-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
has anyone noticed any problems with clamd leaking memory? I've installed the
rpm from crash-hat and it seems to be chewing up my swap quickly. I
uninstalled that and built from source and it does the same thing, just a bit
slower. I'll have to r
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
so you can't use the lmtp transport?
I'll just move ahead down the road i'm going and reevaluate later.
On Thursday 26 February 2004 01:24 pm, Thomas Lamy wrote:
> John Jolet wrote:
> > I have a question about thatis it do
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I have a question about thatis it documented anywhere how to get clamd
integrated into postfix? all i could find was instructions on doing it via
amavisd-new, so that's the road i've started down, but I'd prefer to do it
natively via clamd, if
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I bet it does, since yesterday i scanned an email with clamav that our
"up-to-date" trend micro av on exchange let through :)
i chortled to the exchange admin about it, too.
On Thursday 26 February 2004 11:16 am, Kevin Hanser wrote:
> I've recently b
am, Ralph Angenendt wrote:
> John Jolet wrote:
> > has anyone noticed any problems with clamd leaking memory? I've
> > installed the rpm from crash-hat and it seems to be chewing up my swap
> > quickly. I uninstalled that and built from source and it does the
> > s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
clamscan / ClamAV version 0.67
On Thursday 26 February 2004 10:21 am, Thomas Lamy wrote:
> John Jolet wrote:
> > has anyone noticed any problems with clamd leaking memory? I've
> > installed the rpm from crash-hat and it seems
my bad. Turns out it's not clamd leaking. It's kde :)
Got clamd working with postfix via amavisd. works great (i think,
haven't been sent a virus yet).
---
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web s
Hmmm, test #8 got through. what have i misconfigured? "Test #8: Eicar
virus sent using BinHex encoding within a MIME segment "
Jesper Juhl wrote:
On Fri, 27 Feb 2004, John Jolet wrote:
my bad. Turns out it's not clamd leaking. It's kde :)
Got clamd working with
Nigel Horne wrote:
On Friday 27 February 2004 10:27 pm, Bryce wrote:
Test # 17, 8, 5, 4, and 2 are making it through. I am using version .65.
What can I do to prevent this?
Binhex was added in 0.67, so all binhex encoded e-mails will get through
unless you upgrade.
-Nigel
I guess that
The question is how much of a problem it really is. Are users
really that dumb?
What I'm wondering is whether the encrypted version of the
virus can be created by the unencrypted version, or whether the
encrypted versions of the virus we have seen have all been
produced by actual encrypted-zip in
On Wednesday 03 March 2004 05:01 pm, Raul Elizondo wrote:
> Hi,
>
> I am using just the clamav, and it does its job not letting viruses pass
> thru. I tryed to install some amavis version, but couldnt make it work on
> redhat 9. Once i saw that just the clamav stops the viruses, i just left
> it
On Wednesday 03 March 2004 08:00 pm, Michael Torrie wrote:
> Virus. See the latest virus notices on AV web sites. If you uncompress
> the zip file (with the provided password), clamav will detect it. The
> current discussion on the list has been how to handle this at the
> server, since clamav c
James Barber wrote:
Hi there,
I'm trying to get the clamav-milter to work with sendmail. I've made
all the required changes to the sendmail.cf file, but when I try to
restart sendmail, I get the error:
"sendmail: WARNING: Xclmilter'': local socket name
/var/clamav/clmilter.sock' missing".
Antony Stone wrote:
On Friday 05 March 2004 7:54 pm, Jim Maul wrote:
On the other hand, remove sendmail and install Postfix instead.
Or qmail. Both are more secure than sendmail.
Is this still true? I know sendmail had a bad history of security problems
in its early days (but
On Friday 05 March 2004 09:30 pm, Starbane wrote:
> Jim Maul wrote:
> > my apologies, it was almost 5pm on a friday and for some reason i asked
> > if sendmail supports maildirs. musta been a brain fart cause obviously
> > thats not the mta's job. Feel free to point and laugh.
> >
> > Thanks
> >
On Monday 08 March 2004 10:51 am, Jesper Juhl wrote:
--snip--
> The first "qr" block checks for double extensions like file.foo.exe and
> ban such files if the last extension is one of vbs|pif|scr|bat|com|exe|dll
> the next two "qr" blocks block files purely based on the last extension.
