Hello clamav-users,
i've just tried to use 0.85 and 0.85.1 instead of my 0.84 but i
found an error massage on starting clamav-milter ("Permission
denied"). is there any chance to solve this little problem?
p.s. sorry about my english...
--
Best regards,
Sergey
On Mon, 16 May 2005, Todd Lyons wrote:
> From: Todd Lyons <[EMAIL PROTECTED]>
> To: ClamAV users ML
> Date: Mon, 16 May 2005 10:14:26 -0700
> Subject: Re: [Clamav-users] sober.p and german adverts?
> Reply-To: ClamAV users ML
...
> Some ISP's don't allow you to relay mail through them if it's
[EMAIL PROTECTED] wrote:
> Hello,
>
> I'm running clamav (currently version 0.85) on two separate
> servers and my home notebook and recently noticed odd
> behavior when running freshclam.
> While on one server and my notebook it always both displays
> to the console and logs information about bot
On Tue, 17 May 2005 12:50:58 +0800
"Awie" <[EMAIL PROTECTED]> wrote:
> All,
>
> I cannot run Freshclam in DNS mode, it always fall back to HTTP. Below
> attached the message from my machine;
>
> [EMAIL PROTECTED] root]# freshclam
> ClamAV update process started at Tue May 17 12:43:32 2005
> WARN
On Tue, 17 May 2005 11:16:54 +0400
Sergey <[EMAIL PROTECTED]> wrote:
> Hello clamav-users,
>
>i've just tried to use 0.85 and 0.85.1 instead of my 0.84 but i
>found an error massage on starting clamav-milter ("Permission
>denied"). is there any chance to solve this little problem?
I
On Tue, 2005-05-17 at 12:12, Tomasz Kojm wrote:
> On Tue, 17 May 2005 12:50:58 +0800
> "Awie" <[EMAIL PROTECTED]> wrote:
> > WARNING: DNS record is older than 3 hours.
>
> [...]
>
> > but why Freshclam cannot run in DNS? What things should I fix?
>
> System time?
Or maybe your local DNS server
Tomasz Kojm wrote:
On Tue, 17 May 2005 11:16:54 +0400
Sergey <[EMAIL PROTECTED]> wrote:
Hello clamav-users,
i've just tried to use 0.85 and 0.85.1 instead of my 0.84 but i
found an error massage on starting clamav-milter ("Permission
denied"). is there any chance to solve this little probl
On Tue, 17 May 2005 12:55:36 +0200
Kritof Petr <[EMAIL PROTECTED]> wrote:
> Sergey is right. This bug is not fixed.
>
>
> May 17 12:36:41 server clamd: clamd startup succeeded
> May 17 12:36:41 server clamd[27991]: HTML support enabled.
> May 17 12:36:41 server clamd[27991]: Self checking every
Hello Tomasz,
Tuesday, May 17, 2005, 2:58:41 PM, you wrote:
TK> On Tue, 17 May 2005 12:55:36 +0200
TK> Kritof Petr <[EMAIL PROTECTED]> wrote:
>> Sergey is right. This bug is not fixed.
>>
>>
>> May 17 12:36:41 server clamd: clamd startup succeeded
>> May 17 12:36:41 server clamd[27991]: HTML
Hello Tomasz,
Tuesday, May 17, 2005, 2:27:00 PM, you wrote:
TK> On Tue, 17 May 2005 11:16:54 +0400
TK> Sergey <[EMAIL PROTECTED]> wrote:
>> Hello clamav-users,
>>
>>i've just tried to use 0.85 and 0.85.1 instead of my 0.84 but i
>>found an error massage on starting clamav-milter ("Permi
On Tue, 2005-05-17 at 15:10 +0400, Sergey wrote:
>
> what do you mean by "properly"?
> there were no errors while i was installing it.
> i used just the same option that i used for installing 0.84 or there
> is in 0.85 some "new extra installation stuff" that i missed?
