On Monday 07 Feb 2005 20:17, Christopher X. Candreva wrote:
> I was useing --external mode when I saw this. Turning that off seems to
> have fixed things.
It looks to me as though the SESSION command if clamd still has some problems.
You can disable its use from clamav-milter by undefining SESSI
Thanks, Rene,
I recompiled normally... not in debug mode and seems to be working fine. I
have a couple more question though... See below...
06:35:14.68 2 SMTPI-7(cgr4u.com) [30014] received, 978 bytes
06:35:14.69 2 QUEUE([30014]) from <[EMAIL PROTECTED]>, 978 bytes
(<[EMAIL PROTECTED]>)
0
Hi guys,
I upgraded to 0.82, which fixed the "Failed to delete X-Virus-Status header
1" error.
However relayed emails are still being scanned twice.
I've put up part of my logfile here: http://www.sanichar.net/maillog.html
The emails are being send to mathieu at sanichar dot nl which are relayed t
I'm seeing several false positives for Exploit.W32.MS05-002 since I
upgraded to 0.82 yesterday. I've posted samples to the submission
website but would like to do something about this. Using "sigtool -l"
doesn't list Exploit.W32.MS05-002 as a signature in the database, is
there any way I can
Hie All
Could anybody please assist I recently installed a clamav 0.81 but when I
run the command:
/usr/local/bin/freshclam -v
I get the following error :
[EMAIL PROTECTED] root]# /usr/local/bin/freshclam -v
ERROR: Please edit the example config file /usr/local/etc/freshclam.conf.
Current wor
> Hie All
>
> Could anybody please assist I recently installed a clamav 0.81 but when I
> run the command:
>
> /usr/local/bin/freshclam -v
>
> I get the following error :
>
>
> [EMAIL PROTECTED] root]# /usr/local/bin/freshclam -v
> ERROR: Please edit the example config file /usr/local/etc/freshcl
On Tue, 2005-02-08 at 15:22 +0200, [EMAIL PROTECTED] wrote:
> Hie All
>
> Could anybody please assist I recently installed a clamav 0.81 but when I
> run the command:
>
> /usr/local/bin/freshclam -v
>
> I get the following error :
>
>
> [EMAIL PROTECTED] root]# /usr/local/bin/freshclam -v
> E
On Tuesday 08 Feb 2005 11:44, Mathieu Sanichar wrote:
> or like spamd wait for sendmail to finish accepting delivery of the message
> before scanning.
Use LocalSocket in clamd.conf, or don't use --external to achieve the above.
--
Nigel Horne. Arranger, Composer, Typesetter.
NJH Music, Barnsl
Francis Stevens wrote:
> I'm seeing several false positives for Exploit.W32.MS05-002
> since I upgraded to 0.82 yesterday. I've posted samples to
> the submission website but would like to do something about
> this. Using "sigtool -l"
> doesn't list Exploit.W32.MS05-002 as a signature in the
or like spamd wait for sendmail to finish accepting delivery of the
message
before scanning.
Use LocalSocket in clamd.conf, or don't use --external to achieve the
above.
I use LocalSocket, here is my current clamd.conf
LocalSocket /var/run/clamav/clamav.sock
FixStaleSocket
LogFile /var/log/clamd
Thanks
I had initially commented out this line but I then reinstalled clamav and
I forgot to comment it out again.
Thanks a million.
I feel like an idiot for wasting everybody's time.
Sorry guys..
Will be on the watch for next time.
regards
Gibson
>
>> Hie All
>>
>> Could anybody please a
> [mailto:[EMAIL PROTECTED] Behalf Of Mathieu
> Sanichar
> Sent: 08 February 2005 14:36
> To: ClamAV users ML
> Subject: [Clamav-users] Re: clamav 0.82 still checking relayed mail
> twice
>
>
> >
> >> or like spamd wait for sendmail to finish accepting delivery of the
> >> message
> >> before sc
> >
> > Use LocalSocket in clamd.conf, or don't use --external to achieve the
> > above.
>
> I use LocalSocket, here is my current clamd.conf
>
>In that case clamav-milter *does* wait for all the message to
>be received before scanning.