> The next
Jorge Valdes wrote:
Hi,
I am very happy with clamav, and would like everyone's opinion to the
following feature request:
clamd logs to a file and you can control the size, but when this limit
is reached, logging stops. When this happens, an entry in the file
says it has reached the file size l
Betsy Schwartz wrote:
At 12:41 PM 3/11/2004, John Jolet wrote:
why not just run logrotate and have done with it?
It would help if clamd took a "kill -HUP" and started a new logfile.
Betsy Schwartz
email: [EMAIL PROTECTED]
Un
On Thursday 11 March 2004 09:48 pm, Betsy Schwartz wrote:
> When you say clamAV works with logrotate, what command are you issuing to
> get clamav to start using the new file? What I'm seeing is that it doesn't
> respond to SIGHUP but has to be killed and restarted to get it to let go of
> the old
pi wrote:
Nigel Horne wrote:
On Thursday 18 Mar 2004 9:45 am, pi wrote:
I thought milter was ONLY for scanmail, I use postfix.
Milter is for sendmail.
Phil
Yes, that' what I wanted to say ;-)
What can I use with postfix?
Phil
If anything, i'd say it leaked less...course, i jumped from .65 to .7.
On Sunday 21 March 2004 12:38 pm, Didi Rieder wrote:
> Hi all,
>
> is it possible that there is a memory leak in clamd since version 0.68-1.
> I'm running 0.68-1 on several Solaris 8 an 9 boxes. After starting clamd it
> uses a
On Friday 02 April 2004 04:22 am, WipeOut wrote:
> Hi is anyone have stability issues with Petr Kristov's RPM's ??
>
> I am running them on Fedora Core 1..
>
> The problem is when I try to use clamscan or clamdscan/clamd with my
> mail server it causes the mail server to crash.. The mail server peo
On Sun, May 16, 2004 at 05:41:11PM -0500, McKeever Chris wrote:
> ---
> Chris McKeever
> If you want to reply directly to me, please use cgmckeever--at--prupref---dot---com
> http://www.prupref.com
> Prudential Preferred Properties
> Chicago and Illinois Nort
I don't believe Symantec updates their definitions more than once a week.
Certainly not for us poor home users.
you can update all you want, but the file won't change.
On Tuesday 31 August 2004 12:37 pm, henry j. mason wrote:
> J. Frost wrote:
> > Hy Henry,
> >
> > ...
> >
> >> infections, ma
ts.clamav.net/cgi-bin/mailman/listinfo/clamav-users
--
John Jolet
Technology Solutions
Your On-Demand IT Department
[EMAIL PROTECTED]
(512)762-0729
www.jolet.net
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
I can see what hierarchy branches ("HTML.Phishing.*",
> etc.) I would have to whitelist?
>
> Besides there's oviously a fundamental difference between technical
> malware and social engineering malware, so there should be a way to
> configure what to detect and what no
On Sunday 14 November 2004 9:17 am, Julian Mehnle wrote:
> John Jolet [EMAIL PROTECTED] wrote:
> > On the issue of manually reviewing the mails to submitisn't this the
> > purpose of the quarantine directory? When it detects a phishing
> > malware, look at the file i
tga wprztg,"
> ___
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
--
John Jolet
Your On-Demand IT Department
512-762-0729
[EMAIL PROTECTED]
www.jolet.net
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
yup. very little email needs to be html.
On Monday 15 November 2004 7:43 pm, Todd Lyons wrote:
> John Jolet wanted us to know:
> >I have to laugh and slap my knee here...as all the email I get from
> > friends and acquaintances that use hotmail end up sending me pure
> > h
anging things
> in a way that doesn't cause clamdwatch.pl to fail would be greatly
> appreciated. (Imagine lots of scared little sysadmins trying to figure
> out what to do when they get emails about ClamAV being "borked". ;)
>
such file or directory
>
> I'm using Fedora Core 3 and downloaded Clam from the site, did it
> install wrong?
>
> Tim...
