Under Solaris 10 x86, gcc 4.7.1, gnu ld 2.21.1 libclamav is failing to
link. Here is an exerpt from the compile:
make[4]: Entering directory `/home/chris/apps/mail/clamav-0.98.1/libclamav'
CC unrar15.lo
CC unrar.lo
CC unrar20.lo
CC unrarppm.lo
CC unrarvm.lo
CC
Should anyone ever search for this, the problem was solved by upgrading gcc
to 4.8.1
On Fri, 31 Jan 2014, Christopher X. Candreva wrote:
>
>
> Under Solaris 10 x86, gcc 4.7.1, gnu ld 2.21.1 libclamav is failing to
> link. Here is an exerpt from the compile:
>
>
-- Forwarded message --
Date: Thu, 11 Mar 2010 15:25:43 -0500 (EST)
From: Christopher X. Candreva
To: cla...@lists.clamav.net
Subject: llvm/jit CPU dependant
I just did a compile of 0.96rc1 on a Sparc server, and received this
message:
configure: error: Unsupported CPU for
Trying to compile on Solaris 10 i386, gcc 4.4.3 gives the following
make all-recursive
make[1]: Entering directory `/home/chris/apps/mail/clamav-0.96rc1'
Making all in libltdl
make[2]: Entering directory `/home/chris/apps/mail/clamav-0.96rc1/libltdl'
make all-am
make[3]: Entering directory `/
On Thu, 11 Mar 2010, Török Edwin wrote:
> Solaris defines CS as 15, which causes an error when CS is used as a
> parameter/variable name.
> Please open a bugreport on bugs.clamav.net so we can track this.
Bug #1878 openeed
==
Chris Candrev
It seems this has brought out people who don't normally read this list. Let
me save you some tilting at windmills.
The philosophy of the ClamAV team has always been, when in doubt clamd will
not run. There are many people, myself included, who disagree with this. We
have made our objections kn
On Fri, 16 Apr 2010, Giampaolo Tomassoni wrote:
> It is not something to do know, but instead something that could have been
> done introducing 0.96...
Giampaolo: There are lots of things that COULD be done, but it is not the
philosophy of the ClamAV project.
As I said, the devs have made it c
On Fri, 16 Apr 2010, Gary MacKay wrote:
> OK, who's the mental midget that decided to just up and kill all
> installations of clamav ??? I am flooded today with calls that email
> servers are not working! Every d*(n one of them is the same thing.
> ClamAV just died. Stupid I have ne
On Fri, 16 Apr 2010, Giampaolo Tomassoni wrote:
> The ClamAV team have commanded old versions of its product to stop working.
I would not describe what they did that way.
Older versions of clamd were going to crash on signatures that newer
versions would accept, and the devs have been prevented
On Sun, 18 Apr 2010, Simon Hobson wrote:
> And you can cut the crap about "well you should have configured your
> system to not stop when ClamAV stopped" - that's rubbish because it's
> already been made perfectly clear right at the start of one of these
> threads that the project team consider
On Wed, 21 Apr 2010, lists wrote:
> Doesn't change a thing. If you threaten me with a course of action, if I
> fail to do something that is blackmail. It's nothing else. It does not
> matter if the product is free.
Oh come on. If I tell you you'll get wet when if you go out in the rain
without
On Wed, 21 Apr 2010, Simon Hobson wrote:
>
> No, according to certain people on this list, you are a cretin, and
> incompetent to even handle the off switch of a computer. If you check the list
> archives - particular for threads "(no subject)" and "Those EOL tweets" you'll
> see that you are far
> On Wed, 21 Apr 2010, Simon Hobson wrote:
>
> >
> > No, according to certain people on this list, you are a cretin, and
> > incompetent to even handle the off switch of a computer. If you check the
> > list
> > archives - particular for threads "(no subject)" and "Those EOL tweets"
> > you'll
On Wed, 21 Apr 2010, Eray Aslan wrote:
> Knowingly disabling running software on computers that is not your own
> is not acceptable. It is immoral, unethical and perhaps illegal.
But that's not what happened.
==
Chris Candreva -- ch...@we
On Wed, 21 Apr 2010, Eric Rostetter wrote:
> > See above, that does NOT in any way constitute requesting my permission.
