[clamav-users] GPG key verification please

Hi, Can someone 'official' please verify the GPG key used for signing files? gpg --verify clamwin-0.99-setup.exe.asc clamwin-0.99-setup.exe gpg: Signature made 01/17/16 14:36:59 AUS Eastern Daylight Time using DSA key ID 8CC6DDB4 gpg: Good signature from "ClamWin Free Antivirus Software Distrib

[clamav-users] Email.Phishing.DblDom-60 -- issue

Hi, I have server log messages coming through that are being rejected as having "Email.Phishing.DblDom-60" How can I determine what it is that is triggering this claim? Thanks AndrewM ___ Help us build a comprehensive ClamAV guide: https://github.

Re: [clamav-users] Latest samba source contains Win.Trojan.Qhost-106?

On 31/03/2016 5:32 AM, Alain Zidouemba wrote: > Paul: > > Thanks for reporting this FP. This will be fixed momentarily. Is it really a false positive? There has been a heads up that SAMBA code has a problem and that both Microsoft and Samba are working on a solution that will be released on th

[clamav-users] Email.Phishing.DblDom-60 -- issue

Hi, -- resend ? --- I have server log messages coming through that are being rejected as having "Email.Phishing.DblDom-60" How can I determine what it is that is triggering this claim? Thanks AndrewM ___ Help us build a comprehensive ClamAV

[clamav-users] Email.Phishing.DblDom-60 -- issue

Hi, -- resend ? again no help --- 550 This message was detected as possible malware (Email.Phishing.DblDom-60). It is not malware, it is just simple logs of backup processes. I have server log messages coming through that are being rejected as having "Email.Phishing.DblDom-60" .

Re: [clamav-users] Email.Phishing.DblDom-60 -- issue

On 3/04/2016 9:32 AM, Al Varnell wrote: > Have you submitted the log to False Positive Reports yet? > This is not a /file/ it is an email source and the source changes with each and every log. Some log files are giving this problem, most are not; I need to kno

Re: [clamav-users] Email.Phishing.DblDom-60 -- issue

Hi Al, On 3/04/2016 12:34 PM, Alain Zidouemba wrote: > Are you up to date with your signatures? Email.Phishing.DblDom-60 was > removed on 4/1/2016. Okay, using older Wheezy, not yet updated to 7.10 ... that will probably update things. [doing the update to 7.10 now] Also added in missing wheez

Re: [clamav-users] Email.Phishing.DblDom-60 -- issue

Hi Alain, [sorry, I didn't realize we have Al and Alain] On 3/04/2016 12:59 PM, Al Varnell wrote: > Sorry, I should have added: > > sigtool --version /usr/local/clamXav/share/clamav/ > ClamAV 0.99.1/21484/Fri Apr 1 13:09:25 2016 After update to 7.10 (Wheezy latest) and with wheezy-updates in s

Re: [clamav-users] Email.Phishing.DblDom-60 -- issue

Hi Al, On 3/04/2016 11:17 AM, Al Varnell wrote: > sigtool --find Email.Phishing.DblDom-60 | sigtool --decode-sig Thanks, that helps. It sure looks like I need to disable that one, due to the data in my logs containing named directories from rsync output with that string. Kind Regards AndrewM

[Clamav-users] clamav test output issue

& ) > /tmp/`basename $0`.out 2>&1 & www:/tmp# diff test-clamav.sh.out scan.txt 0a1,3 > > --- > 4d6 < /usr/share/clamav-testfiles/debugm.c: OK www:/tmp# Kind Regards AndrewM Andrew McGlash

Re: [Clamav-users] Please help me

t;make install" i got an follwowing error >>>>>> >>>>>> "error while loading shared libraries: libclamav.so.1: >>>>>> cannot open shared object file: No such file or directory" > > I'm not sure how "make inst

Re: [Clamav-users] Unofficial malware signatures for Clamav

file and not adjust your scripts again. Kind Regards AndrewM Andrew McGlashan Broadband Solutions now including VoIP Current Fixed Line No: 03 8705 0300 Mobile: 04 2574 1827 Fax: 03 8790 1224 National No: 1300 85 3804 Affinity Vision Australia Pty Ltd http://www.affinityvision.com.au http://adsl

Re: [Clamav-users] Clamd memory use

e of running clamav properly with exim4 and spamassisn on a Linksys NSLU2 running Debian then? Kind Regards AndrewM Andrew McGlashan Broadband Solutions now including VoIP Current Land Line No: 03 9912 0504 Mobile: 04 2574 1827 Fax: 03 8790 1224 National No: 1300 85 3804 Affinity Vision Austr

