On Thursday 02 Jun 2005 06:25, bonar wrote:
> sudo /usr/local/sbin/clamav-milter -b -s 192.168.1.1
> [EMAIL PROTECTED] -a [EMAIL PROTECTED]
> --max-children=9 -olb \
> local:/var/milter/clmilter.sock
Why have you enabled the -b option?
___
http://lu
-b is for bounce message to postmaster.
I've enabled it just for test. And it's look like my test still failed.
Any idea???
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Nigel Horne
Sent: Thursday, June 02, 2005 3:45 PM
To: ClamAV users ML
Subject: Re
-b is for bounce message to postmaster.
I've enabled it just for test. And it's look like my test still failed.
Any idea???
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Nigel Horne
Sent: Thursday, June 02, 2005 3:45 PM
To: ClamAV users ML
Subject: Re
On Thursday 02 Jun 2005 08:54, bonar wrote:
> -b is for bounce message to postmaster.
No it isn't. Please re-read "man clamav-milter".
___
http://lurker.clamav.net/list/clamav-users.html
-b, --bounce
Send a failure message to the sender, and to the
postmaster. [ Warning: most viruses and
worms fake their source address, so this option is not
recommended ]. See also --noreject.
This is from man clamav-milter.
If not? What was that means??
--
On Thursday 02 Jun 2005 09:03, bonar wrote:
>
> -b, --bounce
> Send a failure message to the sender, and to the
> postmaster. [ Warning: most viruses and
> worms fake their source address, so this option is not
> recommended ]. See also --noreject.
>
> This is
If u're following from my first post, then u will know why.
I'm now stuck just because clamav email address going to
[EMAIL PROTECTED] and not be [EMAIL PROTECTED]
I've try to create a new user, and the new user become
[EMAIL PROTECTED]
So, others guy in this clamav-users list has advise me to use
These two viruses are being caught on servers by other scanners.. but
not by ClamAV.. Can anyone explain this to me??
I have 0.85.1 version running.
Regards
Ramya
** DISCLAIMER **
Information contained and transmitted by this E-MAIL is proprietary to
Sify Limited and is intended
On 6/2/2005 11:55 AM +0200, ramya wrote:
These two viruses are being caught on servers by other scanners.. but
not by ClamAV.. Can anyone explain this to me??
With the information you've supplied here, there is 1 explanation: no
definition for these viruses.
I have 0.85.1 version running.
Reg
On Thu, 2005-06-02 at 15:25 +0530, ramya wrote:
> These two viruses are being caught on servers by other scanners.. but
> not by ClamAV.. Can anyone explain this to me??
> I have 0.85.1 version running.
Enable ScanPE and DetectBrokenExecutables
-trog
signature.asc
Description: This is a digit
WORM_BAGZ.C is now being caught, but still WORM_Netsky.DAM is a problem.
I have enabled both ScanPE and DetectBrokenExecutables. And i am running
0.85.1
clamdscan -V
ClamAV 0.85.1/906/Thu Jun 2 03:08:56 2005
Thanks
Ramya
Niek wrote:
On 6/2/2005 11:55 AM +0200, ramya wrote:
These two viruses
* ramya <[EMAIL PROTECTED]> [20050602 13:03]: wrote:
> WORM_BAGZ.C is now being caught, but still WORM_Netsky.DAM is a problem.
> I have enabled both ScanPE and DetectBrokenExecutables. And i am running
> 0.85.1
> clamdscan -V
> ClamAV 0.85.1/906/Thu Jun 2 03:08:56 2005
r
restart clamd!
Ofcourse i did restart..
Thanks and regards
Ramya Krishnan
** DISCLAIMER **
Information contained and transmitted by this E-MAIL is proprietary to
Sify Limited and is intended for use only by the individual or entity to
which it is addressed, and may conta
I have the mails quarantined and decoded all of them contained different
zip files. There where 5 occurrences. Now i would like to generate the
signature before this issue gets resolved. When i try to unpack, i am
unable to do the same.
unzip abuse_list.zip
Archive: abuse_list.zip
End-of-cen
Hi all
The thought just struck me that if kmail has a wizard for setting up clam to
scan incoming mail from an externel pop3 account, does one need to configure
clamav with clam-milter?