>
Check the permission
On Tue, 17 May 2005 15:10:12 +0400
Sergey <[EMAIL PROTECTED]> wrote:
> Hello Tomasz,
>
> Tuesday, May 17, 2005, 2:27:00 PM, you wrote:
>
> TK> On Tue, 17 May 2005 11:16:54 +0400
> TK> Sergey <[EMAIL PROTECTED]> wrote:
>
> >> Hello clamav-users,
> >>
> >>i've just tried to use 0.85 and 0.85
Tomasz Kojm wrote:
On Tue, 17 May 2005 12:55:36 +0200
Krištof Petr <[EMAIL PROTECTED]> wrote:
Sergey is right. This bug is not fixed.
May 17 12:36:41 server clamd: clamd startup succeeded
May 17 12:36:41 server clamd[27991]: HTML support enabled.
May 17 12:36:41 server clamd[27991]: Self checkin
Hello Tomasz,
Tuesday, May 17, 2005, 3:17:34 PM, you wrote:
TK> On Tue, 17 May 2005 15:10:12 +0400
TK> Sergey <[EMAIL PROTECTED]> wrote:
>> Hello Tomasz,
>>
>> Tuesday, May 17, 2005, 2:27:00 PM, you wrote:
>>
>> TK> On Tue, 17 May 2005 11:16:54 +0400
>> TK> Sergey <[EMAIL PROTECTED]> wrote:
>>
Hello Trog,
Tuesday, May 17, 2005, 3:13:49 PM, you wrote:
T> On Tue, 2005-05-17 at 15:10 +0400, Sergey wrote:
>>
>> what do you mean by "properly"?
>> there were no errors while i was installing it.
>> i used just the same option that i used for installing 0.84 or there
>> is in 0.85 some "ne
On May 16, 2005, at 5:43 PM, Dennis Peterson wrote:
Most of the spam I've gotten the last three days is from comcast.net.
Apparently they allow their customers to send out to port 25. They
should
lock that down so that spam goes out through their own servers so they
can
feel the pain when they ar
Sergey wrote:
[...]
> -rw-r- 1 rootclamav 1265 May 17 15:40 clamd.log
^^
How clamd (in realy user clamav.clamav) can write to this file??
[...]
--
Andrzej Zawadzki
___
http://lurker.clamav.net/list/clamav-users.h
> On Tue, 2005-05-17 at 12:12, Tomasz Kojm wrote:
> > On Tue, 17 May 2005 12:50:58 +0800
> > "Awie" <[EMAIL PROTECTED]> wrote:
>
> > > WARNING: DNS record is older than 3 hours.
> >
> > [...]
> >
> > > but why Freshclam cannot run in DNS? What things should I fix?
> >
> > System time?
System t
Hello,
> > System time?
>
> Or maybe your local DNS servers.
>
> I had a similar problem a few weeks ago.
> I was using Windows 2000 DNS servers, and they were having trouble
> caching the TXT record for ClamAV updates. Restarting the DNS server
> services on the Windows machines helped me out.
>
One final point here, I know I, and I'm sure many of you, have seen or come
into contact with infected exchange serverson static ip addresses. The
fact that it's static, or in fact, a business connection, speaks not a thing
for the competence of the administrator, or the security of the ser
On Tue, 2005-05-17 at 15:44 +0400, Sergey wrote:
> T> Check the permissions on your log file. They must be accessible by the
> T> user the milter runs as.
>
> T> -trog
>
>
> they are accesseble
>
No they aren't. Actually look at the file permissions this time.
-trog
signature.asc
Descript
Hello Kriљtof,
Tuesday, May 17, 2005, 3:22:21 PM, you wrote:
KP> Tomasz Kojm wrote:
>>On Tue, 17 May 2005 12:55:36 +0200
>>Kriљtof Petr <[EMAIL PROTECTED]> wrote:
>>
>>
>>
>>>Sergey is right. This bug is not fixed.
>>>
>>>
>>>May 17 12:36:41 server clamd: clamd startup succeeded
>>>May 17 12:3
Sergey wrote:
Hello Kriљtof,
KP> # grep User /etc/clamd.conf
KP> User clamav
Shouldn't the conf files be in /usr/local/etc/ ???
