ciate for your suggestion and sharing.
Kevin
2007/7/4, Chuck Swiger <[EMAIL PROTECTED]>:
>
>
> When you restart amavisd, check /var/log/maillog and see whether it then
> finds
> the clamd socket as the primary virus scanner, rather than just clamscan.
>
> Double-check w
natures and, if JIT is desired with a smaller
memory footprint in clamav, you can configure clamav with
"--with-system-llvm" to use the system's native llvm.
-Kevin
On Tue, May 27, 2014 at 10:29 AM, Michael Heuberger <
michael.heuber...@binarykitchen.com> wrote:
> Hello ever
"/BTC"
directory.
For further information on clamscan options, you can refer to the clamscan
man page or run *clamscan --help*.
-Kevin
On Thu, Jun 12, 2014 at 2:39 PM, ellanios82 wrote:
> Hello List
>
>
> my hope is to exclude from clamscan a Bitc
most part.
Regards,
Kevin
On Sat, Aug 9, 2014 at 2:45 PM, Tom wrote:
> When I run clamscan (clamav-0.98.4-1.el6.rf.x86_64), I get this output:
>
> LibClamAV Warning: cli_scanicon: found 3 invalid icon entries of 3 total
> LibClamAV Warning: cli_scanicon: found 3 invalid icon e
at process is locking a freshclam.log.
-Kevin
On Mon, Sep 22, 2014 at 6:26 PM, David Cain wrote:
> ERROR: Problem with internal logger (UpdateLogFile =
> /var/log/clamav/freshclam.log).
> ERROR: /var/log/clamav/freshclam.log is locked by ano
'clamscan' is an on-demand scanner. In regards to the blog post, have you
tried running 'autoreconf' after your changes? I'm assuming the 'SUBDIRS'
changes were to an autotools file.
-Kevin
On Wed, Jan 21, 2015 at 5:48 PM, Ed Christiansen MS
wrote:
> I
;clamscan'
is also a stand-alone scanner.
For additional information for program usage, you can read the program's
help message or query its manpage.
-Kevin
On Fri, Feb 13, 2015 at 1:13 PM, Jonathan Coles
wrote:
> I installed clamav-0.98.6-win32.msi on Windows. It added nothing to
natively support parsing HTTP messages. When I send
a file to scan to clamd using curl, clamd fails to understand the message
and sends back the message:
UNKNOWN COMMAND
-Kevin
On Tue, Feb 17, 2015 at 1:23 PM, Noel Jones wrote:
> On 2/17/2015 12:11 AM, Manoj Ramakrishnan wrote:
> >
scan-precedence=yes" is set as well.
Additionally, you can provide the false positive to
http://www.clamav.net/report/report-fp.html.
-Kevin
On Tue, Aug 25, 2015 at 6:36 AM, Alex wrote:
> Hi,
>
> I have an email with an apparent false-positive spoofed domain. How
> can I determine
It's not necessary to whitelist the heuristic. If you choose to, you can
whitelist the domain which can be done using a .wdb signature. There is
documentation on how to write an entry in the phishsigs_howto.pdf document.
-Kevin
On Tue, Aug 25, 2015 at 1:11 PM, Charles Swiger wrote:
> O
It appears that the "PCREMaxFileSize" options is currently set to accept
raw numbers and not sizes as indicated by the documentation. This is a
minor bug in the current release of ClamAV 0.99.
The work around would be to use "26214400" instead of "25M".
-Kevin
O
list
archives, the manual, and the FAQ but haven't found an answer.
Thanks
Kevin Kretz
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
7.1.0.AC122E0A.ping.clamav.net
daily.21375.77.1.0.AC122E0A.ping.clamav.net
daily.21375.77.1.0.AC122E0A.ping.clamav.net
daily.21375.77.1.0.AC122E0A.ping.clamav.net
Can someone explain what these lookups are for please?
Thanks
Kevin
___
Help us build a comprehe
It seems as if the xml parser ClamAV is has some parsing errors in regard
to this document variant. You could submit a bug report at
bugzilla.clamav.net; attaching a sample would also help.
-Kevin
On Fri, Apr 1, 2016 at 6:30 PM, David Shaw wrote:
> Hello,
>
> I am using ClamAV 0.99 on
ClamAV, in order to optimize the AC algorithm execution, runs the
filetype signatures alongside the malware detection signatures. ClamAV
is set to immediately return after AC execution if a filetype
signature detection occurs. This unfortunately causes the engine to
skip PCRE signature execution.
