Re: [Clamav-users] 0.93.1RC1

Nigel Horne wrote: > Dear All, > > As you may have seen, the first release candidate of 0.93.1 was > published earlier this week. > Compiled and is running fine in Solaris 9 on Sparc. Only oddity was temporary and identified in "Double downloads" thread. dp ___

Re: [Clamav-users] 0.93.1RC1

Jim Carhart wrote: > Opening Bugzilla account and posting full details, but this is a no-go > for Solaris 8 w/gcc 3.4.6. Similar to previous 0.93 issue, i.e. > undefined symbols associated with libbz2; > > [clamav-0.93.1rc1]# ./configure --enable-milter --enable-experimental > > [clamav-0.93.1r

Re: [Clamav-users] 0.93.1RC1

Jim Carhart wrote: > So I don't doubt I could successfully compile a new libbz2 and get it to > work with clamav on these systems, given enough time. Your suggestion is > valid, just not for my change managed deployment environment. Make sense? Sure - I have a similar problem with a server and

Re: [Clamav-users] 0.93.1RC1 (libbz issues)

Bowie Bailey wrote: > Mark Fortescue wrote: >> Hi Stephen, >> >> The issue here is that clamav configure does not detect that the >> installed libbz is not compatible with clamav (the libbz API has >> changed changed in the latest bzip2 package). >> >> My solution was to download and compile the la

Re: [Clamav-users] 0.93.1RC1 (libbz issues)

Ejaz wrote: > Hi, > Actually We are an ISP (CYBERIA) of Saudi Arabia, I have same issue as > described below although I have dowloaded latest bzip2 package from the > sunfreeware but no use, Please help us to solve this issue, > > Here is my solaris 8 box info, > I use a simple script

Re: [Clamav-users] 0.93.1RC1 (libbz issues)

Török Edwin wrote: >> > > Linking with pcre is no longer needed (and it has no effect), because > clamav uses an embedded regex engine. (since 0.92 IIRC) > ssl is also not needed. > Thanks for the reminder, Török. That was my script from my Sol8 lab system - last clam version built on it wa

Re: [Clamav-users] commad between unix and linux

alex liveti wrote: > hi there? iam haven a problem with one of 2 operating system UNIX and Linux. > the question is are this two the same or not is it possable to use the same > commad or are the difrent between them in commad? > Rgds I use ClamAV on both Linux and Solaris. There's no differe

Re: [Clamav-users] Description Trojan.VB-2953

Robert Schetterer wrote: > Ian Eiloart schrieb: >> --On 6 June 2008 11:03:22 +0200 Robert Schetterer <[EMAIL PROTECTED]> >> wrote: >> >>> Robert Schetterer schrieb: Hi @ll, where kann i find a description about Trojan.VB-2953 >>> sorry i slipped into German >>> should be >>>

Re: [Clamav-users] clamav-milter problem reject=553 5.3.0Rejected - see http://ordb.org/

Luis Hernán Otegui wrote: > Andreas: > > 2008/6/8 Andreas Schwantner, MAS, MSC, MPOS, Med <[EMAIL PROTECTED]>: >> >> Hi >> It was maybe a bad example >> I have the problem with all my mails i want to receive >> So all mails get a reject=553 5.3.0 Rejected - see http://ordb.org/ >> In the log, no m

Re: [Clamav-users] freshclam

Ejaz wrote: > I have this entry as uncomment "DatabaseMirror database.clamav.net" in my > freshclam.conf it works ok with me since so many days, > > I've isolated part of your problem: http://tinyurl.com/txoql dp ___ Help us build a comprehensive

Re: [Clamav-users] Frequency of virus attacks

fchan wrote: > Well, it appears that your lucky that you haven't been "discovered" > by spammers and botnets so they don't spam you with viruses and spam. > How about how many plain spam messages you get? The more "popular" > you are the more spam and viruses you will get. > I get an average

Re: [Clamav-users] unsubscribe

Todd Deering wrote: > In the mail headers of each message from this list there are instructions for properly unsubscribing. dp ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml

Re: [Clamav-users] freshclam (0.93.1) error

Frank Elsner wrote: > Hello ALL, > > today my freshclam (0.93.1) showed the error > > ERROR: cdiff_cmd_close: Can't apply XCHG at line 1 of daily.ign > ERROR: cdiff_apply: Can't execute command CLOSE > ERROR: cdiff_apply: Error executing command at line 4 > ERROR: getpatch: Can't apply patch > >

