On 2007-03-03 05:52, Dennis Peterson wrote:
> This is an interesting list for what it shows. It is a list from the
> last 10,000 "viruses" caught here where there were 10 or more of a
> particular virus caught. Clearly most of them are not viruses at all but
> image spam and penny stock scams. Migh
Hello List,
i'm using amavis, spamassassin & clamav.
It works fine, but it should not block encrypted archives.
Where can i stop this function ?
With kind regards
Dominik Weber
___
Help us build a comprehensive ClamAV guide: visit http://wiki.c
On 2007-03-05 11:21, Weber, Dominik wrote:
> Hello List,
>
> i'm using amavis, spamassassin & clamav.
> It works fine, but it should not block encrypted archives.
> Where can i stop this function ?
By reading the manual and editing the clamd.conf
file and setting: (actually the default!)
Arch
ArchiveBlockEncrypted
Mark encrypted archives as viruses (Encrypted.Zip,Encrypted.RAR).
Default: disabled
This option is not set in my clamd.conf
But this is the exact messages in the Report Encrypted.Zip and Encrypted.RAR.
"ArchiveBlockEncrypted no" is the wrong syntax.
Star
On Mon, 2007-03-05 at 12:51 +0100, Weber, Dominik wrote:
> ArchiveBlockEncrypted
> Mark encrypted archives as viruses (Encrypted.Zip,Encrypted.RAR).
> Default: disabled
>
> This option is not set in my clamd.conf
> But this is the exact messages in the Report Encrypted.Zip and
I'm Running 0.90.0 and for Debian there is no newer version available
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Trog
Gesendet: Montag, 5. März 2007 12:57
An: ClamAV users ML
Betreff: Re: AW: [Clamav-users] Virus Encrypted.Zip
On Mon, 2007-0
On Mon, 5 Mar 2007 12:59:19 +0100
"Weber, Dominik" <[EMAIL PROTECTED]> wrote:
> I'm Running 0.90.0 and for Debian there is no newer version available
No, you are not. And please don't top-post.
--
oo. Tomasz Kojm <[EMAIL PROTECTED]>
(\/)\. http://www.ClamAV
On Monday 05 March 2007 12:08 am, Dennis Peterson wrote:
> > I ran it twice and both times it downloaded a new .hdb and .ndb file at
> > least the 'modified' times were within a couple of minutes of the current
> > time. I've commented out the
>
> I just now realized you're moving the downloaded f
Sorry but i don't top-posted.
I've replyed to the last message from Trog.
Here you can see, which version i've still running.
linux:~# clamscan -V
ClamAV 0.90/2725/Mon Mar 5 12:45:35 2007
linux:~# freshclam
ClamAV update process started at Mon Mar 5 13:08:20 2007
WARNING: Your ClamAV installat
On Mon, 5 Mar 2007 13:09:45 +0100
"Weber, Dominik" <[EMAIL PROTECTED]> wrote:
> Sorry but i don't top-posted.
You did and you're still doing this.
--
oo. Tomasz Kojm <[EMAIL PROTECTED]>
(\/)\. http://www.ClamAV.net/gpg/tkojm.gpg
\..._ 0D
On Mon, 5 Mar 2007 13:09:45 +0100
"Weber, Dominik" <[EMAIL PROTECTED]> wrote:
> Sorry but i don't top-posted.
You did and you're still doing this.
--
oo. Tomasz Kojm <[EMAIL PROTECTED]>
(\/)\. http://www.ClamAV.net/gpg/tkojm.gpg
\..._ 0D
On 2007-03-05 13:09, Weber, Dominik wrote:
> Sorry but i don't top-posted.
> I've replyed to the last message from Trog.
Top-posting != thread hijacking
http://en.wikipedia.org/wiki/Top-post
--
Paul Bijnens, xplanation Technology ServicesTel +32 16 397.511
Technologielaan 21 bus 2, B-
On 2007-03-05 12:51, Weber, Dominik wrote:
> ArchiveBlockEncrypted
> Mark encrypted archives as viruses (Encrypted.Zip,Encrypted.RAR).