Also, does clam mark or block phishing emails? It does not appeared to have
done so using kmail filtering w
ramya wrote:
I have the mails quarantined and decoded all of them contained
different zip files. There where 5 occurrences.
Since you have the files, why don't you test them on
http://test-clamav.power-netz.de/, and upload the sample to
http://www.clamav.net/sendvirus.html ?
Regards,
Faja
I have the mails quarantined and decoded all of them contained different
zip files. There where 5 occurrences.
Since you have the files, why don't you test them on
http://test-clamav.power-netz.de/, and upload the sample to
http://www.clamav.net/sendvirus.html ?
Regards,
Fajar
As per us
On Thu, 02 Jun 2005 15:25:48 +0530
ramya <[EMAIL PROTECTED]> wrote:
> These two viruses are being caught on servers by other scanners.. but
> not by ClamAV.. Can anyone explain this to me??
.DAM is an abbreviation for "damaged".
--
oo. Tomasz Kojm <[EMAIL PROTECTED]>
(\/)\
ramya wrote:
I have the mails quarantined and decoded all of them contained
different zip files. There where 5 occurrences.
[snip]
As per us suggestion i did test the mails. They all came through
clean. I am unable to zip the file.
You don't have to. Just submit the original, quarantined,
I've got a couple .pif files that McAfee detects as W32/[EMAIL PROTECTED] and
clamscan doesn't detect at all, in its default mode.
If I use the --detect-broken option, they're picked up as
Broken.Executable.
Since --detect-broken is not the default behavior for clamscan, should
these still be sub
jef moskot wrote:
> If I use the --detect-broken option, they're picked up as
> Broken.Executable.
>
> Since --detect-broken is not the default behavior for clamscan, should
> these still be submitted at clamav.net or is --detect-broken reasonable
> enough that I should just turn it on?
Broken
N Fung wrote:
--- Troy Ayers <[EMAIL PROTECTED]> wrote:
When compiling the latest snapshot of clam I too get
clamav-milter.c:1573: undefined reference to
`smfi_opensocket'
I have sendmail 8.13.3 (with libmilter support of course)
My current version of clamav-milter is .82c
Debian linux
Damian Menscher wrote:
On Wed, 1 Jun 2005, Troy Ayers wrote:
When compiling the latest snapshot of clam I too get
clamav-milter.c:1573: undefined reference to `smfi_opensocket'
I have sendmail 8.13.3 (with libmilter support of course)
My current version of clamav-milter is .82c
Debian linux
On Thu, June 2, 2005 08:08, Troy Ayers wrote:
> Damian Menscher wrote:
>
>
>> On Wed, 1 Jun 2005, Troy Ayers wrote:
>>
>>
>>> When compiling the latest snapshot of clam I too get
>>>
>>>
>>> clamav-milter.c:1573: undefined reference to `smfi_opensocket'
>>>
I just built 85f on a solaris 9 x86 box
bonar wrote:
> This is my maillog at /var/log/maillog:
>
[snip]
> Jun 2 13:12:24 uetheta sendmail[4085]: j525Bh7b004085: Milter add:
> header: X-Virus-Scanned: ClamAV version 0.85.1, clamav-milter version
> 0.85 on uetheta
> Jun 2 13:12:24 uetheta sendmail[4085]: j525Bh7b004085: Milter add:
> h
When compiling the latest snapshot of clam I too get
clamav-milter.c:1573: undefined reference to `smfi_opensocket'
I just built 85f on a solaris 9 x86 box without trouble grabbed the
CVS an hour ago ..
Grabbed the CVS 15 mins ago. .85f exact same problem still.
-
Troy Ayers wanted us to know:
>When compiling the latest snapshot of clam I too get
>clamav-milter.c:1573: undefined reference to `smfi_opensocket'
>>I just built 85f on a solaris 9 x86 box without trouble grabbed the
>>CVS an hour ago ..
>Grabbed the CVS 15 mins ago. .85f exact sam
Just wanted to toss out a kudos to the ClamAV team. ClamAV has caught every
variant of Mytob thrown at it so far as W32/Mytob.AS, while most other AV
scanners struggle to keep their signatures up to date and end up being a day
or more late in detecting variants. Some, such as Symantec still do
Todd Lyons wrote:
Troy Ayers wanted us to know:
When compiling the latest snapshot of clam I too get
clamav-milter.c:1573: undefined reference to `smfi_opensocket'
I just built 85f on a solaris 9 x86 box without trouble grabbed the
CVS an hour ago ..