Re: [Clamav-users] freshclam (0.93.1) error

Dennis Peterson wrote: > Frank Elsner wrote: >> Hello ALL, >> >> today my freshclam (0.93.1) showed the error >> >> ERROR: cdiff_cmd_close: Can't apply XCHG at line 1 of daily.ign >> ERROR: cdiff_apply: Can't execute command CLOSE >> ERROR:

Re: [Clamav-users] freshclam (0.93.1) error

Török Edwin wrote: > Dennis Peterson wrote: >> Dennis Peterson wrote: >> >>> Frank Elsner wrote: >>> >>>> Hello ALL, >>>> >>>> today my freshclam (0.93.1) showed the error >>>> >>>> ERROR: cd

Re: [Clamav-users] Clamav know virus count reduced.

G.W. Haywood wrote: > > But it seems to me that there's hardly a week goes by without someone > posting to the list a new and interesting way in which his freshclam- > driven update has failed. > > Take today, for example. I haven't have a freshclam failure yet but I've had errors reported. Fr

Re: [Clamav-users] Clamav know virus count reduced.

Tomasz Kojm wrote: > On Wed, 02 Jul 2008 08:46:28 -0700 > Dennis Peterson <[EMAIL PROTECTED]> wrote: > >> Perhaps the solution is to report only true failures and not intermediate >> failures >> while on the path to success. > > the latest version of fr

[Clamav-users] cld vs cvd - (forked thread)

Noel Jones wrote: >> Where is "daily.cvd" ? > > > When incremental updates (the *.cdiff files) are applied, the > *.cvd file is replaced with a *.cld file. This replaces some > previous methods used for managing updates. I'm finding I end up with both a main.cld and a main.cvd file, and clam

Re: [Clamav-users] 0.93.3 memory doubling problem

Tomasz Kojm wrote: > On Fri, 11 Jul 2008 09:48:01 -0500 > Russell Jones <[EMAIL PROTECTED]> wrote: > >> >> .. the memory usage jumps to 131 megs and stays there. What is causing >> this, and how can I fix it? > > Please have a look at > https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1028 >

Re: [Clamav-users] 0.93.3 memory doubling problem

Stephen Gran wrote: > On Fri, Jul 11, 2008 at 09:52:43AM -0700, Dennis Peterson said: >> Tomasz Kojm wrote: >>> On Fri, 11 Jul 2008 09:48:01 -0500 >>> Russell Jones <[EMAIL PROTECTED]> wrote: >>> >>>> .. the memory usage jumps to 131 megs and

Re: [Clamav-users] Database correctly reloaded (0 signatures)

Oscar Usifer wrote: > Folks, > > On Monday, 12:49 Pacific Time, June 23, 2008 freshclam on my > production system updated the virus signatures and notified clamd. > During that time, clam did not properly reload the previously cited > 231780 plus signatures and as a result began marking all checke

Re: [Clamav-users] UNDETECTED EXECUTABLE

jean-paul wrote: > Not sure if it is a virus, but it sailed right through clam/symantec/and avg > > naturally not from where it claims > > From: United Parcel Service [mailto:[EMAIL PROTECTED] > > file name is ups_invoice.exe Jean-Paul Natola Did you submit it to the clamav virus

Re: [Clamav-users] Database correctly reloaded (0 signatures)

Oscar Usifer wrote: > It did *not* recover on it's own. I had to intervene. Unfortunately > not discovering that this occurred two weeks later, causing me to > have to go through 7K plus files to verify they are not virus files. > We could become legally liable as a result, but I doubt this is a >

Re: [Clamav-users] on-error-execute=COMMAND

Albert E. Whale wrote: > I am trying to get freshclam to execute a COMMAND whenever it encounters > an error. > > I have tested the /dir/ReportClamAv.sh script, and it works as > expected. However the command is not getting launched from the command > line. Any Suggestions? Sounds like it mig

Re: [Clamav-users] simplest replacement for ancient amavis-perl

Gerard wrote: > On Thu, 7 Aug 2008 11:36:32 -0400 (EDT) > jef moskot <[EMAIL PROTECTED]> wrote: > >>> You did not mention your MTA. >> Oops, sorry. We're married to sendmail at this point. > > Would you entertain a divorce? > > IMHO, switching to Postfix might very well make your life easier.