Please refer to the bug report at:
https://bugzilla.clamav.net/show_bug.cgi?id=11552
for the patch to resolve the issue.
On Wed, Apr 13, 2016 at 1:32 PM, Kevin Lin wrote:
> ClamAV, in order to optimize the AC algorithm execution, runs the filetype
> signatures alongside the malware det
o find all matches of the affected regex signature; yara signatures
unfortunately do not have such an option at this time.
-Kevin
On Wed, Apr 13, 2016 at 7:27 PM, David Shrimpton
wrote:
> Using #match as a condition in a yara rule to
> count the occurences of $match doesn't appear to
>
uments is cli_pdf.
In a nutshell, this warning occurs because ClamAV encountered a DCTDecode
filter but does not have a implementation to decode that filter yet. It is
possible but unlikely that associated document is malicious.
-Kevin
On Thu, May 19, 2016 at 12:43 AM, Rick Valenzuela wrote:
> H
additional information on clamscan options, refer to the clamscan
manpage or use the the "--help" option.
clamscan --help
Finally, if you suspect that this may be a bug, please report the issue to
https://bugzilla.clamav.net and supply the appropriate samples.
-Kevin
On Wed, Jul 20
ding the engine limits as scanning
oversized files can be dangerous.
-Kevin
On Tue, Jul 26, 2016 at 2:10 AM, Al Varnell wrote:
> You might be able to re-compile the ClamAV source and configure it with
> --maxfilesize=xxM, but the limit is there to prevent severe system damage
> that can r
I just had a report from one of my sysadmins of a similar problem
under FreeBSD.
The load was up around 40, almost all of it spent in interrupts, all
caused by clamav.
We were using the libmap.conf trick that had prevented bad behavior
under 0.9. It's the first time the trouble has occurre
also notice that clamscan doesn't seem to have the same problem
clamd does, but I haven't looked into that further yet since I needed
to get my mail server up and running again. It may be a configuration
difference that I didn't noti
On Jul 30, 2007, at 10:24 AM, Oliver Schwarz wrote:
> kevin,
>
> i ran into the same problem with clamd, but was able to dig a bit
> deeper and figuring out, that as soon as an attachement was encoded
> in octet-stream clamd would run nuts. the logs showed it crashed, but
> the
sages with powerpoint
attachments in the queue? I noticed that was killing my clamd
recently. I ended up disabling the OLE2 and we haven't had any issues
since.
HTH,
Kevin
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
tell me what am I doing wrong or what is going on ?
Thanks for any help.
Kevin
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
ssage !
I just changed the script to look for the new database and things are working
just fine as the way they meant to be.
Sorry again.
Thanks anyways,
Kevin
On August 4, 2007 13:09:44 Kevin wrote:
> I just upgraded clamav to the latest svn version an hour ago. Now, when I
> run
so I don't think it's critical if you don't care to
support OS X.
Regards,
Kevin
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
On Nov 26, 2007, at 12:57 PM, Gerard wrote:
>>
> I know nothing about OS X, so I cannot test against it directly. I
> use 'wget'
> because I like it better than 'curl'. Strictly a personal
> preference. I might
> include an option to use 'curl' in place of 'wget' at some future
> date.
>
>
Is this information publicly viewable anywhere?
Kevin W. Gagel
Network Administrator
Local 5448
My blog:
http://mail.cnc.bc.ca/blogs/gagel
My shared files:
http://mail.cnc.bc.ca/users/gagel
--- Original message ---
Subject: [Clamav-users] Stopping Phish Success
From: Nigel Horne
To: ClamAV
Awsome!
Kevin W. Gagel
Network Administrator
Local 5448
My blog:
http://mail.cnc.bc.ca/blogs/gagel
My shared files:
http://mail.cnc.bc.ca/users/gagel
--- Original message ---
Subject: Re: [Clamav-users] Stopping Phish Success
From: Nigel Horne
To: ClamAV users ML
Date: 21/01/2009 11:12 AM
I'm following up on a previous post about logging to maillog:
http://lurker.clamav.net/message/20090408.063308.16623e5a.en.html
I am using Sendmail 8.13 on CentOS-4 but whereas previously with 0.94.2 I would
get a log entry in /var/log/maillog for every scanned message I now only get a
log even
> > I'm following up on a previous post about logging to maillog:
> >
> > http://lurker.clamav.net/message/20090408.063308.16623e5a.en.html
> >
> > I am using Sendmail 8.13 on CentOS-4 but whereas previously with
> 0.94.2 I would get a log entry in /var/log/maillog for every scanned
> message I now
> > What am I missing?