>
> Sure it does. Legally, in the US, when I want to do something that I'm
> legally required to inform the community about, all I have to do is take
> out an ad in the local
On Wed, 21 Apr 2010, Bill Landry wrote:
> Yes, amended to requre "certified main or personal delivery". Thus it
> appears that your example is diametrically opposed to your argument that
> only minimal notification is required.
No, my point is if you don't pay attention, you may wake up one morn
On Wed, 21 Apr 2010, Bill Landry wrote:
> Doesn't agree with the example you provided, is all I'm saying, not
> without notification via "certified mail" or "personal delivery", which
> takes notification to a much higher standard and requirement then you have
> been trying to justify.
The exampl
On Wed, 21 Apr 2010, Bill Landry wrote:
> > For me, the lesson I take is to always be aware of the laws in your
> > locality. And the policies of the software you use.
>
> Oh yeah, and I bet you read the public notifications in your local paper
"Be aware of the laws" != "read the public notifica
On Wed, 21 Apr 2010, Simon Hobson wrote:
> - It is a simple fact that the purpose of this update was to make running
> software break.
I disagree with that statement because it's incomplete.. The purpose of this
update was to make running software break WITH A DESCRIPTIVE ERROR .
Important diff
On Thu, 22 Apr 2010, Steve Wray wrote:
> This is part of the attitude problem from many open source projects.
>
> They are (too often) run by technicians and programmers with no input from the
> business side.
IMHO, open source projects don't have a business side.
Opensource projects exist for
On Fri, 23 Apr 2010, Simon Hobson wrote:
> So, it still runs the software it used to run ? Yes
> It's running software that is EOL ? Most definitely
> And Microsoft have sent it a poison pill ? No they haven't
And is it hitting Microsoft's servers for full updates even when it should
only be do
On Fri, 7 May 2010, Toby Bryans wrote:
> The very latest update causes the following debug output. A quick search on
> twitter finds someone else with similar issues too.
>
> @40004be3ecf5208b0ff4 LibClamAV debug: Initialized 0.95.3 engine
> **
On Fri, 7 May 2010, G.W. Haywood wrote:
> Hi there,
>
> On Fri, 7 May 2010, Luca Gibelli wrote:
>
> > We apologise for the inconvenience.
>
> http://www.mail-archive.com/clamav-users@lists.clamav.net/msg33265.html
http://www.mail-archive.com/clamav-users@lists.clamav.net/msg34794.html
==
On Sat, 8 May 2010, G.W. Haywood wrote:
> http://www.mail-archive.com/clamav-de...@lists.clamav.net/msg03353.html
I look forward to your patch.
==
Chris Candreva -- ch...@westnet.com -- (914) 948-3162
WestNet Internet Services of Westchest
On Tue, 11 May 2010, Wolfgang Breyha wrote:
> Hi!
>
> Most of my clamd died today after freshclam updated to...
> bytecode.cld (version: 16, sigs: 3, f-level: 51, builder: nervous)
What version of ClamAV are you running ?
==
Chris Candreva
On Wed, 22 Dec 2010, Tomasz Kojm wrote:
> > It said these were deprecated so I commented the two lines out and now
> > no more warnings. However, was this a wise thing to do or have I
> > misinterpreted the deprecating message? What would those who are more
> > familiar with clamav advocating?
>
On Wed, 22 Dec 2010, Tomasz Kojm wrote:
> >May I suggest for the future a --checkconfig option to clamd (and
> >clamav-milter) that would parse the config file, report any such
> >errors, and
> clamconf is already doing this.
Thanks for reminding me about that !
=
On Wed, 19 Jan 2011, Roy McMorran wrote:
> The virus submission page won't let me upload my sample though - "Result: This
> file is not detected by ClamAV". How can this be?
I've just tried to submit a virus sample and am running into the same issue.
Some testing shows that neither clamscan not
On Wed, 19 Jan 2011, Christopher X. Candreva wrote:
> On Wed, 19 Jan 2011, Roy McMorran wrote:
>
> > The virus submission page won't let me upload my sample though - "Result:
> > This
> > file is not detected by ClamAV". How can this be?
>
> I&
On Thu, 9 Jun 2011, Luca Gibelli wrote:
>
> Dear ClamAV users,
>
>
> This is a bugfix release recommended for all users. Please refer to the
> ChangeLog file for details.