Re: [Clamav-users] simplest replacement for ancient amavis-perl

jef moskot wrote: > > Any advice would be welcome, including "STFU and RTFM", as long as you can > point me to a decent manual. Thanks! I've been using J-Chkmail for years and I love it because there is no Perl (I really like Perl but I hate CPAN - two or more trips to CPAN to get something w

Re: [Clamav-users] Using ClamAV with Dspam - how do I verify it's working?

Jeff Weinberger wrote: > Hi: > > Pardon me if this is obvious - I'm new to both Dspam and ClamAV. > > I built Dspam with --enable-clamav, ensured that: dspam.conf has: > > ClamAVPort3310 > ClamAVHost127.0.0.1 > > and clamd.conf has: > > TCPSocket 3310 > TCPAddr 127.0.0.1 > > I see (fr

Re: [Clamav-users] simplest replacement for ancient amavis-perl

David F. Skoll wrote: > [EMAIL PROTECTED] wrote: > > [...] > >> What backscatter? If done at SMTP the only person that should be >> notified is the sender. > > I see. And it's impossible for a virus to forge MAIL FROM:, is it? > That is the concern of the connecting system - they will suffer

Re: [Clamav-users] simplest replacement for ancient amavis-perl

David F. Skoll wrote: > [EMAIL PROTECTED] wrote: > >> No need to be condescending about it. I have no problem taking it off >> list and explaining how you are mistaken. > > OK, look. I guess I need to spell it out for you. > > End-user PC has virus. Virus does this: > > telnet isps-smtp-serv

Re: [Clamav-users] Clamav phishing sigs

Noel Jones wrote: > Darren G Pifer wrote: >> Chambers, Phil wrote: >>> Take a look at >>> >>> http://iserv.rs-hilter.de/doc/clamav-0.91.2/signatures.pdf >>> >> I have seen this document but it does not show how to add signatures >> to a database OR for clamd to detect the phishing e-mail. I w

Re: [Clamav-users] simplest replacement for ancient amavis-perl

rick pim wrote: > > On Fri, 8 Aug 2008, Charles Gregory wrote: >> Well, first of all, yes it IS. It's *everyone's* problem. That forged >> address could be on *your* server, and *you* get the backscatter from some >> other victim system that also "doesn't care what the ISP does with it"... > > wh

Re: [Clamav-users] simplest replacement for ancient amavis-perl

[EMAIL PROTECTED] wrote: > > I meant to imply that when the ISP does not virus filter and the > recipient silently drops the message the problem never gets resolved > because nobody is made aware of it. The ISP customer will continue > to be infected and continue to send out garbage. I suppose

Re: [Clamav-users] simplest replacement for ancient amavis-perl

G.W. Haywood wrote: > On the point about accepting and then rejecting, no, you misunderstand > the SMTP conversation. It is perfectly possible to read an entire mail > message and yet still reject it. Presuming you mean the message is read up to the final cr.cr, this is true. It is the last de

Re: [Clamav-users] Using ClamAV with Dspam - how do I verify it's working?

Jeff Weinberger wrote: > > Thanks Dennis - much appreciated!! > > I've looked at the log files and all they are recording is the virus- > updated-induced reloads. So I'm not sure what's happening. > > I assume ClamAV would only report anything at all (even to log files) > if it was handed a

Re: [Clamav-users] simplest replacement for ancient amavis-perl

Charles Gregory wrote: > On Mon, 11 Aug 2008, rick pim wrote: >> > > prime advantages of greylisting -- the fact that it will never >> > > block 'real' mail -- turns out, um, not to be true. there are so many >> > > standards-noncompliant MTAs out there >> .. some of the offenders are hi

Re: [Clamav-users] Sanesecurity: new database

Tomasz Kojm wrote: > > libclamav is right, the entry at the line 53 in rogue.hdb is incorrect > (double colon > before the virus name) > Interesting that clamscan -d rogue.hdb didn't catch that, but the error also didn't cause clamd to die nor even fail to find viruses. dp __

Re: [Clamav-users] Sanesecurity: new database

Tomasz Kojm wrote: > On Mon, 18 Aug 2008 08:09:18 -0700 > Dennis Peterson <[EMAIL PROTECTED]> wrote: > >> Tomasz Kojm wrote: >> >>> libclamav is right, the entry at the line 53 in rogue.hdb is incorrect >>> (double colon before the virus name) >>