That's how it works for me and my log file is owned by clamav
Cheers
Bill
--
What's the difference between Linux and Windoze?
Linux - Thousands of programmers are worki
On Tue, 2005-05-17 at 13:53, Awie wrote:
> Below the result of dig in my machine. It seems can reach
> current.cvd.clamav.net.
>
> Please advise.
> ===SNIP===
>
> [EMAIL PROTECTED] root]# dig current.cvd.clamav.net txt
>
> ; <<>> DiG 9.2.4 <<>> current.cvd.clamav.net txt
> ;; global options:
On Tue, 17 May 2005, Sergey wrote:
> i've just noticed the same thing. clamd.log is made by root. but 0.84
> doesn't care about that it works properly.
Yes -- this is what I posted about Sat morning.
Previous to 0.85, clamav-milter didn't care if it couldn't write to it's log
file.
Starting wi
Hello Andrzej,
Tuesday, May 17, 2005, 3:52:31 PM, you wrote:
AZ> Sergey wrote:
AZ> [...]
>> -rw-r- 1 rootclamav 1265 May 17 15:40 clamd.log
AZ> ^^
AZ> How clamd (in realy user clamav.clamav) can write to this file??
AZ> [...]
i've no idea, but 0.84 does
On Tue, 17 May 2005, Sergey wrote:
> >> -rw-r- 1 rootclamav 1265 May 17 15:40 clamd.log
> AZ> ^^
> i've no idea, but 0.84 does.
To be more helpfull -- 0.84 can't write to it either, it just ran anyway.
Make sure whatever script you use the cycles log fil
On May 17, 2005, at 2:17 AM, Alan Premselaar wrote:
Jef Poskanzer wrote:
..snip...
And finally, if you want to run a check on the HELO string, I find
that just rejecting outside connections that claim a HELO of your own
hostname gets rid of a very high proportion of crapmail. This
very simple chec
Bart Silverstrim said:
>
> On May 16, 2005, at 5:43 PM, Dennis Peterson wrote:
>
>> Most of the spam I've gotten the last three days is from comcast.net.
>> Apparently they allow their customers to send out to port 25. They
>> should
>> lock that down so that spam goes out through their own servers
Bill Maidment said:
> Sergey wrote:
>> Hello Kritof,
>>
>
>
>> KP> # grep User /etc/clamd.conf
>> KP> User clamav
>>
>
> Shouldn't the conf files be in /usr/local/etc/ ???
> That's how it works for me and my log file is owned by clamav
>
That is dependant upon who built the binaries and the choic
Hello,
On 17 May 2005, at 13:17, Tomasz Kojm wrote:
On Tue, 17 May 2005 15:10:12 +0400
Sergey <[EMAIL PROTECTED]> wrote:
Hello Tomasz,
Tuesday, May 17, 2005, 2:27:00 PM, you wrote:
TK> On Tue, 17 May 2005 11:16:54 +0400
TK> Sergey <[EMAIL PROTECTED]> wrote:
Hello clamav-users,
i've just tried
I have recently installed Clam AV 0.85 and have downloaded the latest updates
through freshclam. We are running this software on a new e-mail gateway server
built with Postfix and Mandrake LE2005. Please excuse my ignorance as I am
very new to this product. My question is that with clamd runn
> This looks fine to me.
> My DNS servers were messing up the expiration time (900 seconds right
> here, as it should be...).
>
> In my freshclam.conf, I have a section that says:
>
> # Use DNS to verify virus database version. Freshclam uses DNS TXT
> records
> # to verify database and software ve
Christopher X. Candreva said:
> On Tue, 17 May 2005, Sergey wrote:
>
>> i've just noticed the same thing. clamd.log is made by root. but 0.84
>> doesn't care about that it works properly.
>
> Yes -- this is what I posted about Sat morning.
>
> Previous to 0.85, clamav-milter didn't care if it could
Sergey said:
> Hello Andrzej,
>
> Tuesday, May 17, 2005, 3:52:31 PM, you wrote:
>
> AZ> Sergey wrote:
> AZ> [...]