> Default: disabled
>
> This option is not set in my clamd.conf
> But this is the exact messages in the Report Encrypted.Zip and Encrypted.RAR.
On 2007-03-05 12:51, Weber, Dominik wrote:
> ArchiveBlockEncrypted
> Mark encrypted archives as viruses (Encrypted.Zip,Encrypted.RAR).
> Default: disabled
>
> This option is not set in my clamd.conf But this is the exact messages
> in the Report Encrypted.Zip and Encrypted.RAR.
Chris wrote:
On Monday 05 March 2007 12:08 am, Dennis Peterson wrote:
I ran it twice and both times it downloaded a new .hdb and .ndb file at
least the 'modified' times were within a couple of minutes of the current
time. I've commented out the
I just now realized you're moving the downloaded
Dennis Peterson wrote:
If you use wget rather than curl you can grab both of Steve's files in
one connection rather than two. I'll submit my script to Steve when I
get caught up on things here. It pulls down Sanesecurity and MSRBL files.
I just recalled that curl allows this too with multip
On 2007-03-05 14:51, Weber, Dominik wrote:
> On 2007-03-05 12:51, Weber, Dominik wrote:
well actually, I wrote that.
Seems my thunderbird got messed up, and the message compose
scrambled the from-to-and-maybe-some-other headers.
Very strange. Anyone seen the problem?
I removed the msf file (usua
Weber, Dominik wrote:
On Mon, 5 Mar 2007 13:09:45 +0100
"Weber, Dominik" <[EMAIL PROTECTED]> wrote:
Sorry but i don't top-posted.
You did and you're still doing this.
Ahh now i think i know what you mean.
But I don't know, how to configure my Outlook to do that.
Please don't post below
Tomasz Kojm wrote:
On Mon, 5 Mar 2007 13:09:45 +0100
"Weber, Dominik" <[EMAIL PROTECTED]> wrote:
Sorry but i don't top-posted.
You did and you're still doing this.
Maybe instead of being snarly to the non-native English speaker and
accusing him of lying as you did to boot, you co
Hi there,
I'm using the old amavis-0.3.13per2 Version of amavis.
I know it's very old, but there for today is no chance
to install amavis-new or something else.
So my problem is, I'm running clamscan with amavis and
it works, but now I wanted to activate clamd in amavis.
The activated clamd scans
On Mon, 05 Mar 2007 11:28:06 -0500
Rob Munsch <[EMAIL PROTECTED]> wrote:
> Maybe instead of being snarly to the non-native English speaker and
> accusing him of lying as you did to boot, you could take 5 extra seconds
> and explain what you mean and help educate him?
http://lists.clamav.net/mai
At 09:35 AM 3/5/2007, Dennis Peterson wrote:
The mv -f ... statement should be a cp ... statement. That will
leave the msrbl files in the directory that rsync uses for
downloading and for comparing versions.
It makes a great deal of sense to move the files into the clam DB
directory to insur
Hello,
I am running Debian Sarge and I keep getting this message:
Received signal: wake up
ClamAV update process started at Mon Mar 5 11:33:50 2007
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.88.7 Recommended version: 0.90.1
DON'
Noel Jones wrote:
At 09:35 AM 3/5/2007, Dennis Peterson wrote:
The mv -f ... statement should be a cp ... statement. That will leave
the msrbl files in the directory that rsync uses for downloading and
for comparing versions.
It makes a great deal of sense to move the files into the clam DB
Hello,
you are running an older clamav version (Local version: 0.88.7 Recommended
version: 0.90.1). Nothing to worry about.
On 3/5/07, Morgan Walker <[EMAIL PROTECTED]> wrote:
Hello,
I am running Debian Sarge and I keep getting this message:
Received signal: wake up
ClamAV update proc
On Mon, 5 Mar 2007, Dennis Peterson wrote:
> > It makes a great deal of sense to move the files into the clam DB directory
> > to insure an atomic operation. If clamd/clamav-milter should happen to
> > reload with a half-copied file in the DB dir, it will likely stop running.
