On Wed, 2009-06-03 at 16:00 -0500, Javier Lopez wrote:
> Hi community,
>
> I would like to know if there is a way to send the e-mail messages that
> were clasified by clamav as "Infected Message" to a particulary e-mail
> account automatically as they are detected.
Yes. Using amavisd-new, I c
me.
I'd be happy to see it in the same twitter feed as the pattern updates.
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281, CNX
www.austinenergy.com
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
obably
want to do something like:
$ cat eicar.txt | clamdscan
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281, CNX
www.austinenergy.com
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
r clamav from rpm, then it's pretty easy to add a
patch like this to a specfile...
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281, CNX
www.austinenergy.com
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
off-list?
>
> Open a bugreport on bugzilla, and attach the example.
attach it to bugid 396, which I opened yesterday for the same cause.
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281, CNX
Austin Energy
http://www.austinenergy.com
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
On Thu, 2007-03-08 at 16:54 +0100, Ralf Hildebrandt wrote:
> * Don Drake <[EMAIL PROTECTED]>:
>
> > I would, but I'm getting the following error in Bugzilla:
> >
> > You are not authorized to access bug #396.
>
> I wonder why that is -- it's a stupid idea IMHO.
>
I believe all bugs are coded a
t
as default, and the new clamd.conf file provided by the RPM puts the
clamd.sock file in a different location.
In either case, cleaning up clamd.conf and restarting clamd will fix
your problem.
>
> Thanks
> Sebastian
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281, CNX
Austin E
blem, and ensure that freshclam does update properly? Thanks.
Instead of
AllowSupplementaryGroups
make it
AllowSupplementaryGroups yes
You will probably need to read through the whole freshclam.conf and
clamd.conf file to make those changes.
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281, C
uch file or directory
Check that /etc/init.d/clamd refers to an image in the same location
that you installed it. You might have put clamd in /usr/local/sbin, and
the init.d file might be referring to /usr/sbin, as an example.
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281, CNX
Austin Energy
http:/
the zip error that Nigel claims to have fixed in SVN, this
has been a near flawless upgrade.
> Thank you to all who answered my original email and to the ClamAV crew for
> the hard work you put into this effort.
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281, CNX
Austin Energy
h
d maybe you have set wrong
> >permissions/rights on the socket-"file".
> >
> >Sven
>
> clamd.conf is shown 644 root:root, should it be 644 clamav:clamav?
That's not the problem. /var/lib/clamav/clamd.socket, or wherever you
have put it, is the likely is
The only way it could
know would be using the Obsoletes: tag in the rpm itself, but you can
only fiddle with a specfile in a SRPM...
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281, CNX
Austin Energy
http://www.austinenergy.com
___
Help us build
erclient
deny from all
> Thanks for any help
>
> Chris
>
> ___
> Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
> http://lurker.clamav.net/list/clamav-users.html
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281, CNX
Austin Energy
h
es in the %doc section and it should do
fine.
While you are at it, upgrade to 0.90.3 ;-)
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281, CNX
Austin Energy
http://www.austinenergy.com
___
Help us build a comprehensive ClamAV guide: visit http://wiki.c
directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 25.20 MB
Time: 488.716 sec (8 m 8 s)
from the content, it appears to be marketing anyway, so it's not
critical, but advice on what to do with it would be appreciated.
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281, CNX
Austi
On Sat, 2008-12-06 at 17:29 -0800, Dennis Peterson wrote:
> Derek Currie wrote:
> > On Dec 6, 2008, at 12/06, 7:26 PM, Dennis Peterson wrote:
> >
> >> There is
> >> no naming standard.
> >
> > Again with the misinformation. There is, in fact, a naming standard,
Prove it.
> > and an organizatio
On Tue, 2009-03-17 at 16:59 +0200, Török Edwin wrote:
> On 2009-03-17 16:57, McDonald, Dan wrote:
> > On Tue, 2009-03-17 at 14:08 +, Steve Basford wrote:
> >
> >>> Is there a test string I can use to see if the SafeBrowsing code is
> >>> working properly? I've just set up 0.95RC2 with SafeB
naged to find 3 hits in the wild last week, out of about 181,000
messages. The messages were all identical
>
> You'd think someone at Google had the foresight to provide a test-URL.
