Re: [Clamav-users] Linux virus found in the /.journal file

2005-03-31 Thread Fred Jakobza
remount for root (/*) is not possible. Only with reboot and from cdrom. Then it begs the question... Why bother to upgrade an EXT2 filesystem to EXT3, if there is no intention of remounting it as EXT3? If the intention is to take advantage of the journaling, then schedule a reboot. Otherwise, th

Re: [Clamav-users] clamav-milter LogFile

2005-03-31 Thread Nigel Horne
On Wednesday 30 Mar 2005 12:39, Tayfun Asker wrote: > i've just switched to 0.83 from 0.80. in 0.83 clamav-milter scans > emails without the use of clamd. LogFile feature of clamd used to be > very helpful for us. it may be usefull to have a LogFile option for > clamav-milter. Please raise at

RE: [Clamav-users] Linux virus found in the /.journal file

2005-03-31 Thread Cormack, Ken
-Original Message- From: Fred Jakobza [mailto:[EMAIL PROTECTED] Sent: Thursday, March 31, 2005 3:17 AM To: ClamAV users ML Subject: Re: [Clamav-users] Linux virus found in the /.journal file ::snip:: > The root was remounted after reboot and after creation of ext3. > the ctime of the .jo

[Clamav-users] Disallowed characters found in MIME headers

2005-03-31 Thread Kenneth Dalbjerg
Hello Can i disable check for "Disallowed characters found in MIME headers", i use clamav, width qmailscanner. Regards Kenneth Dalbjerg ___ http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] Disallowed characters found in MIME headers

2005-03-31 Thread Nigel Horne
On Thursday 31 Mar 2005 14:45, Kenneth Dalbjerg wrote: > > Hello > > Can i disable check for "Disallowed characters found in MIME headers", i > use clamav, width qmailscanner. That would be a mistake since it would not flag up possible decoding problems. > Regards Kenneth Dalbjerg -- Nigel

Re: [Clamav-users] Linux virus found in the /.journal file

2005-03-31 Thread Stephen Gran
On Thu, Mar 31, 2005 at 10:17:00AM +0200, Fred Jakobza said: > > > >>remount for root (/*) is not possible. Only with reboot and from cdrom. > > > > > >Then it begs the question... Why bother to upgrade an EXT2 filesystem to > >EXT3, if there is no intention of remounting it as EXT3? > > > >If the

Re: [Clamav-users] Disallowed characters found in MIME headers

2005-03-31 Thread Pierluigi Di Lorenzo
Nigel Horne wrote: On Thursday 31 Mar 2005 14:45, Kenneth Dalbjerg wrote: Hello Can i disable check for "Disallowed characters found in MIME headers", i use clamav, width qmailscanner. it's a issue of qmailscanner, look the faq in the site. You can't disable check, (be aware of \n\r in php mail f

[Clamav-users] New Virus?

2005-03-31 Thread Jeffry Bilder
Just seen a virus come through, I dont know what email it was attached with, but it appears to run an executable called pserv.exe. I dont know if there are any others that are included as well, but has anyone seen this yet? Is there a removal tool? Google has no info on this virus. Thanks! - Je

RE: [Clamav-users] New Virus?

2005-03-31 Thread Jeffrey Kroll
You shouldn't be allowing .exe's anyway ... Its common knowledge that .exe .com .bat .pif .scr are all not normal file transmissions. I would never ever allow a file extension from the listed above to ever be accepted as a attachment to a e-mail ... It should automaticly be denied at the mailserver

RE: [Clamav-users] New Virus?

2005-03-31 Thread Ken Jones
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 > You shouldn't be allowing .exe's anyway ... Its common knowledge that > .exe .com .bat .pif .scr are all not normal file transmissions. I would > never ever allow a file extension from the listed above to ever be > accepted as a attachment to a e-ma

RE: [Clamav-users] New Virus?

2005-03-31 Thread Chris Heiner
Does Clam AV block .exe by default? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jeffrey Kroll Sent: Thursday, March 31, 2005 10:58 AM To: ClamAV users ML Subject: RE: [Clamav-users] New Virus? You shouldn't be allowing .exe's anyway ... Its common kn

RE: [Clamav-users] New Virus?

2005-03-31 Thread Gary Buckmaster
No, it does not. That is the responsibility of your mail server or subsidiary software (ie: mailscanner, amavisd-new, etc.) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Chris Heiner Sent: Thursday, March 31, 2005 1:43 PM To: 'ClamAV users ML' Subject: RE:

[Clamav-users] Managing the CLAM

2005-03-31 Thread Chris Heiner
Are there any good command mode instructions to retrieve update information and other log information on the Clam AV.? The only command we are aware of is "freshclam". We downloaded the 67 page PDF, but there inst much there. Please excuse the "newbie" question. We have never used Clam AV before.

[Clamav-users] Is this a bug with virus database or update scripts ???

2005-03-31 Thread Joanna Roman
I noticed that a lot of virus sigs are not available in the virus database. For example, I tried to search in the virus database (http://clamav-du.securesites.net/cgi-bin/clamgrok) for HTML.Phishing.Bank-156, which is in the latest updates (http://lurker.clamav.net/message/20050331.095845.0b407689.

Re: [Clamav-users] Is this a bug with virus database or update scripts ???

2005-03-31 Thread Securiteinfo.com
Hello, Le vendredi 1 Avril 2005 00:50, Joanna Roman a écrit : > I noticed that a lot of virus sigs are not available > in the virus database. For example, I tried to search > in the virus database > (http://clamav-du.securesites.net/cgi-bin/clamgrok) > for HTML.Phishing.Bank-156, which is in the l

Re: [Clamav-users] New Virus?

2005-03-31 Thread Niek
On 3/31/2005 8:58 PM +0100, Jeffrey Kroll wrote: You shouldn't be allowing .exe's anyway ... Its common knowledge that .exe .com .bat .pif .scr are all not normal file transmissions. I would never ever allow a file extension from the listed above to ever be accepted as a attachment to a e-mail ...

RE: [Clamav-users] New Virus?

2005-03-31 Thread Matthew.van.Eerde
Niek wrote: > On 3/31/2005 8:58 PM +0100, Jeffrey Kroll wrote: >> You shouldn't be allowing .exe's anyway ... Its common knowledge that >> .exe .com .bat .pif .scr > Headers from your mail: > X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0 > X-MS-Has-Attach: > X-MS-TNEF-Correlator: > Thread-T

Re: [Clamav-users] Is this a bug with virus database or update scripts ???

2005-03-31 Thread Joanna Roman
--- "Securiteinfo.com" <[EMAIL PROTECTED]> wrote: > Hello, > > Le vendredi 1 Avril 2005 00:50, Joanna Roman a > écrit : > > I noticed that a lot of virus sigs are not > available > > in the virus database. For example, I tried to > search > > in the virus database > > > (http://clamav-du.securesi