>
> Yah - I realize
O.K. Will apt ever upgrade to a new version for me, or will I have to do
it manually?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Miroslav
Strugarevic
Sent: Monday, March 05, 2007 12:08 PM
To: ClamAV users ML
Subject: Re: [Clamav-users] ClamAV installa
You could try apt-get install ClamAV or whatever is on Debian. It's sure
safer to run newer version for security fixes in the first place. I noticed
ClamAV have some config syntax differences between 0.90.x and 0.88.x so be
prepared. Good luck.
On 3/5/07, Morgan Walker <[EMAIL PROTECTED]> wrote:
Morgan Walker wrote:
O.K. Will apt ever upgrade to a new version for me, or will I have to do
it manually?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Miroslav
Strugarevic
Sent: Monday, March 05, 2007 12:08 PM
To: ClamAV users ML
Subject: Re: [Clamav
Yeah, apt-get install clamav just gives me:
clamav is already the newest version.
Not sure what else to do, might have to remove ClamAV all together and
manually install the newer version. Or just wait to see if apt does it
on down the road.
-Original Message-
From: [EMAIL PROTECTED]
[m
Christopher X. Candreva wrote:
On Mon, 5 Mar 2007, Dennis Peterson wrote:
It makes a great deal of sense to move the files into the clam DB directory
to insure an atomic operation. If clamd/clamav-milter should happen to
reload with a half-copied file in the DB dir, it will likely stop running
Hi,
> WARNING: Local version: 0.88.7 Recommended version: 0.90.1
>
>
> My /etc/apt/source.list contains the following:
> deb http://ftp2.de.debian.org/debian-volatile sarge/volatile main
Yeah. Due to a ABI Change in ClamAV 0.90 the debian-volatile team
currently needs to backport a few applica
On 3/5/07, Morgan Walker wrote:
Yeah, apt-get install clamav just gives me:
clamav is already the newest version.
Not sure what else to do, might have to remove ClamAV all together and
manually install the newer version. Or just wait to see if apt does it
on down the road.
Probably Debian Sa
Morgan Walker wrote:
Yeah, apt-get install clamav just gives me:
clamav is already the newest version.
Not sure what else to do,
Visit www.clamav.net, download the source and install from there. 5-10 mins,
less
time than it takes you to read and reply to all these emails ;-)
--
Nigel Horne
Awesome, thanks!
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Martin
Zobel-Helas
Sent: Monday, March 05, 2007 12:00 PM
To: ClamAV users ML
Subject: Re: [Clamav-users] ClamAV installation is OUTDATED!
Hi,
> WARNING: Local version: 0.88.7 Recommended v
On 3/5/07, Jens Strohschnitter <[EMAIL PROTECTED]> wrote:
Hi there,
I'm using the old amavis-0.3.13per2 Version of amavis.
I know it's very old, but there for today is no chance
to install amavis-new or something else.
<---SNIP--->
amavis[19687]: /var/amavis/amavis-14905879/parts/msg-19687-2.e
Dennis Peterson wrote:
> I wonder if anyone ever reads the admonishments about top-posting and
> pruning messages.
Or the FAQ. Or the manual. I really wish people would do their homework
before posting to this mailing list.
-R
___
Help us build a compr
Rob MacGregor escreveu:
On 3/5/07, Jens Strohschnitter <[EMAIL PROTECTED]> wrote:
Hi there,
I'm using the old amavis-0.3.13per2 Version of amavis.
I know it's very old, but there for today is no chance
to install amavis-new or something else.