> --
>_
> ASCII ribbon campaign ( )
> - against HTML email X
> /
>
> _
Luca Gibelli wrote:
Dear ClamAV users,
a native port for Microsoft Windows of Clam AntiVirus has been developed by
Boguslaw Brandys. The source code can be downloaded at
http://www.bransoft.com/clamav.html
The first product based on this port is ClamMail
(http://www.bransoft.com/clammail/clamma
On Tue, 2005-02-15 at 16:19 +0500, abac wrote:
> hi,
> I installed the clamav-0.82.tar.gz and the webmin module for clamav,the
> installation was successful,but now when i want to open the clamav in
> webmin this is theerror:
> WARNING: Please fill in the location of the clamav daemon startup fil
they could always rename the file and include instructions to put the
name back. bear in mind, that microsoft has started making it difficult
to impossible to get at emails with those kinds of extensions in them
using microsoft's email products. Some versions require altering a
registry key to en
does that socket file exist? does whatever user clamd is running as
have write access to it?
On Mon, 2005-04-04 at 16:29 +0200, Souza Simbota wrote:
>
> Hello,
>
>
>
> I have noticed there is a delay in my mail server operations . I tried to
> send a test mail to myself an hour ago but I hav
machine here, but i have no AIX that fits -- i only
> have AIX for G5, unfortunately.
>
> an option would be a cheap RS/6000 machine? mail me if someone wants
> one, i can get those.
>
>
> [1] -- http://en.wikipedia.org/wiki/PReP
--
John Jolet
Technology Solutions
Your On-Dema
On Thursday 12 May 2005 06:21, [EMAIL PROTECTED] wrote:
> I would be happy to implement the qmail-scanner tool, but I'm not sure how
> this would or could impact the currently installed qmail system and Plesk.
> Also, I do not know the impact or of the qmail patch can be applied without
> hurting
Matt Fretwell wrote:
Brian Read wrote:
Block all mails from dynamic IP. They are 99,99% spam.
No they aren't that "rule" causes quite a few of my customers a
headache, as the (linux) mailserver I often install sends the email
direct, irrespective of whether there Ip is "dynamic" or "
On Monday 16 May 2005 04:43 pm, Dennis Peterson wrote:
> John Jolet said:
> > Matt Fretwell wrote:
> >
> >
> >
> > This email, for instance was sent from a properly configured mta running
> > antispam and antivirus scanning in BOTH directions, from a dynamic
For
> people who are willing to learn and put work into maintaining it the
> cost of getting a "business class" connection is so high
> that...well...they'd have to be a business to get it. Or at least get
> it and not subsist on bologna and Cheerios for meals.
>
> ___
> http://lurker.clamav.net/list/clamav-users.html
--
John Jolet
Technology Solutions
Your On-Demand IT Department
512-762-0729
www.jolet.net
[EMAIL PROTECTED]
___
http://lurker.clamav.net/list/clamav-users.html
__
> http://lurker.clamav.net/list/clamav-users.html
--
John Jolet
Technology Solutions
Your On-Demand IT Department
512-762-0729
www.jolet.net
[EMAIL PROTECTED]
___
http://lurker.clamav.net/list/clamav-users.html
atabase? Where do I find clamav logs and what are
> the logs called?
>
> Thanks,
> Susemail
> _______
> http://lurker.clamav.net/list/clamav-users.html
--
John Jolet
Technology Solutions
Your On-Demand IT Department
512-762-0729
www.j
On Dec 20, 2005, at 10:48 AM, Shannon Scott wrote:
Greetings,
I have been using postfix for a while, and would like to integrate
clamav for scanning email.
What is the best and most simple way to achieve this?
I have tried mailnees, clamfilter, clapf, and openprotect, but I
cannot
get any of
On Jan 4, 2006, at 11:13 AM, Derek Lamparty wrote:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Tomasz Papszun
Sent: Wednesday, January 04, 2006 11:08 AM
To: clamav-users@lists.clamav.net
Subject: Re: [Clamav-users] Spoofing IP Address?
On Wed, 0
On Jan 4, 2006, at 11:29 AM, Steven Spence wrote:
John Jolet wrote:
they always were pointless. How many times has each of us had to
go to a maintainer of an rbl and explain that we were not, in
fact, spammers. and face the inevitable...prove it. g.