Oke, here is my complete config:
Fedora core 2, sendmail, spa
Francis Stevens wrote:
I'm seeing several false positives for Exploit.W32.MS05-002 since I
upgraded to 0.82 yesterday. I've posted samples to the submission
website but would like to do something about this. Using "sigtool -l"
doesn't list Exploit.W32.MS05-002 as a signature in the database, i
Odhiambo Washington [EMAIL PROTECTED] wrote:
> * Julian Mehnle <[EMAIL PROTECTED]> [20050208 06:02] wrote:
12345678901234567890123456789012345678901234567890123456789012345678901234
> > This is what I am doing:
> > http://julian.io.link-m.de/misc/rejected-messages
> >
* Francis Stevens <[EMAIL PROTECTED]>:
> Finally worked out how to (correctly) revert to 0.81, had to remove the
> libraries in /usr/local/lib before doing the "make install" for 0.81.
> I'm no longer getting the false positives, just the WARNING message from
> freshclam - which I'm happy to ig
Ralf Hildebrandt wrote:
* Francis Stevens <[EMAIL PROTECTED]>:
Finally worked out how to (correctly) revert to 0.81, had to remove the
libraries in /usr/local/lib before doing the "make install" for 0.81.
I'm no longer getting the false positives, just the WARNING message from
freshclam - which
* Francis Stevens <[EMAIL PROTECTED]>:
> My "fix" was to go back to 0.81. Hopefully the ClamAV team will be able
> to suggest a better one
My point exactly.
--
Ralf Hildebrandt (i.A. des IT-Zentrum) [EMAIL PROTECTED]
Charite - Universitätsmedizin BerlinTel. +49 (0)30
On Tue, 2005-02-08 at 15:31 +, Francis Stevens wrote:
> >
> > Same here, what is the fix?
> >
>
> My "fix" was to go back to 0.81. Hopefully the ClamAV team will be able
> to suggest a better one
>
You can apply the enclosed patch if you want less stringent checking.
-trog
--- lib
* Trog <[EMAIL PROTECTED]>:
> You can apply the enclosed patch if you want less stringent checking.
Is that in the CVS as well?
--
Ralf Hildebrandt (i.A. des IT-Zentrum) [EMAIL PROTECTED]
Charite - Universitätsmedizin BerlinTel. +49 (0)30-450 570-155
Gemeinsame Einrichtung
On Tue, 2005-02-08 at 16:42 +0100, Ralf Hildebrandt wrote:
> * Trog <[EMAIL PROTECTED]>:
>
> > You can apply the enclosed patch if you want less stringent checking.
>
> Is that in the CVS as well?
>
Yes.
-trog
signature.asc
Description: This is a digitally signed message part
__
Tomasz Kojm wrote:
On Mon, 07 Feb 2005 18:07:57 +0200
Alexandr Harlampov <[EMAIL PROTECTED]> wrote:
Is anybody here can help me what should I do if clamav gives such
errors ? :
1.temporary failure. Command output: Segmentation fault
2.temporary failure.Command output: LibClamAV Error: hex2int()
Trog wrote:
You can apply the enclosed patch if you want less stringent checking.
Tried the patch and it fixes the problem for all the false positives
I've seen so far, so it looks good to me. Will this make it into 0.83?
Thanks for the rapid response.
FAS
___
On Tue, 08 Feb 2005 18:04:03 +0200
Alexandr Harlampov <[EMAIL PROTECTED]> wrote:
> (temporary failure. Command output: LibClamAV Error: cli_parse_add():
> Problem adding signature (3). LibClamAV Error: Problem parsing
> signature at line 22848 LibClamAV Error: Problem parsing database at
> line 2
On Tue, 2005-02-08 at 16:11 +, Francis Stevens wrote:
>
> Tried the patch and it fixes the problem for all the false positives
> I've seen so far, so it looks good to me. Will this make it into 0.83?
>
> Thanks for the rapid response.
>
Yes, I would expect so.
BTW, all the "false positiv
Trog wrote:
BTW, all the "false positives" I've seen so far are also reported as
broken by the showriff utility, which was written specifically to check
these files.
For example:
$ showriff virus-2005-02-08-n0009134
Contents of file virus-2005-02-08-n0009134 (18926/0x8926 bytes):
All the problem fi
On Tue, 2005-02-08 at 16:32 +, Francis Stevens wrote:
> All the problem files I've had are Powerpoint and Word files. For the
> Powerpoint files it was a common background image.