--
Daniel J McDonald, CCIE #2495, CISSP #78281, CNX
Austin Energy
http://www.austinenergy.com
___
e historical oddities for when they
are bored.
> Does ClamAV's 10k not include
> variants in it's numbers, but does in fact cover them?
>
> If anyone can provide some info regarding this, that would be most
> appre
F.net email is sponsored by: IBM Linux Tutorials.
> Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
> Free Linux Tutorials. Learn everything from the bash shell to sys admin.
> Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
> __
respective of how
many times clamdscan is invoked. clamscan has to parse the virus
database each time clamscan starts up.
--
Daniel J McDonald <[EMAIL PROTECTED]>
Austin Energy
---
This SF.net email is sponsored by: Perforce Software.
http://www.perforce.com/perforce/loadprog.html
> ___
> Clamav-users mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/clamav-users
--
Daniel J McDonald <[EMAIL PROTECTED]>
Austin Energy
dering if you have GMP on your machine? It's needed to
> > verify the signatures of the new database files introduced with 0.65.
> >
> > /Peter Bonivart
--
Daniel J McDonald <[EMAIL PROTECTED]>
Austin Energy
---
T
gt; make install, it then starts catching viruses again. How do I fix this?
Make certain you remove all of the 6.5 freshclam binaries. There are
installed in a different place now, and your path may be finding the 6.5
one before the 6.0 one.
--
Daniel J McDonald, CCIE 249
he
log files. Then the original log file is compressed, which essentially
deletes the old file.
--
Daniel J McDonald, CCIE 2495, CNX
Austin Energy
---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Dev
y.cvd updated (version: 127, sigs: 688, f-level: 1, builder: tkojm)
Database updated (20675 signatures) from database.clamav.net
(152.66.249.132).
Clamd successfully notified about the update.
[EMAIL PROTECTED] clamav]#
Root has no problem. Is that limitation by design or accident?
--
Daniel J McD
an't open file /var/log/clamav/freshclam.log to write.
> > ERROR: Problem with internal logger.
> >
>
> does the "unprivileged user" have access to write to /var/log/clamav/ ??
>
Nope. It did not have write permission under 0.
On Fri, 2004-02-13 at 08:22, Nigel Horne wrote:
> On Friday 13 Feb 2004 1:58 pm, Daniel J McDonald wrote:
>
> > > does the "unprivileged user" have access to write to /var/log/clamav/ ??
> >
> > Nope. It did not have write permission under 0.65 either.
>
kit from IBM. Click Now!
> http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
> ___
> Clamav-users mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/clamav-users
--
Daniel J McDonald <[EMAIL PROTECTED]>
Austin Energy
---
On Mon, 2004-03-15 at 14:20, [EMAIL PROTECTED] wrote:
> Has the Ladmar.A virus been merged as a different virus? The count went
> down by 1 and Ladmar was removed. Any ideas?
It's been picking up false positives.
--
Daniel J McDonald <[EMAIL PROTECTED]&
d
> to av database?
Nope. Each zip file is created on the fly and encrypted with a random
password.
--
Daniel J McDonald <[EMAIL PROTECTED]>
Austin Energy
---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial
work.
--
Daniel J McDonald <[EMAIL PROTECTED]>
Austin Energy
---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fund
d ' ' -f 2 | sort |
> uniq); do
> echo -n "$VIRUS: "
> grep -c "$VIRUS" clamd.log
> done
Seems a tad repetitive:
grep FOUND clamd.log | cut -d \ -f 2 | sort | uniq -c
I'm sure someone could swap the final order for you...
--
Daniel
ich there was no alert, cranked in about
100 per day. Naturally, clamav caught them all.
--
Daniel J McDonald, CCIE 2495, CNX
Austin Energy
---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Dan
ip of this directory is set to user/group amavis.
> Do my clamav user/group have to have a read access on this directory, if yes
> could you tell me how to set it .
> And then as i think i have to learn more on how to define rights under a
> linux system, could you told me a good tutorial of
nt to uninstall Clamav
> and start over again. Can anyone tell me how to uninstall???
