavisd-new to do this,
But there is no way to do this [ send a message to the intended
recipient] via clamav-milter itself?
> but if it's wise??? It can
> confuse the receiver, so inform them good about this kind of messages
> (or make t
> > There was a discussion about this several months ago. Unfortunately,
> > many people (including part of the signature-generation team) are too
> > dogmatic about their feelings that "phishing is bad, so we should block
> > it" to look at it logically.
> Is it causing you (or anyone for that
On Thu, 27 Jan 2005 11:27:00 -0500
Adam Tauno Williams <[EMAIL PROTECTED]> wrote:
> Just my two cents - I agree with the other guy. CLAM should blocks
> virii and worms, and leave SPAM to something else. Just think of the
Phishing IS NOT spam! Is that really so hard to understand?
--
oo
[EMAIL PROTECTED] wrote:
> On Thu, 2005-01-27 at 07:01 -0700, Craig Daters wrote:
>> I'm thinking that someone has submitted this, and we already have the
>> update...but does anyone know for sure if we are safe from this.
>>
>> WORM_BAGLE.AZ is what Trend Net is referring to this as, there
>> mes
On Thu, 27 Jan 2005 11:35:24 -0500
"Don Levey" <[EMAIL PROTECTED]> wrote:
> Hmm... Passed right through my setup, without detection.
> Database updated as recently as 4:am today.
So better update your software ASAP.
--
oo. Tomasz Kojm <[EMAIL PROTECTED]>
(\/)\.
On Thu, 27 Jan 2005 17:29:05 +0100
Tomasz Kojm <[EMAIL PROTECTED]> wrote:
> On Thu, 27 Jan 2005 11:27:00 -0500
> Adam Tauno Williams <[EMAIL PROTECTED]> wrote:
>
> > Just my two cents - I agree with the other guy. CLAM should blocks
> > virii and worms, and leave SPAM to something else. Just th
On Thu, 27 Jan 2005 11:35:24 -0500 in
[EMAIL PROTECTED] "Don Levey"
<[EMAIL PROTECTED]> wrote:
> Hmm... Passed right through my setup, without detection.
And your setup is?
> Database updated as recently as 4:am today.
That's more than 7 *hours* ago...
--
Brian Morrison
bdm at fenrir dot
On Thu, 27 Jan 2005 at 11:35:24 -0500, Don Levey wrote:
> [EMAIL PROTECTED] wrote:
> > On Thu, 2005-01-27 at 07:01 -0700, Craig Daters wrote:
> >>
> >> WORM_BAGLE.AZ is what Trend Net is referring to this as, there
> >> message to me this morning follows:
> >
> > It is detected by Clam as Trojan
> I'm not sure how that could have happened. Did you choose cron in the
> debconf setup, or something else? I wouldn't mind getting to
> the bottom of this.
I really don't recall the setup process. I believe I visited
http://sial.org/howto/clamav/freshclam/ and took the following sentence
to he
Hello,
I just wanted to give the team a big thank you. All I needed to do was
upgrade zlib and compile. Everything is working great.
Gord
CONFIDENTIALITY WARNING: The information in the e:mail is confidential and
privileged. It is intended only for the use of the individual or entity it
On Thu, 27 Jan 2005 17:40:25 +0100
Stefan Hornburg <[EMAIL PROTECTED]> wrote:
> Can you give me a pointer to how Phishing is defined and detected in
> the context of ClamAV ?
See http://www.antiphishing.org/
"What is Phishing?
Phishing attacks use 'spoofed' e-mails and fraudulent websites design
On Thu, 27 Jan 2005, Tomasz Kojm wrote:
Phishing IS NOT spam! Is that really so hard to understand?
Phishing IS NOT a virus! Is that really so hard to understand?
Damian Menscher
--
-=#| Physics Grad Student & SysAdmin @ U Illinois Urbana-Champaign |#=-
-=#| 488 LLP, 1110 W. Green St, Urbana, IL 61
Tomasz Kojm wrote:
On Thu, 27 Jan 2005 11:27:00 -0500
Adam Tauno Williams <[EMAIL PROTECTED]> wrote:
Just my two cents - I agree with the other guy. CLAM should blocks
virii and worms, and leave SPAM to something else. Just think of the
Phishing IS NOT spam! Is that really so hard to understand
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of
> [EMAIL PROTECTED]
> If you have received this
> communication in error, please notify me immediately by telephone or fax
> and delete all copies of the original message.
How can I do that if you don't q
On Thu, 27 Jan 2005 10:57:27 -0600 (CST)
Damian Menscher <[EMAIL PROTECTED]> wrote:
> On Thu, 27 Jan 2005, Tomasz Kojm wrote:
> >
> > Phishing IS NOT spam! Is that really so hard to understand?
>
> Phishing IS NOT a virus! Is that really so hard to understand?