> >
>
> I believe Kevin is seeking an option similar to clamd's LogClean option
> in clamav-milter.
>
> From clamd.conf:
>
>
>
> # Also log clean files. Useful in debugging but drastically increases
> the
> #
> > Kevin Clark wrote:
> > Craig is correct - I would like clamav-milter to log clean files as
> > well as infected ones much like it used to.
>
> Hi Kevin,
> I think this is pretty pointless as that would basically duplicate any
> line already in the logs. Tha
The first sentence on the the "About" page on clamav.net, which is the first
response when googling "clamAV license":
"ClamAV ® is an open source (GPL) anti-virus engine"
From: "Peggy Anstett"
To: "clamav-users"
Sent: Wednesday, November 29, 2017 12:57:33 PM
Subject: [clamav-users] FW: C
iding a virus, but apparently MailScanner or ClamAV doesn't
> realize the file is there or doesn't pick it up (I think it's the EICAR virus).
Hello
www.eicar.org
This is the safe way to test any av engine.
Kevin
---
Th
On Tue, 2003-12-02 at 13:42, Benny Pedersen wrote:
> > ONAY, Gabriel wrote:
> > I have heard, that is possible to use clamav with squid.
> > Is that right?
We use clamav with DansGuardian Anti-Virus (
http://freshmeat.net/projects/dgvirus/?topic_id=907%2C43 ) which sits
between squid and users and
On Mon, 2004-01-19 at 20:57, Tom Walsh wrote:
> Anybody seen these yet?
>
> http://www.viruslist.com/eng/alert.html?id=783050
>
> There has been some discussion on bugtraq about it's payload today.
>
> Just curious...
>
Yeah, we had about 30 today so far. It seems to be spreading quite
rapidl
On Mon, 2004-01-19 at 21:31, Tim Wilde wrote:
> On Mon, 19 Jan 2004, Kevin Spicer wrote:
>
> > Yeah, we had about 30 today so far. It seems to be spreading quite
> > rapidly. Good news is its supposed to deactivate on the 28th.
>
> Only 30? I've seen over 500 on
On Tue, 2004-01-20 at 11:12, Fajar A. Nugraha wrote:
> Kevin Spicer wrote:
>
> >I guess it depends on how much mail you handle! To put mine in
> >perspective I'm talking a daily load of only about 7000 messages of
> >which only about 3-4000 will be incoming. So pro
Title: Message
With the release of
thei Bagle/Beagle/whatever worm, I was asked to check if our scanner (clamav)
was updated to catch it. In previous versions of ClamAV, when the virus
definition file was plaintext, that was easy for me as I would just grep the
virus file and see if the vir
On Wed, 2004-01-21 at 22:19, Peter Bonivart wrote:
> Leif Neland wrote:
> > How does this fit in with sendmail 8.12 already having two queues, mqueue
> > and mqueue-client?
>
> You really should have posted this on the MailScanner list since nothing
> of this is Clam related.
I'll second that,
On Mon, 2004-01-26 at 23:19, Rick Macdougall wrote:
> Hi,
>
> McAfee has picked it up and is calling it MyDOOM.
>
Symantec are calling it [EMAIL PROTECTED]
BMRB International
http://www.bmrb.co.uk
+44 (0)20 8566 5000
_
This mess
On Wed, 2004-01-28 at 16:01, Patricia Viana wrote:
> Hi.
>
> My SMTP filter running ClamAV is blocking a huge amount of messages with the
> Worm.SCO.A.
> It seams to be the same virus as MyDoom or Novarg.
> Can anyone confirm this?!
>
That is correct.
Clam had a signature whilst t
(Posting this again as it seem not to have reached the list)
I encountered some behavior that was not as I expected with some zip
files and clamscan (I'm not saying it is a bug - it may be by design).
One of our clients attempted to send us a zipfile or data which had been
compressed down to arou
I encountered some behavior that was not as I expected with some zip
files and clamscan (I'm not saying it is a bug - it may be by design).
One of our clients attempted to send us a zipfile or data which had been
compressed down to around 1.5% of its original size. Not surprisingly
this triggered
This is another post about the problems that some people have been
having with sco.a seemingly making it past clam due to doggy mime
structure in bounce messages.
I noticed that Symantec on our exchange servers (which are behind a
mailscanner box running clam and sophos) is picking up a few Sco's
On Wed, 2004-02-04 at 23:29, Stevens, John wrote:
> and sorry for this stupid disclaimer.
>
We also have a stupid disclaimer, but one question about yours - can you
have "omissions that are present"?