Re: [Clamav-users] Clamd memory use

Dennis Peterson wrote: > Andrew McGlashan wrote: >> Dennis Peterson wrote: >>> You are running a very underpowered system for a virus scanner. That >>> is the real shame. Memory is cheap even in third world nations - >>> there is no reason an on-demand syste

Re: [Clamav-users] Documentation patch.

ly configured system could lead to this problem. FWIW I added to the wiki entry referred to above with a reference to SPF. AndrewM Andrew McGlashan Broadband Solutions now including VoIP Current Land Line No: 03 9912 0504 Mobile: 04 2574 1827 Fax: 03 8790 1224 National No: 1300 85 3804 Affinit

Re: [Clamav-users] SelfCheck of clamd does not work!

Regards AndrewM Andrew McGlashan Broadband Solutions now including VoIP Current Land Line No: 03 9912 0504 Mobile: 04 2574 1827 Fax: 03 8790 1224 National No: 1300 85 3804 Affinity Vision Australia Pty Ltd http://www.affinityvision.com.au http://adsl2choice.net.au In Case of Em

Re: [Clamav-users] AV Test Results

AVG rarely if ever seeing something that ClamAV did not. Kind Regards AndrewM Andrew McGlashan Broadband Solutions now including VoIP Current Land Line No: 03 9912 0504 Mobile: 04 2574 1827 Fax: 03 8790 1224 National No: 1300 85 3804 Affinity Vision Australia Pty Ltd http://www.affinityvis

Re: [Clamav-users] MRTG

s a "Multi-Router Traffic Grapher" and all your clamav traffic is local, ie not routing anywhere. Kind Regards AndrewM Andrew McGlashan Broadband Solutions now including VoIP Current Land Line No: 03 9912 0504 Mobile: 04 2574 1827 Fax: 03 9012 2178 National No: 1300 85 3804 Affinity Visi

Re: [Clamav-users] MRTG

k interfaces and therefore not subject to 'normal' MRTG counting Kind Regards AndrewM Andrew McGlashan Broadband Solutions now including VoIP Current Land Line No: 03 9912 0504 Mobile: 04 2574 1827 Fax: 03 9012 2178 National No: 1300 85 3804 Affinity Vision Australia Pty Ltd http://www.

Re: [Clamav-users] 0.93.2

ing about this current situation. Shouldn't you send an "announce revocoation" or similar? Kind Regards AndrewM Andrew McGlashan Broadband Solutions now including VoIP Current Land Line No: 03 9912 0504 Mobile: 04 2574 1827 Fax: 03 9012 2178 National No: 1300 85 3804 A

Re: [Clamav-users] simplest replacement for ancient amavis-perl

oups particularly...] Greylisting is working very well for me, but I must have a reasonable whitelist that excludes the above 'big' names so that they work! Kind Regards AndrewM Andrew McGlashan Broadband Solutions now including VoIP Current Land Line No: 03 9912 0504 Mobile: 04 2574

Re: [Clamav-users] Wanna to help translate

It wouldn't hurt to say thanks to Aron as well for his support and perhaps direct him to the Chinese version that is already available (unless it isn't ready yet). Thank you Aron for your support of ClamAV from a fellow user. Kind Regards AndrewM Andrew McGlashan Broadband Solution

Re: [Clamav-users] Installing Clamav on Debian

pgrade to the rest sorted (running on sarge) for me. Kind Regards AndrewM Andrew McGlashan Broadband Solutions now including VoIP Current Land Line No: 03 9912 0504 Mobile: 04 2574 1827 Fax: 03 9012 2178 National No: 1300 85 3804 Affinity Vision Australia Pty Ltd http://www.affinityvision.co

Re: [Clamav-users] Webinar Recording

how do I play the .arf in Fedora 9 ? > > Use VMPlayer to run a Windows virtual machine in Fedora. It was hard enough finding a player that works in Windows. is there a better format? Kind Regards AndrewM Andrew McGlashan Broadband Solutions now including VoIP __

Re: [Clamav-users] Installing Clamav on Debian

Hi, Carlos Williams wrote: > Andrew McGlashan wrote: > I am running "Etch" however I would think that it does not matter. I > commented out the line 41: Umm, sorry, so am I . Etch,, NOT sarge. - whoops > PhishingSignatures true > PhishingScanURLs true >