>
> Download : http://downloads.sourceforge.net/clamav/clamav-0.97.1.tar.gz
FYI to any Solaris users, my compile failed on
On Mon, 11 Jul 2011, James Ralston wrote:
> We are in a situation where we have multiple hosts that need to run
> ClamAV, but those hosts are highly restricted in what outbound
> Internet access they have. Thus, we need to run a local ClamAV
> mirror.
I have one machine run freshclam, and use rs
On Wed, 7 Sep 2011, Luca Gibelli wrote:
> If anyone can provide a CVD mirror in US, please contact me directly.
> We definitely need more capacity in the db.us.clamav.net RR.
What sort of bandwidth do the mirrors use, as in what would be a typical
burst or peak load - 5mbit/sec, 10mbit/sec, etc
On Mon, 12 Sep 2011, Nathan Gibbs wrote:
> >> Anyways, 5TB comes at 2MB/s average, which is not that much. I can do it
> >> with my $15 OVH/Kimsufi box and so do probably thousands of others.
> >
> > Perhaps, where you live. Here, in the good'ole USofA, if I set up a
> > server to feed 170 GB/da
On Wed, 14 Sep 2011, Dan wrote:
> At 7:44 AM -0500 9/14/2011, Noel Jones wrote:
> > On 9/14/2011 2:29 AM, sys...@ra-schaal.de wrote:
> > > i made some changes to the firewall. if it works be now, please
> > > mail me as soon as possible.
> >
> > I started getting successful updates from 88.198.
Solaris 10, gcc 4.6.3, Program.cc gives the folloing errors:
..
CXXProgram.lo
In file included from llvm/lib/System/Unix/Program.inc:34:0,
from llvm/lib/System/Program.cpp:52:
/usr/include/spawn.h:42:14: error: expected ',' or '...' before 'argv'
/usr/include/spawn.h:50
On Tue, 18 Jun 2013, Joel Esler wrote:
> If I would have written back and said "ClamAV's db includes detection for
> malware on all operating systems" someone would have wrote back and said
> "all operating systems? srsly? 4real? all?"
OK, who has some old Apple ][ boot sector viruses so we
On Wed, 21 Aug 2013, Robert wrote:
> I've been hit by this also (started around 2:50pm today UK time).
> All the FP's are via the same MBL_349876.
>
> I've commented out the MBL lines in the /etc/clamav-unofficial-sigs.conf
> file and killed all MBL sigs for now.
I had 10 different sigs in mbl.n
On Sat, 7 Apr 2007, Odhiambo Washington wrote:
> | configure:22651: WARNING: 7.15.0 is too old. Need version 7.10.0 or higher.
>
> upgrade curl first!
Generally, 7.15.0 > 7.10.0 -- sounds like a problem with configure.
==
Chris Candreva
On Wed, 11 Apr 2007, Brian Morrison wrote:
> I'd say that it is more dangerous to stop mail delivery due to failed
> virus scanning than it is not to scan mail while clamd is unresponsive.
This all depends how much a cleanup of your entire network is going to cost.
==
On Tue, 8 May 2007, Steve Basford wrote:
> (depending if you want the phishing sigs or the scam sigs)
>
> Main:
> http://www.sanesecurity.co.uk/clamav/phishsigs/
> http://www.sanesecurity.co.uk/clamav/scamsigs/
The only problem is the lack of the final file-name in the URL. This breaks
my perl
On Fri, 1 Jun 2007, Noel Jones wrote:
> I seem to be having trouble with clamscan 0.91rc1 choking with the current
> daily.wmd file. It was working fine until the most recent db update.
I don't have this problem, but I don't seem to have a daily.wmd file in my
daily.inc either. I have daily.w
On Fri, 1 Jun 2007, Noel Jones wrote:
> fatfinger error on the name, I am referring to daily.wdb as the
> pasted session shows.
Ah, sorry. Bleary-eyed error not catching it in the sesion. :-)
> Are you using 91rc1? It's very repeatable here. I have
Yes, so far it has been running fine. My
On Mon, 18 Jun 2007, Peter Boosten wrote:
> clamdscan solved that issue, although I would have appreciated this
> effect *before* I upgraded to a newer release.
This keeps comming up, perhaps it needs to be addressed in the docs.