How did you install it the first time? If you used an RPM - just
# rpm -e clamav
If you installed from source, then you'll have to hunt down the pieces
and pull them out.
--
Daniel J McDonald <[EMAIL
nToo technologies. Learn everything from fundamentals to system
> administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
> ___
> Clamav-users mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/list
deliver higher performing products faster, at low TCO.
> http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3
> ___
> Clamav-users mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/
class now,
> and we'll give you the exam FREE.
> http://ads.osdn.com/?ad_id149&alloc_id66&op=click
> ___ Clamav-users mailing
> list [EMAIL PROTECTED]
> https://lists.sourceforge.net/li
rough my amavis-new box, about half of which
is SPAM or viral; load average is 0.2
clamd helps a lot.
--
Daniel J McDonald <[EMAIL PROTECTED]>
Austin Energy
---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thi
On Fri, 2004-04-30 at 12:21, Ken Goods wrote:
> Should have said I'm running clamav-0.70rc-1.i386.rpm Is there a newer
> version than this?
>
Yes, clamav-0.70 (not the release candidate) is out.
--
Daniel J McDonald <[EMAIL PROTECTE
he hour. On the hour clamd will check to
see if the .cvd files have changed - just in case freshclam failed to
notify clamd for whatever reason.
sample crontab entries:
47 1-23/2 * * * freshclam --quiet
57 1-23/2 * * * rsync -rtlzqe ssh --delete /var/lib/clamav/*.cvd
filter.ip.addr:/var/lib/cla
x27;s bound to)
> why ClamAV doesn't catch as many viruses as McAfee.
>
--
Daniel J McDonald <[EMAIL PROTECTED]>
Austin Energy
---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hi
On Fri, 2004-07-02 at 08:13, ghooton wrote:
> When I try to install clamav I get thefollowing :
> [EMAIL PROTECTED] ~]$ zcat clamav-0.74.tar.gz | tar xvf -
> zcat: clamav-0.74.tar.gz: not in gzip format
Some browsers automatically gunzip files when you download them.
--
7;s the cleanest way to make
certain you don't have any 0.65 flotsam lying about.
Always run freshclam after the upgrade before you start the mail daemon!
--
Daniel J McDonald <[EMAIL PROTECTED]>
Austin Energy
---
This SF.Net
;
250 Ok
rcpt to: <[EMAIL PROTECTED]>
250 Ok
data
354 End data with .
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Manual Test
$CEl... Your test virus here.
.
250 Ok: queued as B4256187515
quit
221 Bye
Connection closed by forei
atabase.net (IP: ???) failed.
The A rr for database.clamav.net is too big to fit in a UDP datagram, so
your DNS server has to allow TCP based queries in order to resolve the
name.
--
Daniel J McDonald, CCIE 2495, CNX
Austin Energy
---
This SF.Net ema
On Mon, 2004-07-12 at 17:10, Brian Morrison wrote:
> On Mon, 12 Jul 2004 15:59:32 -0500 in
> [EMAIL PROTECTED] Daniel
> J McDonald <[EMAIL PROTECTED]> wrote:
>
> > On Mon, 2004-07-12 at 15:04, Brian Morrison wrote:
> > > ERROR: Connection with clamav.database.n
On Tue, 2004-07-20 at 07:16, deborah malka wrote:
> I want to generate statistics about clamav : how many
> requests or mails infected ?
I'm using amavis-stats, which dumps that information into a set of
rrd's, and makes very pretty graphs.
--
Daniel J McDonald <[EMAIL
r in the same e-mail
as a .zip But I only know that from glancing through the release notes,
not any practical application or specific details. I am putting off
playing with amavis-new-20040701 until spamassassin 3.0 is officially
released.
>
> has anyone else encountered this? i can eas
by the way
you should be able to:
urpmi libbz2-devel libgmp-devel
and it will install automagically.