I did think about making it a very small font, or white text on a white
background - but then yo
On Thu, 2004-02-12 at 17:02, Randal, Phil wrote:
> And the license.txt reads:
IANAL but I believe points 2, 3, and maybe 6 would make this license GPL
incompatible.
>2. The unRAR sources may be used in any software to handle RAR
> archives without limitations free of charge, but cann
On Fri, 2004-02-13 at 22:19, Craig Daters wrote:
> >Maybe it's cool for you but surely not for a sender who receives that
> >auto spam.
>
> How is it spam? The sender is simply receiving an email asking for
> them to confirm that they sent the message? All they do is reply to
> it. It is no diff
On Fri, 2004-02-13 at 23:17, Antony Stone wrote:
> What's a "joe-job"?
>
As with all jargon see ESR's excellent jargon lexicon!
http://catb.org/~esr/jargon/html/J/joe-job.html
BMRB International
http://www.bmrb.co.uk
+44 (0)20 8566 5000
_
ace, Suite 330, Boston, MA 02111-1307 USA
#
# The author, Julian Field, can be contacted by email at
# [EMAIL PROTECTED]
# or by paper mail at
# Julian Field
# Dept of Electronics & Computer Science
# University of Southampton
# Southampton
# SO17 1BJ
# Un
On Wed, 2004-02-18 at 00:19, Luc de Louw wrote:
> Hi all,
>
> Does someone know a software, that allows users to browse and handle
> quarantined Mails?
>
> Preferably a Web-interface...
>
You don't say what you are using to quarantine, but if using MailScanner
then I think Mailwatch for MailSc
Title: Message
I've recently been
asked if our virus scanner (clamav) detects the latest mydoom, Mydoom.F.
I've seen other messages on this and the mailscanner list that indicate that it
does, but I've been unable to confirm it myself yet.
If I do: sigtool
--list-sigs | grep -i mydoom
I
ition: clamd: ClamAV
returned /var/spool/exim/scan/1AwiW8-NF-Lk: Can't access the file ERROR
The directory is there and owned by exim but there are no files in it.
Any help, thoughts?
Kevin
---
SF.Net is sponsored by: Speed Start
On Wed, 2004-03-03 at 02:28, Rembrandt wrote:
> I know guys wich are working as administrators at a newspaper.
> They make backups.. yes..
> But they make it only for 1 week (couse there's too much data).
> So they're able to restore all files wich changed since date X.
> But what's about a virii
On Wed, 2004-03-03 at 20:57, Grzesiek Staleńczyk wrote:
> > MailScanner users need to upgrade to MailScanner 4.28.4 (just out), which
> > can block password-protected .zip files.
> RP> MailScanner users need to upgrade to MailScanner 4.28.4 (just out), which
> RP> can block password-protected .zip
On Wed, 2004-03-03 at 23:05, Rembrandt wrote:
> I think zzip-lib could be replaced with the info-zip
> http://www.info-zip.org/ is under BSD-like license! :)
> And info-zip is in use on nBSD.
>
> Are there other parts of clamAV witch are GPLed?
>
> And Michael I dislike the GPL couse it dosn't se
Can I set clam to scan incoming mail messages?
I use a clarkconnect 2.1 (redhat9) based firewall /gateway for a dsl modem.
It is not a mail server, jsut want to set clam to scan for
clients who use the gateway to access mail servers on pop or smtop
kevin
Can I set clam to scan incoming mail messages?
I use a clarkconnect 2.1 (redhat9) based firewall /gateway for a dsl modem.
It is not a mail server, jsut want to set clam to scan for
clients who use the gateway to access mail servers on pop or smtop
kevin
3scan.conf file is set at scanner=/var/lib/clamav
default=basic.
I can run freshclam /home/user no problems and even found a virus last
week (mp3 file none the less)
Also when I do a rpm -q libpcre it shows nothing, but I have a
rpm -q pcre it shows
rpm pcre-3.9-10 installed.
Is it
We just recently got
a message sent to us that's infected w/the [EMAIL PROTECTED] virus (that's what
norton/symantec calls it). For some reason, clamAV doesn't seem to be
catching this virus. I ran a saved copy of the message thru the online
clamAV @ http://www.gietl.com/test-clamav/ and
submission howto for newbie submitters,
that'd be great :)
Thx
k
-Original Message-
From: Tomasz Kojm [mailto:[EMAIL PROTECTED]
Sent: Monday, March 15, 2004 15:22
To: [EMAIL PROTECTED]
Subject: Re: [Clamav-users] [EMAIL PROTECTED] getting through?