Could you tell us why you used clamscan instead of clamd/clamdscan
On Mon, 18 Jun 2007, Peter Boosten wrote:
> I had some problems running clamd on one of the machines a long time
> ago, and with mimedefang running clamscan is the second option (which
> had worked until sometime ago). So I configured mimedefang for clamscan.
Maybe it's time to ask the mimedefang
On Mon, 18 Jun 2007, Eric Rostetter wrote:
> Anyway, my point is, your millage may vary. Don't try to impose your views
> on everyone else.
Whoa here. Did you chime and and give a good way to use clamscan on
production ?
Every time this comes up the answer is "don't do it". If that is the answ
On Mon, 18 Jun 2007, Chris wrote:
> [EMAIL PROTECTED] ~]$ clamdscan phish1.txt
> /home/chris/phish1.txt: Access denied. ERROR
>
> I can't figure out why I keep getting this Access denied error. Anyone with
> any ideas?
Because you didn't RTFM. :-)
clamdscan passes the file name to clamd, which
I thought this problem had been pretty well beaten to death when
Sanesecurity added their mirrors. In any case I put the set of
scripts/Makefile I use on my web site:
http://www.westnet.com/~chris/Clamav/
These were not written for general distribution, so it is your
responsibility to check a
On Tue, 17 Jul 2007, Tom Bombadil wrote:
> Is anybody else experience a much higher load with 0.91 compared to 0.90.3?
Not seeing any higher load her, Solaris 8 on UltraSparc
Using clamav-milter with direct access to libclamav however, not the tcp
socket.
==
On Thu, 16 Aug 2007, Dennis Peterson wrote:
> I am running clamav on various versions (5.8 - 5.10) of Solaris on Sparc
> and Intel and have no problems with stability. I've built everything
> from scratch except gcc. I'm very happy with it.
I'm running clamav/clamav-milter 0.91.1 on Solaris 8 (
On Tue, 21 Aug 2007, John Rudd wrote:
> (filed as bug 631, but it's nothing new: CL_SCAN_STDOPT still doesn't
> include CL_SCAN_PHISHING_DOMAINLIST; that omission can cause crashing
The bug is protected so I can't look at it. However, is it enough to add
CL_SCAN_PHISHING_DOMAINLISt to the defi
On Mon, 24 Sep 2007, [EMAIL PROTECTED] wrote:
> after a while I get this:
>
> /sys/devices/pci:00/:00:06.0/config: OK
> /sys/devices/pci:00/:00:06.0/:17:00.0/host1/sfp: OK
> /sys/devices/pci:00/:00:06.0/:17:00.0/host1/vpd: Empty file
> /sys/devices/pci:00/:
On Fri, 28 Sep 2007, Jon Wagoner - Red Cheetah wrote:
> Yes, I'm periodically doing scans of the full drive. I could just skip
> the mysql directory, but that seems pretty bad security practice.
Why does it seem that way to you ?
I don't think scanning raw mysql database files is going to give
On Fri, 28 Sep 2007, Jon Wagoner - Red Cheetah wrote:
> It appears clamav just does a substring match on the exclude, so it
> would be easy to hide viruses. E.g. If I excluded .MYD, then you could
> just have your virus named somevirus.MYD and it would not be caught. If
I would not exclude *.MY
On Fri, 28 Sep 2007, Jon Wagoner - Red Cheetah wrote:
> > hidden
> > > in /home/someuser/var/lib/mysql/my-virus-here.
> >
> > Users should not be able to write to that directory at all, it should
> > be
> Take a closer look, that's not the real mysql directory, just a
> subdirectory under the us
On Fri, 7 Dec 2007, john wrote:
> am running fedora 6
Fedora 6 is end of life -- there aren't going to be updated packages for it.
You can compile it youself from source, or upgrade to Fedora 7 or 8
==
Chris Candreva -- [EMAIL PROTECTED]
On Mon, 7 Jan 2008, c0uchw4rrior wrote:
> On Sun Dec 30 there was a post to the Full Disclosure mailing list
> regarding several vulnerabilities in ClamAV 0.92. I haven't seen any
> discussion on the clamav-devel list and can't seem to find a Bugzilla
> entry for these issues.
Check the archives.
On Tue, 12 Feb 2008, shuttlebox wrote:
> I thought so since I had tried scanning with it and it worked but when
> I try to get the version info mine also segfaults. :-(
Interesting -- yes, it does actually scan, just --version causes the
segfault.