95% of internet worms are not viru
On Jan 27, 2005, at 11:29 AM, Tomasz Kojm wrote:
On Thu, 27 Jan 2005 11:27:00 -0500
Adam Tauno Williams <[EMAIL PROTECTED]> wrote:
Just my two cents - I agree with the other guy. CLAM should blocks
virii and worms, and leave SPAM to something else. Just think of the
Phishing IS NOT spam! Is that
Damian Menscher wrote:
On Thu, 27 Jan 2005, Tomasz Kojm wrote:
Phishing IS NOT spam! Is that really so hard to understand?
Phishing IS NOT a virus! Is that really so hard to understand?
Ok, so its not a virus, and its not spam. So neither product should
detect it your saying? How about both pro
On Thu, 27 Jan 2005, Tomasz Kojm wrote:
On Thu, 27 Jan 2005 Damian Menscher <[EMAIL PROTECTED]> wrote:
> On Thu, 27 Jan 2005, Tomasz Kojm wrote:
> >
> > Phishing IS NOT spam! Is that really so hard to understand?
>
> Phishing IS NOT a virus! Is that really so hard to understand?
95% of internet
Nigel,
You are far too detailed.
Gord
CONFIDENTIALITY WARNING: The information in the e:mail is confidential and
privileged. It is intended only for the use of the individual or entity it
is addressed to. If the reader of this message is not the intended
recipient, or the authorized agent
> Ok, so its not a virus, and its not spam. So neither product should
> detect it your saying? How about both products detect it, we have
> overlap, and users are happy cause they dont have to deal with this crap
> in their inbox.
Personally, I'd love to have it as a config option in clamd.conf.
On Thu, 27 Jan 2005, Jim Maul wrote:
Is it causing you (or anyone for that matter) a problem by clamav catching
some phishing attempts as opposed to spamassassin catching them? Whats
really the issue here? You just dont believe clamav is the right tool for
that job, but is there REALLY a probl
I am building clamav from src rpm from crash-hat. It build just fine
but i get the message:
configure: WARNING: ** This ClamAV installation may be linked against
configure: WARNING: ** a broken zlib version. Please DO NOT report any
configure: WARNING: ** stability problems to the Cl
Damian Menscher wrote:
On Thu, 27 Jan 2005, Jim Maul wrote:
Is it causing you (or anyone for that matter) a problem by clamav
catching some phishing attempts as opposed to spamassassin catching
them? Whats really the issue here? You just dont believe clamav is
the right tool for that job, but
On Thu, 27 Jan 2005 11:08:12 -0600 (CST)
Damian Menscher <[EMAIL PROTECTED]> wrote:
> ...which is why, in my original email, I referred to things that
> propagate automatically without intervention from their author.
OK, so what about the trojans? ;-)
--
oo. Tomasz Kojm <[EM
Sam said:
>
> Also to Damian: I understand what you are saying, but tend to agree more
> with Jim. What does it matter who catches it as long as it's caught?
The answer to this is simple: my policy for dealing with spam is quite
different than my policy for dealing with viruses. Spam is annoying,
On Thu, 27 Jan 2005, Tomasz Kojm wrote:
On Thu, 27 Jan 2005 Damian Menscher <[EMAIL PROTECTED]> wrote:
> ...which is why, in my original email, I referred to things that
> propagate automatically without intervention from their author.
OK, so what about the trojans? ;-)
I take the somewhat-unusu
On Thu, 27 Jan 2005 11:27:48 -0600 (CST)
Damian Menscher <[EMAIL PROTECTED]> wrote:
> On Thu, 27 Jan 2005, Tomasz Kojm wrote:
> > On Thu, 27 Jan 2005 Damian Menscher <[EMAIL PROTECTED]> wrote:
> >
> > > ...which is why, in my original email, I referred to things that
> > > propagate automatical
Jim Maul wrote:
If my car is broken usually I take it to a mechanic. But if a friend of
mine who happens to be a plumber can fix it also, does it really matter
if I bring it to him instead? No.
-Jim
Ok, I took part in the previous discussion and I accept the developers
decision. But I just..
el
Jan 27 11:38:01 ... clamd[27135]: clamd daemon devel-20050127 (OS:
linux-gnu,ARCH: i386, CPU: i686)
# freshclam -V
ClamAV devel-20050127/689/Thu Jan 27 07:33:10 2005
# freshclam -v
Current working dir is /.../
Max retries == 5
ClamAV update process started at Thu Jan 27 11:49:0
On Thu, 27 Jan 2005 11:59:24 -0600 (CST)
Michael Brennen <[EMAIL PROTECTED]> wrote:
>
> I've been running clamav for quite some time, generally following CVS.
> The build and install procedures are well established and have worked
> for a long time. After the latest CVS upgrade I'm suddenly gett
You know, this gets old real quick!
Back when this debate first started (around November or so) I never
thought it would stop.
In November I decided to do 2 things 1 log what virus's were being
caught, where they were going, and what virus was detected.