--
Daniel J McDonald, CCIE 2495, CNX
Austin Energy
---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE develope
e of the next
release
--
Daniel J McDonald, CCIE 2495, CNX
Austin Energy
---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads
gt;
>
> It’s a FreeBSD 5.2.1 with Qmail, Qmailscan, SA, ClamAV
>
>
>
> ~Jeffrey Kroll
--
Daniel J McDonald, CCIE 2495, CNX
Austin Energy
---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterpri
ed to remove all of the existing 0.70 before putting 0.75 in
production.
--
Daniel J McDonald <[EMAIL PROTECTED]>
Austin Energy
---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get you
s 0.75-1 have all the fixes
No, just a few critical ones.
> from CVS ? (Specificly the Solaris crashing ?)
That one is there:
* libclamav/mbox.c: Fix crash when debugging on SPARC
--
Daniel J McDonald <[EMAIL PROTECTED]>
Austin Energy
-
On Fri, 2004-07-30 at 14:27, Arthur Kerpician wrote:
> Hi,
> 1. I'm running ClamAV-0.73 on RH9 machine (qmail) and made all the
> updates,
0.73 doesn't support mangled MIME encoding. That was added in 0.75.
You probably want to upgrade to 0.75.1 at this point.
--
Daniel
more granular
logs using amavis-stats
--
Daniel J McDonald <[EMAIL PROTECTED]>
Austin Energy
---
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now
being
> printed clam is still working and stopping viruses
amavis tries clamdscan, if it fails it tries clamscan.
--
Daniel J McDonald <[EMAIL PROTECTED]>
Austin Energy
---
This SF.Net email is sponsored by OSTG. Have you noticed
d
be added to hot.cvd and the DNS TXT record changed. 10,000 users
pulling down a 2-3K file is not terribly hard for a server with decent
bandwidth
--
Daniel J McDonald, CCIE 2495, CNX
Austin Energy
---
SF.Net email is sponsored by Shop4te
esting. See
http://www.eicar.org/anti_virus_test_file.htm
--
Daniel J McDonald <[EMAIL PROTECTED]>
Austin Energy
---
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DV
can check mail by username or group association?
Amavis-new. All manner of tools for differentiating between users by
querying mysql, ldap, or files. Integrates clamav as well as
spamassassin...
--
Daniel J McDonald <[EMAIL PROTECTED]>
Austin Energy
---
or is that just
another way to move SPAM around?
--
Daniel J McDonald, CCIE 2495, CNX
Austin Energy
---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop
dem, in the snow, uphill both ways! And you're
complaining about a 4-hour delay? Young whippersnapper! ;-)
--
Daniel J McDonald, CCIE 2495, CNX
Austin Energy
---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterpris
to most of the customers we served. That
would have been in about 1989.
No e-mail viruses back then... No spam either.
--
Daniel J McDonald, CCIE 2495, CNX
Austin Energy
---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java E
-devel-4...
the "main" package will have the run-time binaries, but when compiling
your own code you need the -devel packages with source code and headers
so they can be linked into the image.
--
Daniel J McDonald, CCIE 2495, CNX
Austin Energy
ully clamav 0.80 will
be released around then too!). I might even put it on Mandrake 10.1
pre-2...
--
Daniel J McDonald, CCIE 2495, CNX
Austin Energy
---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE develo
o,
perhaps you are seeing spikes when an infected machine hits a
particularly poorly configured spam filter.
--
Daniel J McDonald <[EMAIL PROTECTED]>
Austin Energy
---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enter
zip routines at
that time. I though P9 was supposed to work just fine, but...
> > are you using the $bypass_decode_parts feature? If you are running an
> > older amavis-new, have you patched it recently?
>
> The $bypass_decode_parts feature is commented (so false by default)
Go
On Thu, 2004-09-09 at 09:33, Maurizio Marini wrote:
> Hi there
> i've already posted this last week:
> this morning i received this very suspiciuous email:
>
> >Lovely animals
Yeah, that's Worm.Bagel.AK
--
Daniel J McDonald <[
/usr/bin/freshclam
> make[2]: Nothing to be done for `install-data-am'.
> Making install in sigtool
> test -z "/usr/bin" || mkdir -p -- . "/usr/bin"
>/bin/sh ../libtool --mode=install /usr/bin/install -c 'sigtool'
> '/usr/bin/sigtool'
&
arse error at line 10: Unknown
> option ThreadTimeout.