==
On Tue, 12 Feb 2008, shuttlebox wrote:
> Maybe you could also try the packages from Blastwave?
>
> http://www.blastwave.org/packages.php/clamav
Wow, this is a switch -- don't we usually tell people they are better of
compiling from source ? :-)
Seriously, do you have a reason to think this par
On Tue, 12 Feb 2008, Randal, Phil wrote:
> clamscan --version behaves differently in 0.92.1 to 0.92
>
> # clamscan --version
> ClamAV 0.92.1
I seem to have a bigger problem:
[castor]:~/apps/mail/clamav-0.92.1/clamscan$ ./clamscan --version
Segmentation Fault
Solaris 8, gcc 4.2.2
On Mon, 3 Mar 2008, Independent Edit wrote:
> Currently running ClamAV 0.90.3 on an OS X Server installation.
You are running an outdated version. Current release is 0.92.1
There were many performance improvements since 0.90.x
==
Chris Can
On Mon, 7 Apr 2008, Tilman Schmidt wrote:
> I have ClamAV running on several Linux mailservers. All of them stopped
> working last night with similar symptoms:
In terms of the freshlcam failing, I had the same problem last night.
However, I run freshclam on a separate machine from my mail serve
The same problem seems to have just happened again. For the past few hours
my jobs has been returning errors . Before I post the details I'll put the
question here -- is anyone else seeing mirror issues or should I be looking
for a local problem ?
These were the errors my regular job (freshcl
On Mon, 7 Apr 2008, leonel wrote:
> the daemons of 1 server died to last night but that server had the
> freshclam as a daemon the other servers have the freshclam in the crontab
I should say -- I'm not the one who had servers die last night, just errors,
What I wanted to find out was anyone
On Mon, 14 Apr 2008, Matthias Häker wrote:
> is there any change in the conf ? ort anything else i should look for ?
Uhm, yes:
* clamd:
- NEW CONFIG FILE OPTIONS: MaxScanSize, MaxFileSize, MaxRecursion,
MaxFiles
- ** THE FOLLOWING OPTIONS ARE NO LONGER SUPPORTED **: MailMaxRecursion,
On Thu, 22 May 2008, [EMAIL PROTECTED] wrote:
> http://downloads.sourceforge.net/clamav/clamav-0.93rc1.tar.gz
That's an old version -- 0.93rc1 not 0.93.1rc1
However, the initial message said that the new release candidate would be
released SOON -- not that it has been released.
===
Just built and the resultant clamscan and clamav-milter both segfault when I
attempt to run them.
built with gcc 4.3.0 on Solaris 8 Sparc
The last lines with --debug enabled are
LibClamAV debug: Loading databases from /usr/local/share/clamav
LibClamAV debug: in cli_cvdload()
LibClamAV debug:
On Mon, 11 Aug 2008, David F. Skoll wrote:
> S:220 smtp.example.net Go ahead
> C:MAIL FROM:<[EMAIL PROTECTED]>
> S:220 Sender OK
> C:RCPT TO:<[EMAIL PROTECTED]>
> S:451 Greylisted... try again later
> C:RCPT TO:<[EMAIL PROTECTED]>
> S:451 Greylisted... try again later
> C:DATA
> S:500 Need recipie
On Mon, 18 Aug 2008, Brian Morrison wrote:
> FWIW it built quite happily on my RH9 (I know!) box with no changes
> needed to my spec file. As yet I have not actually installed and run
> the resulting rpms.
Built and run here on Solaris 8. I have clamav-milter running on a test
machine.
On Thu, 21 Aug 2008, Henrik K wrote:
> Who cares if it scans 100ms or 20ms. I prefer features and stability more
For those of us who use it as an incoming mail scanner (which I seem to
recall being the primary focus of clam from statements on this list) it
matters a great deal. The rate of scan
On Tue, 9 Sep 2008, Andrew McGlashan wrote:
> It was hard enough finding a player that works in Windows. is there a
> better format?
If you view the stream, it downloads a Java player that worked in Linux.
Maybe they have a stand-alone java player that will let you play the
downloaded file
Yes, I know I am about to contradict myself.
> GESBBB wrote:
> > Is there any reason you cannot read the documentation prior to
> > installing a newer version?