Re: [Clamav-users] announcing ClamAV 0.94rc1

G.W. Haywood wrote: > Hi there, > > On Tue, 19 Aug 2008 Brian Morrison wrote: > >> On Mon, 18 Aug 2008 10:59:29 +0100 G.W. Haywood wrote: >> >>> On Mon, 18 Aug 2008, Luca Gibelli wrote: >>> ... release candidate for 0.94. >>> I started to download it, but when I saw that it was going to be j

Re: [Clamav-users] announcing ClamAV 0.94rc1

Charles Gregory wrote: > On Wed, 20 Aug 2008, Spiro Harvey, Knossos Networks Ltd wrote: >>> Bandwidth costs money. How big will the database have to grow before >>> the ClamAV team starts to take notice? Fifty megabytes? A hundred? >> Americans don't understand this dilemma. To them traffic is f

Re: [Clamav-users] announcing ClamAV 0.94rc1

reiner otto wrote: > It will be a bad day for all when poor people set the standards of > quality and functionality for the rest of the world. It will happen only > at the point of a gun. Get over it. Meanwhile, I believe you can pick > and choose what you need from the cvs server, no? > > dp >

Re: [Clamav-users] No viruses detected since 1711GMT August 29, 2008?

fchan wrote: > Hello, > Maybe it is just my mail server, but I noticed that I haven't > detected any virus infected email message since 1711 GMT August 29, > 2008 Send yourself a test file. There are several in the ClamAV distribution. dp ___ Help u

[Clamav-users] strcat(newname, ".UNOFFICIAL");

This little tidbit has really screwed up a lot of reporting code for me. Thanks but no thanks, I'll be taking it out. You might want to make this a configure switch for your users who know the difference between official and not official signatures. dp __

[Clamav-users] Abnormal end

What might have happened here: > clamdscan test /test/.split/split.clam.arjaa: Input/Output error ERROR ... $ clamscan test/.split ]$ clamscan test/.split test/.split/split.clam-upack.exeaa: OK test/.split/split.clam-upack.exeab: OK test/.split/split.clam.ole.docaa: OK test/.split/split.clam.ol

Re: [Clamav-users] Abnormal end

Dennis Peterson wrote: > What might have happened here: Should have added: Solaris 9, gcc 3.3.2. Also seeing the duplicate uniq_get in libclamav.map on one but not both sol 9 systems. dp ___ Help us build a comprehensive ClamAV guide: visit h

Re: [Clamav-users] Can't search wiki

Ian Eiloart wrote: > Hi, > > Why is it necessary to log in to the wiki in order to use the "search" > function? > > > This works very well for me: Google.com pattern site:wiki.clamav.net/ dp ___ He

Re: [Clamav-users] Webinar Recording

Bill Maidment wrote: > On Mon, 08 Sep 2008 12:53:48 +0100, Nigel Horne wrote >> Folks, >> >> Edwin's Webinar given last week on the topic of 0.94 is now available >> for download >> from >> > https://sourcefire.webex.com/sourcefire/lsr.php?AT=pb&SP=EC&rID=12075182&rKey=51C99713B66EECED > > So ho

Re: [Clamav-users] Webinar Recording

Bill Maidment wrote: > On Mon, 08 Sep 2008 17:39:16 -0700, Dennis Peterson wrote >> Bill Maidment wrote: >>> On Mon, 08 Sep 2008 12:53:48 +0100, Nigel Horne wrote >>>> Folks, >>>> >>>> Edwin's Webinar given last week on the topic of 0.94

Re: [Clamav-users] Weird Freshclam behaviour

Brandon Perry wrote: > What do you make of this? > With --enable-experimental: > > [EMAIL PROTECTED]:~/tmp/clamav-0.94/freshclam$ ./freshclam -V > ClamAV 0.94-exp/8190/Mon Sep 8 08:45:44 2008 > [EMAIL PROTECTED]:~/tmp/clamav-0.94/freshclam$ > > Without: > > [EMAIL PROTECTED]:~/tmp/clamav-0.94/f