>>> -rw-r- 1 rootclamav 1265 May 17 15:40 clamd.log
> AZ> ^^
> AZ> How clamd (in realy user clamav.clamav) can write to this file??
>
> AZ> [...]
On Tue, 17 May 2005, Dennis Peterson wrote:
> You will have solved the problem only if you put this procedure in your
> startup scripts and any tools that rotate your logs.
Gee, I wish I had already posted that -- oh wait, I did.
==
Chris
On Tue, 2005-05-17 at 15:09, Awie wrote:
> I use a new freshclam.conf.
>
> > --
> > What is your configuration?
> > Does it have a DNSDatabaseInfo directive?
> > Maybe you're still using a configuration file from a previous version,
> > from before the DNSDatabasInfo days?
>
> Below attached lin
Hello Dennis,
Tuesday, May 17, 2005, 5:11:43 PM, you wrote:
DP> Sergey said:
>> Hello Andrzej,
>>
>> Tuesday, May 17, 2005, 3:52:31 PM, you wrote:
>>
>> AZ> Sergey wrote:
>> AZ> [...]
-rw-r- 1 rootclamav 1265 May 17 15:40 clamd.log
>> AZ> ^^
>> AZ> How
Christopher X. Candreva said:
> On Tue, 17 May 2005, Dennis Peterson wrote:
>
>> You will have solved the problem only if you put this procedure in your
>> startup scripts and any tools that rotate your logs.
>
> Gee, I wish I had already posted that -- oh wait, I did.
>
Not completely, and not at
Dennis Peterson wrote:
Bill Maidment said:
Sergey wrote:
Hello Krištof,
KP> # grep User /etc/clamd.conf
KP> User clamav
Shouldn't the conf files be in /usr/local/etc/ ???
That's how it works for me and my log file is owned by clamav
That is dependant upon who built the binaries and the choices th
> >
> > Below attached lines in the file
>
> All is looking good as far as I'm concerned.
> I would start sniffing on your server (with ethereal) to see what's
> happening on the wire. Any experience with that?
>
I never use Ethereal (for Linux) before. However, I will learn how to use
it.
I will
Sergey wrote:
Hello Dennis,
Tuesday, May 17, 2005, 5:11:43 PM, you wrote:
DP> Sergey said:
Hello Andrzej,
Tuesday, May 17, 2005, 3:52:31 PM, you wrote:
AZ> Sergey wrote:
AZ> [...]
-rw-r- 1 rootclamav 1265 May 17 15:40 clamd.log
AZ> ^^
AZ> How clamd (in realy
On Tue, 2005-05-17 at 09:05 -0400, Douglas Ward wrote:
> I have recently installed Clam AV 0.85 and have downloaded the latest updates
> through freshclam.
> We are running this software on a new e-mail gateway server built with
> Postfix and Mandrake LE2005.
> Please excuse my ignorance as I a
On Tue, 2005-05-17 at 15:34, Awie wrote:
> >
> > All is looking good as far as I'm concerned.
> > I would start sniffing on your server (with ethereal) to see what's
> > happening on the wire. Any experience with that?
> >
>
> I never use Ethereal (for Linux) before. However, I will learn how to u
Sergey said:
> Hello Dennis,
>
> Tuesday, May 17, 2005, 5:11:43 PM, you wrote:
>
> DP> Sergey said:
>>> Hello Andrzej,
>>>
>>> Tuesday, May 17, 2005, 3:52:31 PM, you wrote:
>>>
>>> AZ> Sergey wrote:
>>> AZ> [...]
> -rw-r- 1 rootclamav 1265 May 17 15:40 clamd.log
>>> AZ>
Hello,
1. Why clamav-milter ignores a key "--max-children=N"? I start with key
"--max-children=5", but I receive:
# pstree
init-+-atd
|-bdaemon
|-bdflush
|-bserver
|-clamav-milter---clamav-milter---16*[clamav-milter]
2.