This item was renamed from ThreadTimeout to ReadTimeout between 0.6x and
0.7x Just edit line 10 of /etc/clamav/clamav.conf with:
vi /etc/clamav/clamav.conf
10G2x~:wq
--
Daniel J McDonald, CCIE 24
looks at the attachments.
> The message has been quarantined as:
>/var/amavisd/quarantine/virus-20040909-095702-17085-07
go grab it and look carefully - you will match some magic-header from
file(1). You can either tweak magic or change the way amavis-new parses
the output from file
Anyone got a working clamav 0.80rc2 SRPM for Mandrake? I've worked on
it for a while and haven't been able to get it all correct, and don't
really have the time to re-engineer a wheel...
--
Daniel J McDonald, CCIE # 2495, CNX
Austin Energy
[
detecting statistics.
Clamav by itself doesn't know this information. I use AMaViS-new, which
does log all of that.
--
Daniel J McDonald, CCIE # 2495, CNX
Austin Energy
[EMAIL PROTECTED]
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
can try "amavis-stats"[1] if you like graphs, e.g.
> http://rekudos.net/amavis-stats/node/view/7.
and pflogsumm if you don't want graphs. I use both.
http://jimsun.linxnet.com/postfix_contrib.html
--
Daniel J McDonald, CCIE # 2495, CNX
Austin Energy
[EMAIL PROTECTED]
___
On Thu, 2004-09-30 at 18:37 +0200, Filbert wrote:
> Hi,
>
> The Bagle.AP (dd 29/09/2004) is only recognized by clamd 0.80rc3 (according to
> the message from the site below) and not by 0.75.1.
I caught Bagle.AP for three days with 0.75-1 before upgrading to
0.80rc3...
_
On Fri, 2004-10-01 at 11:36 -0700, [EMAIL PROTECTED] wrote:
> Does anyone know how many viruses we should be catching? I seem to
> remember having >40k and now we're at ~25k with 0.80rc3. Ideas?
>
> >> Database correctly reloaded (25384 viruses)
This is the correct number. if you had 40K befo
ac28
> d44c89708c4d00bcc6cacedbd24dbfd6 /var/lib/clamav/viruses.db2
>
--
Daniel J McDonald, CCIE # 2495, CNX
Austin Energy
[EMAIL PROTECTED]
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
ified about the update.
>
> However a few days ago I submitted about 1800 malware samples not
> recognized by ClamAV so expect more additions in spare time of
> maintainers ;-) (anyway a lot of Macro viruses was there, what about
> them ?)
26 of them released in 511...
On Mon, 2004-10-04 at 15:09 -0400, Scott Rothgaber wrote:
> On Jim's suggestion, I went looking for GMP-Devel. It does not appear to
> be available anywhere in non-RPM format. I also searched the list
> archives and didn't see any clear answers. If I built GMP from source,
> is -devel included?
app does'nt have this feature compiled.
you need to install clamav-milter and configure it appropriately to dis-
infect mail coming through sendmail.
>
> Could someone confirm me wheter I'm wrong or not, and how to solve it?
--
Daniel J McDonald, CCI
On Thu, 2004-10-07 at 09:37 -0500, Richard Humphrey wrote:
> Ever since upgrading to 8.0 rc1 I have been getting the following
> error when running freshclam.
>
> # freshclam
> ClamAV update process started at Thu Oct 7 09:39:32 2004
> ERROR: Can't query current.cvd.clamav.net
> Reading CVD heade
hat
makes an attractive way to send mail bombs, but the MaxCompressionRatio
allows you to stop that sort of thing from breaking your filter.
--
Daniel J McDonald, CCIE # 2495, CNX
Austin Energy
[EMAIL PROTECTED]
___
http://lists.clamav.net/cgi-bin/mail
;m running 0.75.1, so I'm wondering why I have this entry in the log as
> 0.80 only got released in the last few days
Because there are a significant number of signatures that require 0.80,
so this is a prompt to get you to upgrade.