Re: [Clamav-users] Virus not detected on Linux/MacOSX

fchan wrote: > I read your links and I understand possible DoS and other issues but > to repeat Alexandre's idea, why is there no error message for file > that are too large to notify the admin so they can adjust clamd.conf > or other action. Right now this infected file passes through like if

Re: [Clamav-users] Virus not detected on Linux/MacOSX

Alexandre Biancalana wrote: > On 9/19/08, Dennis Peterson <[EMAIL PROTECTED]> wrote: >> fchan wrote: >> > I read your links and I understand possible DoS and other issues but >> > to repeat Alexandre's idea, why is there no error message for file >>

Re: [Clamav-users] Updating OS X Server version of clamav

Rob Lewis wrote: > Is there an explanation anywhere of how to update the version that's > included with OS X Server (Tiger)? In my case I downloaded the source, ran configure, make, and make install. Naturally it's necessary to uninstall any existing versions. The above instructions install c

Re: [Clamav-users] Lame mirror at [67.15.61.160]

Paul Griffith wrote: > On Thu, 25 Sep 2008 16:39:30 -0400, Michael Deutschmann > <[EMAIL PROTECTED]> wrote: > >> Lately I've noticed that freshclam is always running slowly for me. >> >> The problem appears to be that it is always first trying to use a mirror >> at [67.15.61.160], and there seem

Re: [Clamav-users] Stop it!

Colin Alston wrote: > On 2008/10/03 05:57 PM James Kosin wrote: >> Colin Alston wrote: >>> I've had enough now, and I want all you ClamAV people to listen up. >>> >> Hay, maybe the packagers could write a script or something to indicate a >> problem with the current configuration when it is being i

Re: [Clamav-users] Stop it!

Colin Alston wrote: > On 2008/10/04 12:50 PM Jerry wrote: >> From my experience, if an end user refuses to RTFM, adding additional >> reading material is not going to solve the problem. The needed >> documentation is all ready readily available. The motivation to fetch >> and read it are what is so

Re: [Clamav-users] Handling of unknown configuration lines (was Re: Stop it!)

Eric Rostetter wrote: > Quoting "Aecio F. Neto" <[EMAIL PROTECTED]>: > >> I don't agree with that, but let me put another option: >> 1) Break on unknown options >> 2) Ignore obsolete options and warn OP > > Valid in many cases... > >> If any Op (or poor user) adds an option like >> PleaseClamAVC

Re: [Clamav-users] Stop it!

Tonix (Antonio Nati) wrote: > Strange... > > A boring thread whose subject is stop it, does not stop! > > Tonino > Thanks for playing! dp ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml

Re: [Clamav-users] Stop it!

Aecio F. Neto wrote: > On Sat, Oct 4, 2008 at 5:15 PM, Bernd Petrovitsch <[EMAIL PROTECTED]> wrote: > users could take the appropriate action ASAP instead of finding out or having to check the logs on an hourly basis for problems. >>> You're (by you I mean everyone agreeing here with how

Re: [Clamav-users] Stop it!

David F. Skoll wrote: > Dennis Peterson wrote: > >> This seems a bit dramatic. Nobody is suffering. It takes but 10 minutes >> 3 or 4 times each year to visit and modify the ClamAV config files, if >> at all. Somebody's inner drama queen is getting the best

Re: [Clamav-users] Stop it!

Colin Alston wrote: > On 2008/10/04 10:55 PM Dennis Peterson wrote: >> configuration problems. You need to classify those machines and knock >> off some class-based templates and be done with it. I don't see that as >> a vendor problem. > > Of course it's a

Re: [Clamav-users] [0.0] Re: Handling of unknown configuration lines (was Re: Stop it!)

Charles Gregory wrote: > On Sat, 4 Oct 2008, Eric Rostetter wrote: >>> The principle of least surprise says >> But it is a big surprise when the action that old line was supposed to take >> is no longer taken... > > But NOT as big a surprise as NO FILTERING AT ALL. That's the sticking > point

Re: [Clamav-users] Stop it!

Charles Gregory wrote: > On Sat, 4 Oct 2008, Dennis Peterson wrote: >> Hopefully they're not running mail servers on the Internet elsewise they >> could easily be considered derelict in their responsibilities. > > Ah. Yes, I must be 'derelict' because there

Re: [Clamav-users] Stop it!