/usr/local/clamav/sbin/clamav-milter -h|grep Maximum
On Tue, May 17, 2005 at 01:17:34PM +0200, Tomasz Kojm said:
> The only 'essential' information you have provided is that
> clamav-milter prints "Permission denied" on startup so don't expect
> constructive help from me.
The problem here is that clamav opens/creates the log at
clamd/clamd.c:144, bu
> On Tue, 2005-05-17 at 09:05 -0400, Douglas Ward wrote:
>
>> I have recently installed Clam AV 0.85 and have downloaded the latest
>> updates through freshclam. We are running this software on a new e-mail
>> gateway server built with Postfix and Mandrake LE2005. Please excuse my
>> ignorance as
Do you by chance know of any resources that I could look at that would outline
how to plug the two together? Thanks!
Douglas Ward
Director of Information Technology
NC Methodist Conference
1307 Glenwood Ave.
Raleigh, NC 27605
Work: (919) 832-9560 ext. 227
Fax: (919) 834-7989
-Original Mes
Jim Maul said:
>>
>>
>>
>> DP> We have a winner! Now if you put that in your startup script and log
>> DP> rotation tool you'll have the job finished.
>>
>> why is that? if i'll restart clamd it won't going to change the
>> permissions of clamd.log. and by the way i don't need any log rotation
>>
On May 17, 2005, at 8:48 AM, Dennis Peterson wrote:
Bart Silverstrim said:
To me, that price is learning how to do it right. Price isn't always
monetary.
I wouldn't argue with the idea of having to tell your provider that
you
need your particular connection unfiltered and leave it unfiltered
beca
Stephen Gran said:
> On Tue, May 17, 2005 at 01:17:34PM +0200, Tomasz Kojm said:
>> The only 'essential' information you have provided is that
>> clamav-milter prints "Permission denied" on startup so don't expect
>> constructive help from me.
>
> The problem here is that clamav opens/creates the l
Dennis Peterson wrote:
Jim Maul said:
DP> We have a winner! Now if you put that in your startup script and log
DP> rotation tool you'll have the job finished.
why is that? if i'll restart clamd it won't going to change the
permissions of clamd.log. and by the way i don't need any log rotation
bec
Hi All,
WinZip 9 256 bit AES encrypted zip files cause errors
[tested against 0.85.1].
We're calling clam from MIMEDefang and the scan
returns an error.
Other encrypted zip files scan OK.
Is there any way round this as we have users wanting
to get these files through?
Thanks, Chris
LibClamA
On Tue, 17 May 2005, Bart Silverstrim wrote:
After yet another day of putting up with all this crap from viruses, there's
a part of me that wonders what would happen if someone wrote a virus that
would pull a sober.p "infectinfectinfect...sleep...payload" trick where
instead of turning the compu
Douglas Ward asked:
> Do you by chance know of any resources that I could look at
> that would outline how to plug the two together? Thanks!
Have a look at MailScanner (http://www.mailscanner.info).
Cheers,
Phil
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK
___
Hi evrybody
I first posted this a week ago, but I still have not found a
solution.
Since v0.84, I've been receiving various obviously crafted mails
that contain viruses, but pass through clamav-milter ok. However, when I
save the mail and scan the mbox file with clamdscan (not cla
Jim Maul said:
> Dennis Peterson wrote:
>>
>> That would be a good trick if the directory it is found in is owned ro
>> by
>> root. I suppose it could be created by root then chowned to clam_user,
>> but
>> that too presumes much. To make it entirely turnkey the process should
>> see
>> if the use
I've installed ClamAV 0.83 on an HP-UX 11.11 system. I'm running clamd,
and it's communicating with MIMEDefang 2.51 via a socket. Clamd is not
able to unpack tar archives or compressed files. I've set and exported
the TMPDIR, TMP, and TEMP environment variables in the init script that
runs c
On Tue, May 17, 2005 at 07:03:10AM -0700, Dennis Peterson said:
> That would be a good trick if the directory it is found in is owned ro by
> root. I suppose it could be created by root then chowned to clam_user, but
> that too presumes much. To make it entirely turnkey the process should see
> if
Hi Guy,
This is the captured text from Ethereal (Text mode)
I open 2 screen console
Screen 1:
[EMAIL PROTECTED] src]# tethereal -F libpcap -f udp
Capturing on eth0
0.00 202.136.73.3 -> 202.136.64.52 DNS Standard query TXT
current.cvd.clamav.net
0.707822 202.136.64.52 -> 202.136.73.3 DNS
Dennis Peterson wrote:
Jim Maul said:
Dennis Peterson wrote:
That would be a good trick if the directory it is found in is owned ro
by
root. I suppose it could be created by root then chowned to clam_user,
but
that too presumes much. To make it entirely turnkey the process should
see
if the user-s
Douglas Ward wrote:
>Do you by chance know of any resources that I could look at that would outline
>how to plug the two together? Thanks!