They are not at all
On Jan 6, 2006, at 11:46 AM, Chuck Swiger wrote:
Dennis Peterson wrote:
Randal, Phil said:
[ ... ]
I have. It's very useful when a new virus variant arrives and is
detected by only one of our three virus scanners (or is blocked by
filetype alone). If it is quarantined I can pull out the
On Jan 9, 2006, at 9:08 AM, John Kielkopf wrote:
Dennis Peterson wrote:
Bill Shupp said:
Thanks for the quick response.
Fajar A. Nugraha wrote:
Are you scanning all email?
Not outgoing mail (from our users), but all incoming mail, yes.
Don't you think it a bit rude to require all of
On Jan 9, 2006, at 9:17 AM, Bit Fuzzy wrote:
i was wondering if anyone knows of a squirriel mail plugin using
ClamAV
to scan e-mails?
IMHO that would be over kill.
Incomming messages will be scaned via ClamAV as should messages
being sent.
(depending on configuration)
Squirrelmail does
On Jan 9, 2006, at 1:10 PM, Freddie Cash wrote:
On January 9, 2006 11:06 am, Jeremy Kitchen wrote:
just reject viruses at the front door, and you'll be fine.
'client-side' scanning (squirrelmail IS a client, even though it's
run
on a server) is not a 'feature'. Don't think you should do it
gt; -eric
> _______
> http://lurker.clamav.net/list/clamav-users.html
--
John Jolet
Your On-Demand IT Department
512-762-0729
www.jolet.net
[EMAIL PROTECTED]
___
http://lurker.clamav.net/list/clamav-users.html
could clarify, that would be great. I'm looking for a way to
> offload only clamd to another system, similar to how spamc/spamd works.
>
> Thanks,
>
> Bill
> ___
> http://lurker.clamav.net/list/clamav-users.html
--
John Jolet
On Feb 1, 2006, at 4:32 AM, Randal, Phil wrote:
Jason Haar wrote:
I've been watching CME (Common Malware Enumerator) starting
to take off over the past few weeks, and I've noticed CME
entries and their corresponding names used by antivirus vendors.
...and ClamAV ain't in there from what I've
On Feb 1, 2006, at 9:11 AM, Daniel J McDonald wrote:
On Wed, 2006-02-01 at 17:45 +0300, Odhiambo Washington wrote:
* On 01/02/06 07:52 -0600, John Jolet wrote:
I fail to see how everyone using the same names protects my users
any
more than they already are by my using the best antivirus
On Feb 1, 2006, at 7:00 PM, Tom Lee wrote:
Hello,
To get postfix work clamav on fedora 4,
I installed the following packages,
clamav-lib-0.88-1.fc4
clamav-update-0.88-1.fc4
clamav-data-0.88-1.fc4
clamav-0.88-1.fc4
clamav-server-0.88-1.fc4
and
clamsmtp-1.6-1.fc4.mf
However, I have no clue
amavis has not been updated for more than one year.
is there a way to have clamav to configure to work with postfix
with the change in configuration file?
I searched the documentation and cannot find any thing useful.
postfix can't work directly with clam. however, i hear good things
about
I've just been asked if we're scanning for tomorrow's outbreak
alert and still have not found anything official. I've found in
the mailing lists that CME-24 is synonymous with worm.vb-8 and
worm.vb-9 but it took some digging. I know I for one would
appreciate it if clamav participated i
On Feb 2, 2006, at 3:23 PM, <[EMAIL PROTECTED]> wrote:
i'm not sure about those packages...too lazy to check my fc4 box :)
however, i'm using amavis to call clam. you put amavis in as a
transport, and uncomment the clam parts of amavis. amavis
also calls spamassassin.
amavis has not bee
Does anyone know if clam (running as clamd or clamxav) on mac os X will
catch the "new" virus that's apparently propagating via aim?
___
http://lurker.clamav.net/list/clamav-users.html
On 2/23/06 12:56 PM, "Jason Haar" <[EMAIL PROTECTED]> wrote:
> Richard Feldmann wrote:
>>
>> It might be best to find a scanning system that checks at the smtp level,
>> rather than scanning the mailbox of the user manually. This would delete the
>> virus as it's being transferred while preser
59 matches
Mail list logo