Out of 446 detected viruses, 167 were phish
From:
http://www.infoworld.com/article/05/01/21/04FEphishing_1.html?source=NLC-WS2005-01-26
Phishers are employing increasingly sophisticated techniques, such as
malicious code buried in images, keystroke-logging applications that
download as soon as an e-mail is opened, and spoofed Web sites tha
On Thu, 27 Jan 2005 16:59:57 - in
[EMAIL PROTECTED] "Nigel Horne"
<[EMAIL PROTECTED]> wrote:
> > -Original Message-
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] Behalf Of
> > [EMAIL PROTECTED]
>
> > If you have received this
> > communication in error, please notify me im
On Thu, 2005-01-27 at 09:25 -0800, Dennis Peterson wrote:
>
> We do a lot of on-line commerce. We cannot tolerate many false positives.
> Phishing exploits are something we deal with through education first, and
> filtering second. As phishers become more sophisticated and numerous false
> positi
On Thu, 27 Jan 2005, Trog wrote:
On Thu, 2005-01-27 at 09:25 -0800, Dennis Peterson wrote:
> We do a lot of on-line commerce. We cannot tolerate many false positives.
> Phishing exploits are something we deal with through education first, and
> filtering second. As phishers become more sophisticate
On Thu, 2005-01-27 at 11:14 -0600, Damian Menscher wrote:
> On Thu, 27 Jan 2005, Jim Maul wrote:
> >
> > Is it causing you (or anyone for that matter) a problem by clamav catching
> > some phishing attempts as opposed to spamassassin catching them? Whats
> > really the issue here? You just dont
> trying to start clamav-milter from 0.81 I get:
>
> Starting clamav-milter: /usr/sbin/clamav-milter: ScanMail not defined in
> /etc/clamd.conf (needed without --external)
What are your clamav-milter options?
> Petr
Hi Guys
Sorry this thread doesn't follow, I have just sbscribed here, and dont have
On Thu, 2005-01-27 at 12:32 -0600, Damian Menscher wrote:
> >
> > And how many Phishing false positives have you had exactly?
>
> All of them. ;)
>
> Seriously, that's an unfair question. When you're deleting people's
> email, how would they find out if there was a false positive? With
> s
On Thu, 2005-01-27 at 18:37 +, Kul wrote:
> > trying to start clamav-milter from 0.81 I get:
> >
> > Starting clamav-milter: /usr/sbin/clamav-milter: ScanMail not defined in
> > /etc/clamd.conf (needed without --external)
>
> What are your clamav-milter options?
>
Uncomment the ScanMail
Damian Menscher wrote:
On Thu, 27 Jan 2005, Trog wrote:
On Thu, 2005-01-27 at 09:25 -0800, Dennis Peterson wrote:
> We do a lot of on-line commerce. We cannot tolerate many false
positives.
> Phishing exploits are something we deal with through education
first, and
> filtering second. As phishers
The more tools that you have the likelihood of filtering it out increases.
Just because I run ClamAv on the mail exchanger does not mean I do not run
AV on our Exchange server and all of our desktop machines. Firewalls can do
IDS functions, AV applications for the desktop are now including Anti Sp
On Thu, 27 Jan 2005, Trog wrote:
On Thu, 2005-01-27 at 12:32 -0600, Damian Menscher wrote:
> Seriously, that's an unfair question. When you're deleting people's
> email, how would they find out if there was a false positive? With
> spam, it's standard practice to review a junk-mail box for fals
On Thu, 2005-01-27 at 18:37, Kul wrote:
> > trying to start clamav-milter from 0.81 I get:
> >
> > Starting clamav-milter: /usr/sbin/clamav-milter: ScanMail not defined in
> > /etc/clamd.conf (needed without --external)
>
> What are your clamav-milter options?
>
> > Petr
>
> Hi Guys
> Sorry
On Thu, 27 Jan 2005, Jim Maul wrote:
> What if the plumber and the mechanic work on it together? ;)
What if the electrician goes to night school to learn ornithology?
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
On Thu, 2005-01-27 at 12:45 -0600, Damian Menscher wrote:
> Another is your assertion that my "initial assumptions" were incorrect
> when I suggested that phishing signatures were more likely to create
> false positives as a result of being more likely to be matching
> plaintext. Which initial
On Thu, 27 Jan 2005, Trog wrote:
On Thu, 2005-01-27 at 12:45 -0600, Damian Menscher wrote:
> Another is your assertion that my "initial assumptions" were incorrect
> when I suggested that phishing signatures were more likely to create
> false positives as a result of being more likely to be match
> trying to start clamav-milter from 0.81 I get:
>
> Starting clamav-milter: /usr/sbin/clamav-milter: ScanMail not defined in
> /etc/clamd.conf (needed without --external)
What are your clamav-milter options?
> Petr
Hi Guys
Sorry this thread doesn't follow, I have just sbscribed here, and don
1 - 100 of 125 matches
Mail list logo