>
>
One of my favorite methods of using Postfix and ClamAV together is by
using amavis-new
http://www.ijs.si/software/amavisd/
There was a nice set of ins
Stephen Gran said:
> On Tue, May 17, 2005 at 07:03:10AM -0700, Dennis Peterson said:
>> That would be a good trick if the directory it is found in is owned ro
>> by
>> root. I suppose it could be created by root then chowned to clam_user,
>> but
>> that too presumes much. To make it entirely turnke
Stephen Gran wrote:
...
So you want either all possible checks, or no seperable logging? That
does seem like a rather drastic set of solutions to a trivial to fix
bug. Moving about 10 lines of code will fix the bug under discussion,
might lead to problems with logging _before_ dropping privile
On Tue, 2005-05-17 at 22:39 +0800, Awie wrote:
> Hi Guy,
>
> This is the captured text from Ethereal (Text mode)
>
> I open 2 screen console
>
> Screen 1:
>
> [EMAIL PROTECTED] src]# tethereal -F libpcap -f udp
add -V so we can see the packet details.
--
Daniel J McDonald, CCIE # 2495, CNX
> I've installed ClamAV 0.83 on an HP-UX 11.11 system. I'm
> running clamd, and it's communicating with MIMEDefang
> 2.51 via a socket. Clamd is not able to unpack tar
> archives or compressed files. I've set and exported the
> TMPDIR, TMP, and TEMP environment variables in the init
> script
On Tue, May 17, 2005 at 02:56:14PM +, Erich Titl said:
> Stephen Gran wrote:
>
> >...
> >
> >So you want either all possible checks, or no seperable logging? That
> >does seem like a rather drastic set of solutions to a trivial to fix
> >bug. Moving about 10 lines of code will fix the bug un
THANKS A LOT to Tomasz, Guy, Daniel and others.
I decide to use NTP to sync my machine time and it works !!! Freshclam run
in DNS mode.
My apologize to Tomasz for ignoring his advise to check system time.
Again, thanks a lot.
Thx & Rgds,
Awie
- Original Message -
From: "Daniel J
On Tue, May 17, 2005 at 07:54:03AM -0700, Dennis Peterson said:
> Stephen Gran said:
> > So you want either all possible checks, or no seperable logging?
>
> Where did I say that? With syslog you touch a file and it starts
> logging. Simple, effective. It can be the same with clam. No local
> log
Thanks. Both MIMEDefang and clamd are running as the same user, so
that's not the problem.
I had a similar problem. I had to make clamd run as the same
user as my script. Check what user your MIMEDefang is
running as.
--
Karl Boyken, system administrator
[EMAIL PROTECTED]
303A MLH, Dept. of Com
> I first posted this a week ago, but I still have not found a
>solution.
>
> Since v0.84, I've been receiving various obviously crafted mails
>that contain viruses, but pass through clamav-milter ok. However, when I
>save the mail and scan the mbox file with clamdscan (not clamscan)
>"
Jef Poskanzer wrote:
>Hey, has anyone made or run across a signature file that matches
>all windows executables and all archive formats? Seems like this
>would be fairly easy to create.