Bowie Bailey wrote: > Jerry wrote: >> From my experience, if an end user refuses to RTFM, adding additional >> reading material is not going to solve the problem. The needed >> documentation is all ready readily available. The motivation to fetch >> and read it are what is sorely lacking. > > I d

Re: [Clamav-users] Stop it!

John Smith wrote: > On 2008/10/7 Charles Gregory wrote: >> We only 'demand' the right to have our suggestions heard in their proper >> context, and not held up against the idealistic standards of the lucky >> few. > > I must say that for the disadvantaged, this has been a great debate. > However

Re: [Clamav-users] Stop it!

David F. Skoll wrote: > Dennis Peterson wrote: > >> So does Oracle, Apache, Python, Perl, MySQL, and a zillion other >> products. Dead processes are widely accepted to not be chatty. Pardon my >> Dennis Miller moment here, but I'm going to go ahead and blame the ad

Re: [Clamav-users] Stop it!

John Smith wrote: > > Dennis Peterson Wrote: >> And you've missed the point that some people here have claimed that >> their clamd process has silently failed and was off line for days, and >> other such claims. No amount of hand holding for creating config fi

Re: [Clamav-users] Stop it!

John Rudd wrote: > Dennis Peterson wrote: > >> With the tools we have available to us today there is no reason a failed >> process should remain a secret. >> > > Which does not explain the push-back on having the > applications/services/daemons provide better

Re: [Clamav-users] Announcing ClamAV 0.94.1 RC1

Tomasz Kojm wrote: > On Thu, 16 Oct 2008 13:43:12 +0100 > "Randal, Phil" <[EMAIL PROTECTED]> wrote: > >> I haven't had the time to check the source code. >> >> How does it send it? What protocol and port, to which servers? >> >> Anything that firewall admins will need to be aware of? > > It send

Re: [Clamav-users] Announcing ClamAV 0.94.1 RC1

Nigel Horne wrote: > Folks, > > 0.94.1 RC1 was published on schedule yesterday. Built fine but installed with errors on Solaris 9. Solaris has obsoleted ranlib but has a stub file, /usr/ccs/bin/ranlib. Configure found it and of course it failed. I renamed it and clamav built and installed fine.

Re: [Clamav-users] Announcing ClamAV 0.94.1 RC1

Stephen Gran wrote: > On Thu, Oct 16, 2008 at 03:51:32PM -0700, Dennis Peterson said: >> Running diff on the new config files and old config files did not reveal >> any new options. > > Freshclam has one new option, disabled by default - fairly harmless for >

Re: [Clamav-users] FW: How to Uninstall ClamAV?

Mac Carter wrote: > Recently, I attempted to un-install ClamXav as part of an effort to diagnose > some kernel panics that have been happening on my MacBook Pro (OS 10.5.5). A > search shows there are NO files on my computer with the name ³clam² (partial > or whole). However, I still get regular Co

Re: [Clamav-users] Twitter

ANANT S ATHAVALE wrote: > Dear Developers, > > When we run, clamscan, it gives output similar to the one below. Apart > from the information shown below, I would like to have one more filed > that indicates the date/time of the last update of signature. What I > mean is, it should be easy f

Re: [Clamav-users] Twitter

ANANT S ATHAVALE wrote: > Quoting Dennis Peterson <[EMAIL PROTECTED]>: > >> ANANT S ATHAVALE wrote: >>> Dear Developers, >>> >>> When we run, clamscan, it gives output similar to the one below. Apart >>> from the information shown below, I wo

Re: [Clamav-users] clamav-milter installation question

martinnitram wrote: > if you used /etc/rc.d/init.d/clamav-milter to start the milter, at around > line 20, you can see > > ... > # Local clamav-milter config > CLAMAV_FLAGS= > test -f /etc/sysconfig/clamav-milter && . /etc/sysconfig/clamav-milter > ... > > so the milter config file should be "/et

Re: [Clamav-users] <<< 550 This message was detected as possible malware (Zip.ExceededFileSize).