Anyone using a package manager will have the new software installed before
they can read the documentation.
On Fri, 3 Oct 2008, Col
On Fri, 3 Oct 2008, Eric Rostetter wrote:
> Not true. I have a package manager installed on all my machines. But they
> do NOT do automatic updates... The above is only true of those who have
> a package manager installed and configured to do automatic upgrades.
But you are on this mailing lis
I have started testing the new clamav-milter. We had been doing some
specialized procvessing with the old one, and I am trying to see if we can
do this with the new one.
We reject (5xx) viruses in the initial connection. We use the postmaster
notify feature, and feed those message to a script
For everyone (or maybe the one) asking why the DNS system exists, as the
person who came up with the idea in the first place (or the idea of stealing
it from the DNSbls ) I thought I would provide a link to the original
discussion in which is was hashed out ( beaten to death) back in 2004:
h
On Mon, 1 Dec 2003, Patrik wrote:
> I have not generated a new /etc/mail/sendmail.cf.
> I not really familiar with sendmail.cf, how do I generate a new one?
Generally, m4 sendmail.cf
==
Chris Candreva -- [EMAIL PROTECTED] -- (914) 967-7
On Thu, 4 Dec 2003, jef moskot wrote:
> I've heard of a new strategy for spreading viruses/worms. The victim
> receives a message with an attached passworded zip file. The password is
> included in the text of the message.
Off-hand I don't see this being a large threat. You are counting on peop
On Fri, 9 Jan 2004 [EMAIL PROTECTED] wrote:
> i installed clamav via the instructions quite a long time ago. i run it via
> qmail-scanner. clamd is running, and messages are scanned by clamscan. so
> where does clamdscan come in?? there's very little mention of clamdscan in
Use clandscan instead
On Fri, 9 Jan 2004 [EMAIL PROTECTED] wrote:
> thanks. i suspect my invocation needs to be different - when i switch from
> clamscan to clamdscan, messages are processed - for example - rather than
> taking 10 seconds, 20 seconds, etc with clamscan, they claim 'ok' in .1
> seconds, .7 seconds, etc
On Fri, 9 Jan 2004 [EMAIL PROTECTED] wrote:
> following up on my own message here - the name clamdscan implies a daemon
> unto itself, that's why it seems - odd - if clamdscan is to be invoked the
Ah. Therein lies your problem. clamdscan means "scan by sending to clamd" .
On Sun, 11 Jan 2004, OpenMacNews wrote:
> my db updates have *suddenly* stopped working after no prior problems for ages.
Same here for update at 19:50 EST (GMT -500)
Rerunning at 20:03 is going very slowig -- about a minute so far at
Reading CVD header (main.cvd): OK
==
On Sun, 11 Jan 2004, Christopher X. Candreva wrote:
> > my db updates have *suddenly* stopped working after no prior problems for
> > ages.
>
> Same here for update at 19:50 EST (GMT -500)
21:31 EST -- still not able to update:
# freshclam
ClamAV update process started a
On Mon, 12 Jan 2004, Payal Rathod wrote:
> I updated my definitions just 1 mins back. They seem ok.
> -Payal
23:36 EST -- started to go like it was working, then it hung up about a
minute ago.
==
Chris Candreva -- [EMAIL PROTECTED] -- (914
On Mon, 12 Jan 2004, Mick Pollard wrote:
> Just worked here after failing earlier in the day.
Checking the logs, updates started working at 4:50 AM this moring (Monday)
==
Chris Candreva -- [EMAIL PROTECTED] -- (914) 967-7816
WestNet Inte
On Tue, 13 Jan 2004, Abyot Asalefew wrote:
> I have installed gmp-4.1.2 for 32 bit ABI support according to clamav
> documentation.
FYI, for anyone else having trouble compiling GMP on Solaris 8 with
gcc 3.3.2 on Ultrasparc hardware, I needed these CFLAGS to make it work:
-m64 -Wa,-xarch=v9 -mc
I take that back - it didn't work. clam complained the gmp library was not
compatable.
Solaris 8 on UltraSparc, gcc 3.3.2 , gmp 4.1.2
Last I tried compileing gmp with CFALGS blank. gmp built OK, but clamav now
says in configure:
checking for __gmpz_init in -lgmp... no
checking for mpz_init in -
Thanks to everyone who mentioned ABI=32 . Obviously that did it. However . .