>---
>Jef
>
> Jef Poskanzer [EMAIL PROTECTED] http://www.acme.com/jef/
>_
>>Hey, has anyone made or run across a signature file that matches
>>all windows executables and all archive formats? Seems like this
>>would be fairly easy to create.
>
>Since not all executables and archives are malicious, ClamAV may not be
>the proper tool to use.
I think ClamAV would be a fin
On Tue, 2005-05-17 at 09:05 -0400, Douglas Ward wrote:
> I have recently installed Clam AV 0.85 and have downloaded the latest
> updates through freshclam. We are running this software on a new
> e-mail gateway server built with Postfix and Mandrake LE2005.
How is postfix calling clamav? The Ma
I tried your test and got this, so your end is NOT passing this virus through
clamav-milter:
The original message was received at Tue, 17 May 2005 16:41:57 +0100
from bandsman.co.uk [127.0.0.1]
- The following addresses had permanent fatal errors -
<[EMAIL PROTECTED]>
(reason: 554
Stephen Gran wrote:
On Tue, May 17, 2005 at 02:56:14PM +, Erich Titl said:
Stephen Gran wrote:
...
So you want either all possible checks, or no seperable logging? That
does seem like a rather drastic set of solutions to a trivial to fix
bug. Moving about 10 lines of code will fix the
Stephen Gran said:
> On Tue, May 17, 2005 at 07:54:03AM -0700, Dennis Peterson said:
>> Stephen Gran said:
>> > So you want either all possible checks, or no seperable logging?
>>
>> Where did I say that? With syslog you touch a file and it starts
>> logging. Simple, effective. It can be the same
On Tue, May 17, 2005 at 03:50:38PM +, Erich Titl said:
> Stephen Gran wrote:
> >On Tue, May 17, 2005 at 02:56:14PM +, Erich Titl said:
> >>might lead to problems with logging _before_ dropping privileges
> >
> >What, in particular, are you thinking of? If the first thing clamd does
> >is d
Erich Titl said:
>>
> You could not log problems while dropping privileges, well basically it
> might go to the (unwatched) console
>
Because I'm self-described "anal", I capture my console to a file with
syslog and it is watched with automation and so is syslog. Here's to anal
admins and self-he
On May 17, 2005, at 11:28 AM, Morgan Smith wrote:
Jef Poskanzer wrote:
Hey, has anyone made or run across a signature file that matches
all windows executables and all archive formats? Seems like this
would be fairly easy to create.
---
Jef
Jef Poskanzer [EMAIL PROTECTED] http://www.acme
Sergey wrote:
> KP> Clamav should create log file with same owner as defined in
> KP> clamd.conf to work it properly.
>
> i've just noticed the same thing. clamd.log is made by root. but 0.84
> doesn't care about that it works properly.
The response someone posted a few days ago regarding 'sof
Bart Silverstrim wrote:
> Maybe even do a reverse check to see if there's a mail server on the
> sending system...how many systems would break doing a check like that?
The sending server isn't guaranteed to be a MX, so any DNS MX or reverse
connection tests would fail.
Matt
__
On May 17, 2005, at 12:17 PM, Matt Fretwell wrote:
Bart Silverstrim wrote:
Maybe even do a reverse check to see if there's a mail server on the
sending system...how many systems would break doing a check like that?
The sending server isn't guaranteed to be a MX, so any DNS MX or
reverse
connectio
Sergey wrote:
> DP> We have a winner! Now if you put that in your startup script and log
> DP> rotation tool you'll have the job finished.
>
> why is that? if i'll restart clamd it won't going to change the
> permissions of clamd.log. and by the way i don't need any log rotation
> because my clam
Jim Maul wrote:
> > Call me old fashioned, but this is something I like to deal with
> > myself. There's still a roll for the thinking admin.
> No, dont get me wrong here, im not saying clamav should "predict"
> anything. Nor should it have to deal with misconfigured software. This
> is of co
Bart Silverstrim wrote:
On May 17, 2005, at 12:17 PM, Matt Fretwell wrote:
Bart Silverstrim wrote:
Maybe even do a reverse check to see if there's a mail server on the
sending system...how many systems would break doing a check like that?