Robert Steinmetz AIA wrote: > The best I can figure this is an issue with either ArchiveMaxFileSize or > ArchiveBlockMax, which I understand were discontinued in 0.93. > > I'd like to understand what the issue is. I am unlikely to upgrade just > clamav, unless there is some really major issue be

Re: [Clamav-users] Clean up of clamav directories

Steve Douville wrote: > Hi All, > > I searched in vain for this on Google, so thought I'd put it to the > list... > > In my /usr/local/share/clamav directory, I have quite a large number of > clamav-# directories. My /usr partition is getting quite full > because of these. There are some

Re: [Clamav-users] freshclam version logic

Jason Bertoch wrote: > I understand this is harmless, but shouldn't there be some logic in > freshclam to avoid this error? > > freshclam[29375]: Your ClamAV installation is OUTDATED! > freshclam[29375]: Local version: 0.94.2 Recommended version: 0.94.1 It's not an error, it is an advisory to le

Re: [Clamav-users] freshclam version logic

Rick Macdougall wrote: > Dennis Peterson wrote: >> Jason Bertoch wrote: >>> I understand this is harmless, but shouldn't there be some logic in >>> freshclam to avoid this error? >>> >>> freshclam[29375]: Your ClamAV installation is OUTD

Re: [Clamav-users] freshclam version logic

Brandon Perry wrote: > His definition mirrors just haven't caught up with the main mirror yet, it > happens. Just wait a day or so. > It is even more confused - this is what is in my log: Local version: 0.94.1 Recommended version: 0.94.2 And this is what is on the clamav home page: Latest Clam

Re: [Clamav-users] Non-Windows Malware

Spiro Harvey wrote: > > No doubt some people run mail servers on OS-X that are delivering mail > to windows users, so it is possible for those people to run clam. I used to build very nice headless Mac Mini mail MTA's for rapid deployment at corporate acquisitions. They work very well running

Re: [Clamav-users] Non-Windows Malware

Derek Currie wrote: > Greetings folks, > > This is a reply to a thread started way back in April of 2008 (when > it used to have the unfortunate subject line "Non-Windoze Viruses"). > > Concerning the controversy about whether Clamav has definitions for > Mac OS X malware, I managed to find t

Re: [Clamav-users] Non-Windows Malware

Derek Currie wrote: > On Dec 6, 2008, at 12/06, 7:26 PM, Dennis Peterson wrote: > >> There is >> no naming standard. > > Again with the misinformation. There is, in fact, a naming standard, > and an organization designated to provide those names. Whether an > an

Re: [Clamav-users] Non-Windows Malware

[EMAIL PROTECTED] wrote: > > In any case, I believe, mac users should come out of their self imposed > complacence and should be encouraged to upload the threats that they find to > clamAV database and that to happen Macintosh clamAV users should spread the > word on all Macintosh forums that

Re: [Clamav-users] Can I force ClamAV to scan a data file?

Aleksey Tsalolikhin wrote: > Hi. I just created a 250 MB file, using > > dd if=/dev/zero of=file.dat > > When I tried to run clamscan on it, I got "Scanned Files: 1 Data > Scanned: 0.00 MB" > > So clamscan didn't actually scan it... Is there any way to force > clamscan to scan the f

Re: [Clamav-users] Mandriva 2009 and ClamAv

Chris wrote: > I'm working on updating my old Mandrake 10.1 system to Mandriva 2009, what > a pain, anyway, using urpmi I installed 94.2. When trying to start it I got a > 'command not found' and noticed that in /usr/bin there is no clamd file. > There > is a clamdscan and a freshclam which in

Re: [Clamav-users] Clamav and MRTG

Gary L Burnore wrote: > Andrew McGlashan wrote >> Tarak Ranjan wrote: >>> i m trying to configured MRTG for clamd but it;s giving me 0 out put > >> That is probably because MRTG is a "Multi-Router Traffic Grapher" and all >> your clamav traffic is local, ie not routing anywhere. > > > Sorry And

Re: [Clamav-users] clamd not creating socket or pid file

Tom H wrote: > Hi, > > I have the 0.90.3 rpm from the fedora core 6 repos running on my fedora > 6 box. > It is running as the defang user, and has been running fine for a long > while, however the clamd was restarted last night and mimedefang is > complaining that there is no /var/run/clamav/clam

[Clamav-users] Mac virus question

Anyone have any comments on the iServices.a virus found in illegal distributions of iLife '09? http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9126609&intsrc=hm_list dp ___ Help us build a comprehensive ClamAV guide: v

Re: [Clamav-users] differences between clamscan, clamd and realtime scanning with dazuko

ist...@stong.org wrote: > Hi, > > I'm setting up a file transfer server and as people send > files to it I want to scan them and either move to a clean > file directory or to an infected directory. Looking at the > various options available and need some advice on what > course to take. Also I d