<---SNIP--->
amavis[19687]: /var/amavis/amavis-1
* On 20/02/07 16:25 -0500, Kevin Way wrote:
| Dennis Peterson wrote:
| >> So, its been a few days. How is everyone feeling about the new version?
| >> I've hesitated to upgrade just yet. I've seen alot of feedback indicating
| >> problems and very little about smooth and great upgrades.
| >>
| >> W
Odhiambo Washington wrote:
* On 20/02/07 16:25 -0500, Kevin Way wrote:
| Dennis Peterson wrote:
| >> So, its been a few days. How is everyone feeling about the new version?
| >> I've hesitated to upgrade just yet. I've seen alot of feedback indicating
| >> problems and very little about smooth an
Paul Bijnens wrote:
Be careful about using clamav with the MSRBL image-spams database!!
It seems to me like detecting the image spams with clamav signatures
are not really an improvement. In fact, it is probably dangerous!
The programs generating these spams make unique images with
variations
Dennis Peterson wrote:
How did you determine they were false positives? Their website does not
provide a context so you can't know if what you are seeing is a web
beacon image or a spacer.
I determine false positives very simply - If neither the sender nor the
intended recipient do not com
On 3/5/07, Leonardo Rodrigues Magalhães <[EMAIL PROTECTED]> wrote:
Or maybe clamav is configured to PASS infected emails !!! It´s not
an intelligent thing to do, but amavisd allows it.
The point is, clamav doesn't block or pass the emails. Clamav simply
gives a status and it's up to amavi
Rob MacGregor wrote:
On 3/5/07, Leonardo Rodrigues Magalhães <[EMAIL PROTECTED]> wrote:
Or maybe clamav is configured to PASS infected emails !!! It´s not
an intelligent thing to do, but amavisd allows it.
The point is, clamav doesn't block or pass the emails. Clamav simply
gives a statu
Rob MacGregor wrote:
> On 3/5/07, Leonardo Rodrigues Magalhães <[EMAIL PROTECTED]>
> wrote:
> >
> > Or maybe clamav is configured to PASS infected emails !!! It´s
> > not an intelligent thing to do, but amavisd allows it.
>
> The point is, clamav doesn't block or pass the emails. Clamav sim
Dennis Peterson escreveu:
Rob MacGregor wrote:
On 3/5/07, Leonardo Rodrigues Magalhães <[EMAIL PROTECTED]>
wrote:
Or maybe clamav is configured to PASS infected emails !!! It´s not
an intelligent thing to do, but amavisd allows it.
The point is, clamav doesn't block or pass the emails.
Hi:
Sorry if this isnt the way to get support for your port of ClamAV for
Fedora.
Im trying to run the latest yum updates of Clamav and Im blocked with the
following message when run
# service clamav-milter start
Starting clamav-milter: [ OK ]
This return OK but I found the following messa
On Mon, 05 Mar 2007 09:23:33 -0800
Dennis Peterson <[EMAIL PROTECTED]> wrote:
> I wonder if anyone ever reads the admonishments about top-posting and
> pruning messages.
They read it, they just choose to ignore it. It is for that reason that
I will usually only reply to a top-poster once and the
Hi,
available now.
On Mon Mar 05, 2007 at 12:35:12 -0500, Morgan Walker wrote:
> Awesome, thanks!
>
> > Hi,
> >
> > > WARNING: Local version: 0.88.7 Recommended version: 0.90.1
> > >
> > >
> > > My /etc/apt/source.list contains the following:
> > > deb http://ftp2.de.debian.org/debian-volat
Hello Ralph,
> > I wonder if anyone ever reads the admonishments about top-posting and
> > pruning messages.
> Or the FAQ. Or the manual. I really wish people would do their homework
> before posting to this mailing list.
I think it'd be better to point such users to a proper URL where they
can
On 3/6/07, Luca Gibelli <[EMAIL PROTECTED]> wrote:
I think it'd be better to point such users to a proper URL where they
can *find the answer* instead of serving the answer to them directly via
email.
This will increase the probability that next time they need some info,
they will *first* search
Steve Basford wrote the following on 3/4/2007 10:46 PM -0800:
> Dennis Peterson wrote:
>
>> My guess is the MSRBL folks would like it if you downloaded the new
>> files only if the file has been modified.
>>
>>
> I think you're right... the size of their images .ndb file
> (un-compressed) j
52 matches
Mail list logo