The sending server isn't guaranteed to be a MX, so any DNS
Matt Fretwell wrote:
Jim Maul wrote:
Call me old fashioned, but this is something I like to deal with
myself. There's still a roll for the thinking admin.
No, dont get me wrong here, im not saying clamav should "predict"
anything. Nor should it have to deal with misconfigured software. This
Jim Maul wrote:
> > touch /var/log/test.log
> >
> > Now why does it create the logfile as root?
> While i get your point, it is irrelevant because it should not log in
> /var/log/ directly. It should log in /var/log/clamav/
The main point of my point, (I know that sounds weird), is that an
Jim Maul wrote:
> Matt Fretwell wrote:
>> Just to test, as an ordinary user, run:
>>
>> touch /var/log/test.log
>>
>> Now why does it create the logfile as root?
>>
>
> While i get your point, it is irrelevant because it should not log in
> /var/log/ directly. It should log in /var/log/clama
Matt Fretwell wrote:
Bart Silverstrim wrote:
Maybe even do a reverse check to see if there's a mail server on the
sending system...how many systems would break doing a check like that?
The sending server isn't guaranteed to be a MX, so any DNS MX or reverse
connection tests would fail.
But
Matt Fretwell wrote:
Jim Maul wrote:
touch /var/log/test.log
Now why does it create the logfile as root?
While i get your point, it is irrelevant because it should not log in
/var/log/ directly. It should log in /var/log/clamav/
The main point of my point, (I know that sounds weird), is that
Jim Maul wrote:
> > The main point of my point, (I know that sounds weird), is that an
> > admin who relies upon any piece of software to correctly create and
> > set permissions on the logfile is asking for trouble. Clam is not
> > alone in this. This is not a bug in Clam, it is poor admin te
Matt Fretwell wrote:
Jim Maul wrote:
The main point of my point, (I know that sounds weird), is that an
admin who relies upon any piece of software to correctly create and
set permissions on the logfile is asking for trouble. Clam is not
alone in this. This is not a bug in Clam, it is poor admin t
Jim Maul said:
> Matt Fretwell wrote:
>> Jim Maul wrote:
>>
>>
Call me old fashioned, but this is something I like to deal with
myself. There's still a roll for the thinking admin.
>>
>>
>>
>>>No, dont get me wrong here, im not saying clamav should "predict"
>>>anything. Nor should it have
Dennis Peterson wrote:
Jim Maul said:
Matt Fretwell wrote:
Jim Maul wrote:
Call me old fashioned, but this is something I like to deal with
myself. There's still a roll for the thinking admin.
No, dont get me wrong here, im not saying clamav should "predict"
anything. Nor should it have to deal
Jim Maul said:
> Dennis Peterson wrote:
>> Jim Maul said:
>>
>>>Matt Fretwell wrote:
>>>
Jim Maul wrote:
>>Call me old fashioned, but this is something I like to deal with
>>myself. There's still a roll for the thinking admin.
>No, dont get me wrong her
>I tried your test and got this, so your end is NOT passing this
>virus through clamav-milter:
I.e. "clamav-milter works for me, therefore it works for you, therefore
you are doing something else wrong." This may be true but it's far
from proven. Furthermore, if Apostolos' problem is like mine,
Dennis Peterson wrote:
Jim Maul said:
Dennis Peterson wrote:
Jim Maul said:
Matt Fretwell wrote:
Jim Maul wrote:
Call me old fashioned, but this is something I like to deal with
myself. There's still a roll for the thinking admin.
No, dont get me wrong here, im not saying clamav should "predi
Jim Maul said:
> Dennis Peterson wrote:
>>>
>>>To the program itself, no. If you tell it to log to / it will, however,
>>>it SHOULDNT. See what im saying? To say that clamav *has* to create
>>>the log file as root because only root can write to /var/log/ is
>>>irrelevant to the issue.
>>
>>
>>
1 - 100 of 215 matches
Mail list logo