--
Daniel J McDonald, CCIE # 2495, CNX
Austin
Am I the only one who sees several of the posters with embedded:
Content-Type: message/rfc822
that includes embedded text/plain attachments. Evolution opens them up
with only one extra step, but if I'm stuck with Outlook (or worse, OWA)
you have to open three levels of attachments to read the te
On Mon, 2004-10-25 at 08:00 -0400, Bart Silverstrim wrote:
> On Oct 24, 2004, at 3:29 PM, Mark Adams wrote:
> When you only install programs from source, how do you know when
> upgrading them that there aren't remnants of binaries or libraries
> scattered around the OS?
Well designed programs
; from directory /etc/cron.daily/ to /etc/cron.hourly ??
yes, and please add the line:
sleep $[ 900 + $RANDOM % 1800 ]
before the freshclam statement. That will randomize the time that you
check so that not everyone hits the update servers at the same instant.
--
Daniel J McDonald, CCIE # 24
On Fri, 2004-11-05 at 08:36 -0700, Carl Horne wrote:
> Hi,
>
> I have been using exim, exiscan, spamassassin, and clamav for while
> now. I have done a number of upgrades to each of them including clamav
> to keep up with changes. I have not been able to get clamav 0.80 to
> work. The exim erro
here have been three new versions since then
And the rest of us can just watch our statistics go up and grin with
glee.
--
Daniel J McDonald, CCIE # 2495, CNX
Austin Energy
[EMAIL PROTECTED]
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
On Mon, 2004-11-15 at 13:49 +, Nigel Horne wrote:
> FC3 ships with 1.2.1, and RH have yet to issue an update...
ditto for Mandrake 10.1
I think that might change if the zlib team would update
http://www.gzip.org/zlib which is described as the "canonical URL" ...
--
Daniel J M
and
without your input the system will collapse?
clamav kills bad things - that's good, and I'd like it to be able to
continue to kill bad things in the same expedient manner that it has in
the past.
--
Daniel J McDonald, CCIE # 2495, CNX
Austin Energy
[EMAIL PROTECTED]
___
Before I go re-inventing the wheel... Is anyone using clamav on a
web/ftp proxy, and if so, which?
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> /bin/sh: line 1: /usr/local/bin/freshclam: No such file or directory
>
> But there is nothing in the crontab file related to this. Any ideas?
/etc/cron.hourly/freshclam ?
--
Daniel J McDonald, CCIE # 2495, CNX
Austin Energy
[EMAIL PROTECTED]
_
:
NotifyClamd /etc/clamd.conf
--
Daniel J McDonald, CCIE # 2495, CNX
Austin Energy
[EMAIL PROTECTED]
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
are, not just e-mail, and
some pifs are actually useful.
I kill off that sort of thing using amavis-new.
--
Daniel J McDonald, CCIE # 2495, CNX
Austin Energy
[EMAIL PROTECTED]
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
the attachment and sending on to the
> client.
I'd suggest dropping them all. Other than a few word-macro viruses,
most everything still in the wild spoofs the sender address.
And, because of excessive backscatter, nobody believes anyone else's
virus scanner anyway, so it's be
On Tue, 2004-12-21 at 20:36 +, Nigel Horne wrote:
> Please do not send any more messages to [EMAIL PROTECTED] covering
>
> 1) knowbot
> 2) Unparsed header (1)
>
> Both of these have been addressed for a long time in CVS.
How stable is CVS these days? Are we approaching a 0.81?
There was a
h Mary's return address through Lucy's usual mail
relay, then when the relay gets a 554 it will send the DSN back to Mary,
often including the virus. Mary then gets infected and starts sending
mail with Joe's return address
Best to just smile and say "thanks" while yo
rcvd: 133
For some reason, that DNS request is failing from your system.
--
Daniel J McDonald, CCIE # 2495, CNX
Austin Energy
[EMAIL PROTECTED]
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
/bin or some such in the search path ahead
of /usr/bin/freshclam which probably is the correct version.
--
Daniel J McDonald, CCIE # 2495, CNX
Austin Energy
[EMAIL PROTECTED]
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
1 - 100 of 218 matches
Mail list logo