Is it wise to update to clamav 0.82 given the large number
of false positives been reported?
Regards,
* Francis Stevens <[EMAIL PROTECTED]>:
> All the problem files I've had are Powerpoint and Word files. For the
> Powerpoint files it was a common background image.
Same here!
--
Ralf Hildebrandt (i.A. des IT-Zentrum) [EMAIL PROTECTED]
Charite - Universitätsmedizin BerlinTe
I'm getting the following error when running freshclam ...
# /usr/bin/freshclam -l /var/log/clamav/clam-update.log
ERROR: Please edit the example config file /etc/freshclam.conf.
ERROR: You must specify at least one database mirror.
In the freshclam.conf i've specified the following ...
# Use
On Tuesday 08 February 2005 01:01 pm, Matt Smith wrote:
>
> # /usr/bin/freshclam -l /var/log/clamav/clam-update.log
> ERROR: Please edit the example config file /etc/freshclam.conf.
> ERROR: You must specify at least one database mirror.
>
>
> In the freshclam.conf i've specified the following ...
Jerry Keen wrote:
Thanks, Rene,
I recompiled normally... not in debug mode and seems to be working fine. I
have a couple more question though... See below...
06:35:14.68 2 SMTPI-7(cgr4u.com) [30014] received, 978 bytes
06:35:14.69 2 QUEUE([30014]) from <[EMAIL PROTECTED]>, 978 bytes
(<[EMA
Group,
I am trying to get CLAMD 0.82 to recognize and utilize Dazuko 2.0.5, on a RH
ES3.0 Linux system with kernel 2.4.21-27.0.1.EL installed.
In my /etc/rc.d/init.d/clamd start/stop script for clamd, I load the dazuko
module without error before calling clamd. (lsmod confirms that the module
do
Just thought someone should know. I'd like to see that up and running -
Thunderbird has GREAT rss support ;-)
--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
___
On Monday 07 February 2005 06:52, Nathaniel Jason Dube shaped the electrons to
say:
> I want to set up a filter in Kmail to scan my email for viruses like I have
> spamassasian checking for spam.ÂÂCanÂsomeoneÂtellÂmeÂhowÂtoÂdoÂthat?
What version of Kmail are you running. You should have tools ->
Here is a port of clamav-0.82 which may work on 35 and 36.
Thanks to John [EMAIL PROTECTED]
-Message d'origine-
De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de
John
Envoyé : mardi 8 février 2005 22:21
À : [EMAIL PROTECTED]
Objet : ClamAV 0.82 Port
Hello,
I have attached a
Hello,
My typical use case for ClamAV is for catching a worm on a Windows machine,
which can not be online (because the worm would send spam or propagate). My
Linux machine is not infected and I don't want to install anything on it.
So, I would like to download a Windows binary and a fresh vir
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Mikhail
Ramendik
Sent: Tuesday, February 08, 2005 4:50 PM
To: clamav-users@lists.clamav.net
Subject: [Clamav-users] Downloading virus base manually?
>I looked at the clamav.net site and could not find a way to download a
fresh
>base with
Clamav-milter (0.82) died this afternoon. As far as I can see, this is the
first error that appears in clamd.log. After that, there are many similar
ones.
LibClamAV Warning: j17LZE5n030858: /var/spool/clamav/msg.sUSLWW: Access
denied.
ERROR
I stopped sendmail and clamd, did an rm -fr the conten
René Berber wrote:
There's something wrong with this log: there is no "EXTFILTER(ClamAV)"
messages. I only get those and none of the "ENQUEUERRULES"; you must
have moved the default Message Enqueuer log level (I have it at Problems).
Oops! correction, I do have those messages too, for example:
2
Hello,
I have yesterday upgraded to 0.82 on two servers (RedHat 7.3 kernel
2.4.24) yesterday morning and everything went fine. This morning I found
that on both servers clamd is running but viruses are not detected. I
run freshclam from cron every hour between 15 and 45 minutes randomly so
both
Hi,
Am Dienstag Februar 8 2005 22:33 schrieb Scott Ryan:
> If you cant / dont want to upgrade kmail, then i suggest running one
> filter (placed at the top of the filter list) to pipe the message
> through a command based on size (if message < 500k). Set that command
> to be clamscan (or clamdscan
41 matches
Mail list logo