Re: [Clamav-users] Installing Clamav on Debian

e.com/PhishingRestrictedScan-is-gone--td18332907.html There is a solution by Edwin to effectively get the same behaviour as you had before as well. Kind Regards AndrewM Andrew McGlashan Broadband Solutions now including VoIP ___ Help us build a comp

Re: [Clamav-users] Stop it!

this date. Then process the orginal file with the comments. Kind Regards AndrewM Andrew McGlashan Broadband Solutions now including VoIP Current Land Line No: 03 9912 0504 Mobile: 04 2574 1827 Fax: 03 9012 2178 National No: 1300 85 3804 Affinity Vision Australia Pty Ltd http://www.affinityv

Re: [Clamav-users] Maximum file size

hat are each individually email files. It is my understanding that Clamav isn't suitable for scanning mbox files without treating the whole file as one (ie not as a collection of emails). Kind Regards AndrewM Andrew McGlashan Broadband Solutions now including VoIP Current Land Line No:

Re: [clamav-users] *****SPAM [by spamassassin on mail.affinityvision.com.au]***** Re: clamav list spf problem

Hi, On 19/06/18 20:19, G.W. Haywood wrote: > On Tue, 19 Jun 2018, Andrew McGlashan wrote: > >> SPF RECORDS: "v=spf1 mx ip4:173.37.93.145/32 include:cisco.com >> a:lists.clamav.net" > > I've been in touch with Joel privately about this already, but now >

Re: [clamav-users] *****SPAM [by spamassassin on mail.affinityvision.com.au]***** Re: clamav list spf problem

And this is how I make mitigations for some required (and otherwise legitimate) emails: # pwd /etc/spamassassin # cat clamav.cf # For ClamAV whitelist_from *@lists.clamav.net Cheers A. ___ clamav-users mailing list clamav-users@lists.clamav.net http://

Re: [clamav-users] clamav list spf problem

Hi, On 20/06/18 02:45, G.W. Haywood wrote: > On Tue, 19 Jun 2018, Andrew McGlashan wrote: > >> ... The clamav SPF record also doesn't have an "all" value, which >> should be the last entry for each record. ... > > There is an implicit '?all' m

Re: [clamav-users] clamav list spf problem

Hi, On 21/06/18 00:46, Micah Snyder (micasnyd) wrote: > Our operations group in Talos has updated the SPF record for > lists.clamav.net to account for the issue w/ > Cisco's SPF records.  In addition, I believe they're also working on > fixing the cisco.com

Re: [clamav-users] clamav list spf problem

Hi, On 21/06/18 02:51, Scott Kitterman wrote: > On Thursday, June 21, 2018 02:38:45 AM Andrew McGlashan wrote: >> Hi, >> >> On 21/06/18 00:46, Micah Snyder (micasnyd) wrote: >>> Our operations group in Talos has updated the SPF record for >>> lists.clamav.n

Re: [clamav-users] clamav list spf problem

On 21/06/18 17:54, Tilman Schmidt wrote: > Am 20.06.2018 um 19:14 schrieb Andrew McGlashan: > >> This is an opportunity to fix things, such an opportunity should not >> lost, especially if it helps more people to understand the problems with >> having too liberal

Re: [clamav-users] clamav list spf problem

On 21/06/18 23:29, Gene Heskett wrote: > What I'd like to see is a good description of SPF. All these acronyms > get thrown around, usually with no references as to why its even needed > or how to implement it. Does it help control the neighborhood feral cat > problem or what? If email is se

Re: [clamav-users] clamav list spf problem

On 22/06/18 07:21, Gene Heskett wrote: > On Thursday 21 June 2018 17:12:51 Al Varnell wrote: > >> Gene, >> >> If you aren't responsible for an e-mail domain, then none of this >> applies to you. >> >> Based on the e-mail address you are using, this isn't anything you >> should care about. >> >>

Re: [clamav-users] clamav list spf problem

On 22/06/18 06:58, Gene Heskett wrote: > All sounds well and good, but where do I find the tut and tools to adjust > this? http://www.openspf.org/Project_Overview Cheers A. ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.cl

Re: [clamav-users] off topic Re: clamav list spf problem

On 23/06/18 00:37, Gene Heskett wrote: > On Friday 22 June 2018 06:15:42 Reindl Harald wrote: > >> Am 22.06.2018 um 05:36 schrieb Gene Heskett: >>> I get what I would call minimum spam, just enough to train SA with. >>> A bad day is 10. When I was using my old account at the tv station, >>> sev