Re: [Clamav-users] How to test ClamAV

Alex Davidson wrote: > I am running ClamAV tying into ASSP on Debian 4. > > To test ClamAV I have tried using > http://www.aleph-tec.com/eicar/index.php to send myself EICAR test > virus strings but firstly only 3 of the 7 tests hit my mail server, > and secondly ClamAV doesn't detect anything, ye

Re: [Clamav-users] How to test ClamAV

Andy wrote: > You'll need to find a nastie that your local/server AV don't detect, but > ClamAV does. Or make an exception for a file extention... rename eicar.txt > to eicar.z43 (something random) and make sure your server and local av will > ignore that file extention. > It's not that difficult

Re: [Clamav-users] Using clamav on internet gateway

Sunny K wrote: > Hi, > > Is there any way to use clamav on an internet gateway (linux based) to > protect connected hosts from virus/malicious content? > > (Internet)-| Internet Gateway (linux on x86) | Host-1 > | > | Host-2 ClamAV is used su

Re: [Clamav-users] WARNING: DNS record is older than 3hours. (freshclam.log)

da...@davidwbrown.name wrote: > Hello aCaB, thanks for the informative and speedy reply. The command > returns the expected TXT string. My clam updates 17 minutes after the > hour every 2 hours. In about 40 minutes or so I will recheck the log > and report back upon getting this error again unless

Re: [Clamav-users] WARNING: DNS record is older than 3hours.(freshclam.log)

da...@davidwbrown.name wrote: > Hello Dennis, thanks for the reply. Though I am far from being a ClamAV > expert I was not aware the default config leads to 17 minutes after the > hour(+2) for the DB update. All I can see possible is to edit freshclam.conf > for: > > ###

Re: [Clamav-users] WARNING: DNS record is olderthan 3hours.(freshclam.log)

da...@davidwbrown.name wrote: > Hello Dennis, in any case I have it backwards: the freshclam is running as a > daemon and the clamscan is running as a script (cron). Howto reverse this? > Thanks, David. I checked the wiki and there's nothing there. I found this link on Google: http://www.gossam

Re: [Clamav-users] what about sanesecurity phising database

Steve Basford wrote: >> Hello, Anyone knows when sanesecurity phishing databases will be online? > > They are online... but the old scripts wil not work > > See: http://sanesecurity.co.uk/news.htm > > Cheers, > > Steve > Sanesecurity Sure glad you're back Steve - a quick look at my serve

Re: [Clamav-users] Trying out the subversion milter

Steve wrote: > On Sat, 14 Feb 2009 23:21:16 +0100 > aCaB wrote: > >> Steve wrote: >>> Unfortunately, no change. >> That's likely because you didn't update the svn checkout or recompiled, >> or reinstalled, or restarted the daemons. >> ___ >> Help us bui

Re: [Clamav-users] Trying out the subversion milter

Steve wrote: > On Sat, 14 Feb 2009 16:50:44 -0800 > Dennis Peterson wrote: > >> Steve wrote: >>> On Sat, 14 Feb 2009 23:21:16 +0100 >>> aCaB wrote: >>> >>>> Steve wrote: >>>>> Unfortunately, no change. >>>>

Re: [Clamav-users] Trying out the subversion milter

Steve wrote: > On Sat, 14 Feb 2009 20:57:52 -0800 > Dennis Peterson wrote: > >> Steve wrote: >>> On Sat, 14 Feb 2009 16:50:44 -0800 >>> Dennis Peterson wrote: >>> >>>> Steve wrote: >>>>> On Sat, 14 Feb 2009 23:21:16 +0100 &

Re: [Clamav-users] OS X malware

McDonald, Dan wrote: > On Wed, 2009-02-18 at 14:03 -0700, s...@softhome.net wrote: >> Please forgive me for raising this question. When can we expect the OS X >> malware submitted to ClamAV to be included in the database. > > Are you submitting samples? > > If no samples are submitted, then ther

Re: [Clamav-users] please remove

Jim Potter wrote: > please remove me from your mailing list. thank you. > The instructions for you to follow to get this done are in the headers of every post from this list server. It's pretty much self-service. dp ___ Help us build a comprehensive

<    4   5   6   7   8   9   10   11   12   13   >