> There is a README of FAQ addressing this. But the quick answer is...
In fairness though, gmp is NOT mentioned in the 0.65 README file, and FAQ is
rather sparse. README says a change to the mirrors system is noted in
On Tue, 27 Jan 2004, Matthew Trent wrote:
> Since the SCO virus has a list of common first names it couples with domains
> it finds, one of our employees, "[EMAIL PROTECTED]" got a bunch of
> undeliverable bounces back (unknown users, etc.). These bounces contain the
> full virus in the form of th
I take that back -- one of my users just sent me a bounce with the full
virus in it.
==
Chris Candreva -- [EMAIL PROTECTED] -- (914) 967-7816
WestNet Internet Services of Westchester
http://www.westnet.com/
---
On Mon, 26 Jan 2004, Rick Macdougall wrote:
> I've blocked over 1000 of them in the last hour or so since I forced a
> freshclam.
Oddly enough, Spam Assassin picked one up for me at 4:45 PM EST here. at
4:50, my hourly cron job ran, updated the DB, and I've been filtering them
ever since.
Seem t
On Mon, 2 Feb 2004, Daniel Wiberg wrote:
> Just a thought, user clamav does not have write permissions in the log
> directory, so logrotate, which I guess runs as root should create the new
> files also, owned by user clamav.
>
> Or did I overlook something?
That could be it. If clamav opens the
On Tue, 17 Feb 2004, Brian J. France wrote:
> I am hooking clamscan into a procmail filter like this:
>
> :0
> CLAMAV=|/usr/bin/clamscan --disable-summary --stdout --mbox -
This looks like a variation of my script -- but you've made changes that
will keep it from working, such as remving the back
Assumeing Clam already has a signature for this one, what name is Clam
useing for it ?
http://securityresponse.symantec.com/avcenter/venc/data/w32.bizex.worm.html
==
Chris Candreva -- [EMAIL PROTECTED] -- (914) 967-7816
WestNet Internet Se
On Wed, 3 Mar 2004, Antony Stone wrote:
> I agree that anti-virus software should look for viruses and either reply
> "virus found" or "virus not found". The latter is not, of course, the same
> as saying "no virus present".
Yes, but in the same way you might get a "Can't open file, no permissi
Less than an hour after our users started getting a new virus pretending to
be from their mail administrator, Clam started picking it up as
Worm.Bagle.Gen-1 Congrats !
However, there seems to be a password protected zip version of virus too.
Since this is a new virus, does it come under the "do
On Thu, 1 Apr 2004, Kai Lien wrote:
> INPUT_MAIL_FILTER(`clmilter',`S=local:/var/clamav/clmilter.socket,
> F=, T=S:4m;R:4m')dnl
^ Could be that space. This is my line, I'm going to wrap differntly
to show each parameter. In my file it it's one line for INPUT_MAIL_FILTER
INPUT_MAIL_FILTER(
I've noticed that if clamd dies, clamav-milter returns a 4.x.x error so mail
is queued up.
However, it clamav-milter itself dies, such that the milter socket isn't
there, sendmail logs an error but mail continues through unscanned.
Is there a way to set up the milter so that mail receives a simi
On Fri, 2 Apr 2004, Jesse Guardiani wrote:
> Just for fun I tried setting the max thread limit to 100, and it's still hanging
> up every ten minutes or so like clockwork. This stinks.
I'm running into a similar problem with 0.68 clamav-milter hanging up under
heavy load.
I had max threads at 40
Received what looks like a brand new virus, not recognized by clam or
google.
I've just submitted it on the clam web site.
Headers below for people to add quick filters, full mbox avail at
http://www.westnet.com/~chris/NewVirus.mbox
==
Chr
On Sun, 4 Apr 2004, Antony Stone wrote:
> Sorry - I asked too soon. I downloaded the copy from your website and
> shovelled it through my mailserver, and got the following report:
:-) I was posting quickly and didn't mention the payload.
I based my assessment of it as a virus on the fact that
On Thu, 8 Apr 2004, Jack London Networks wrote:
> Okay, I like the --mbox support of clamscan. Problem is - now that I
> know there are infected messages in people's inboxes/other folders, I
> have very little information to go on to find and clean those
> messages. For example, I know a few pe
1 - 100 of 292 matches
Mail list logo