Grabbed the C
I have just installed the current (today) CVS version on my production
box. I realize that the major thing in it for me is just the new config
parser code since I don't run milter ;)
However, I noted that ScanRAR was dropped, but I did not see that
mentioned in the Changelog! Not that I ever use S
On Thu, 2 Jun 2005 19:15:25 +0300
Odhiambo Washington <[EMAIL PROTECTED]> wrote:
> However, I noted that ScanRAR was dropped, but I did not see that
> mentioned in the Changelog! Not that I ever use ScanRAR anyway. I've
Thanks for pointing this out, I've added a note on ScanRAR to the
ChangeLog.
* Tomasz Kojm <[EMAIL PROTECTED]> [20050602 21:11]: wrote:
> On Thu, 2 Jun 2005 19:15:25 +0300
> Odhiambo Washington <[EMAIL PROTECTED]> wrote:
>
> > However, I noted that ScanRAR was dropped, but I did not see that
> > mentioned in the Changelog! Not tha
On Thu, 2 Jun 2005 21:38:13 +0300
Odhiambo Washington <[EMAIL PROTECTED]> wrote:
> Thank you so much for the update, and thank you and the dev team for
> all the time you've put into making ClamAv the leading Open Source
> Anti-virus (according to me, and I know many people support this
> view).
* Tomasz Kojm <[EMAIL PROTECTED]> [20050602 22:09]: wrote:
> On Thu, 2 Jun 2005 21:38:13 +0300
> Odhiambo Washington <[EMAIL PROTECTED]> wrote:
>
> > Thank you so much for the update, and thank you and the dev team for
> > all the time you've put into
On 6/2/05, Matt Fretwell <[EMAIL PROTECTED]> wrote:
> Broken is broken :) It is pretty irrelevant, if they are broken, whether
> you block them or not, one might suggest.
It's still worth blocking them, because otherwise they trigger virus
alerts on the end-user's machines running local virus sca
What's the simplest setup to add ClamAV scanning to procmail? I'd like
to add something like I have with SpamAssassin in my procmailrc:
:0fw
| /usr/bin/spamc
I did a lot of searching around but didn't see anything that simple. Is
it possible? If not, what's the lightest weight RPMified app t
Kelly Corbin wrote:
I did a lot of searching around but didn't see anything that simple. Is
it possible? If not, what's the lightest weight RPMified app to add to
do this?
I use ClamAssassin for that: http://drivel.com/clamassassin/
No RPM AFAIK, but the setup looks like this:
:0fw: clama
I've always been too afraid to turn it on as I was concerned about any
assumptions made by the code might lead it to block otherwise valid
executables
How have others found it? Has it only blocked truly broken executables,
and were all those executables corrupt viruses? The latter is important
On Thu, 2 Jun 2005, Kelly Corbin wrote:
> What's the simplest setup to add ClamAV scanning to procmail? I'd like to add
Here is a recipie I haevn't used in over a year, you'll at least have to
remove the --mbox option and see what else is current, but this is the
general idea.
#Replace with
I haven't make any alias address.
Can u tell me how can I fix this problem or can u show me how do you
start clamav-milter.
I try to use this,
CLAMAV_FLAGS="
--config-file=/etc/clamd.conf
--headers --quarantine-dir=/usr/local/clamav-0.85.1/quarantine
--max-children=9
[EMAIL PROTECTED]
[EMAIL P
bonar wrote:
> I haven't make any alias address.
> Can u tell me how can I fix this problem or can u show me how do you
> start clamav-milter.
> I try to use this,
>
> CLAMAV_FLAGS="
> --config-file=/etc/clamd.conf
> --headers --quarantine-dir=/usr/local/clamav-0.85.1/quarantine
> --max-children=
Hi René Berber,
Thank you for your solution. Now I'm able to get the "Virus
intercepted".
It was great to know you. This is my /var/log/maillog :
Jun 3 12:55:49 uetheta sendmail[8717]: j534t8CU008717:
from=<[EMAIL PROTECTED]>, size=1482, class=0, nrcpts=1,
msgid=<[EMAIL PROTECTED]>,
proto=ESM
42 matches
Mail list logo