On Mon, 15 Mar 2004 12:35:17 -050
On Mon, 2004-03-15 at 20:20, [EMAIL PROTECTED] wrote:
>
> Has the Ladmar.A virus been merged as a different virus? The count went
> down by 1 and Ladmar was removed. Any ideas?
>
It was temporarily removed due to a false positive. You can keep track
of additions and removals by subscribing to
Would it be possible for posts to clamav-announce to be cross-posted
here please. I imagine I'm not the only one here that didn't know about
0.68.
Cross posting to the users list seems to be fairly common among other
projects (it makes sense that anyone on the users list is going to want
to know
the
virus in it.
Thx!
k
-Original Message-
From: Tomasz Kojm [mailto:[EMAIL PROTECTED]
Sent: Monday, March 15, 2004 15:22
To: [EMAIL PROTECTED]
Subject: Re: [Clamav-users] [EMAIL PROTECTED] getting through?
On Mon, 15 Mar 2004 12:35:17 -0500
"Kevin Hanser" <[EMAIL PROT
On Tue, 2004-03-16 at 17:53, Alex S Moore wrote:
> Has the number of virus signatures increased significantly lately? I
> thought there were around 21,000 but now I have this msg in clamd.log.
>
> Tue Mar 16 11:45:22 2004 -> Protecting against 40969 viruses.
>
Maybe you have both old and new sty
Your's did better than mine did, 12, 19-25 all slipped through mine. I'm
running 0.70-rc, any advice on getting these detected?
On Fri, 26 Mar 2004, Bart Silverstrim wrote:
>
> On Mar 26, 2004, at 2:35 PM, Trog wrote:
>
> > On Fri, 2004-03-26 at 18:35, Bart Silverstrim wrote:
> >
> >> Hmm...w
Actually, I'm running ClamAV version 0.70-rc and getting the same message.
Anyone else having this issue?
On Fri, 26 Mar 2004, Tomasz Papszun wrote:
> On Thu, 25 Mar 2004 at 16:18:38 -0800, Brian W. Antoine wrote:
> >
> > I'm updating from clamav.elektrapro.com and starting a short time ago
On Sun, 2004-03-28 at 15:45, Fred Flintstone wrote:
> Any other quick 'n' dirty suggestions for this one? :)
>
Have you tried just building a statically linked binary on a more recent
distro and seeing if it works on yours?
BMRB International
http://www.bmrb.co.uk
+44 (0)20 8566 5000
On Mon, 2004-04-12 at 23:01, Niek wrote:
> Hi list,
>
> Using devel of 20040412, and got this RAR module failure on a rar.
> unfortunately qmail-scanner deleted it, so can't reproduce it.
>
> Isn't it possible to make clamav call the freeware unrar executable ?
clamscan --unrar=/path/to/unrar
On Thu, 2004-05-13 at 20:53, Damian Menscher wrote:
> You are obviously correct in the case of an intrusion. But I don't know
> many 1337 h4x0rs that would mess with:
> //usr/share/doc/libxml2-devel-2.5.4/example.html: Exploit.Junksurf.A FOUND
> which is why i recommended updating clamav before re
easy
it is to mirror a mysql database, I suppose I could script something
that writes incrementals out to some web space. But it all needs more
work first... I'm away for a few days, maybe I'll find time next week.
Kevin
BMRB Intern
On Mon, 2004-05-10 at 18:24, jef moskot wrote:
> So, if I type in "Netsky", I don't see any ties to SomeFool. If I put in
> "SomeFool", I don't see any immediate reference to Netsky, but if I poke
> around a little, it becomes apparent that we're talking about the same
> thing.
But if you put in W
On Mon, 2004-05-10 at 11:38, Russ Phillips wrote:
> I had a look, and I have a couple of thoughts/comments.
>
> 1. Will it handle heavy loads? It may start to get a lot of hits once
> people start to find out about it
Its running PHP & MySQL on apache2, unfortunately this is my home box
(that sa
On Mon, 2004-05-10 at 19:57, Bora wrote:
> Sorry, this may not be appropriate to post here, but I know many of you are
> using RH and are figuring new options as they are no longer offering free
> download for RH 7, 8 and 9.
When starting a new topic please would you create a fresh message rather
due to an upgrade replacing the index.html
page and me not noticing (doh!), but should be alright now.
I hope people find this useful, any constructive comments or suggestions
gratefully received.
Kevin
BMRB International
http://www.bmrb.co.uk
+44 (0)20
I submitted a false positive of Joke.BinLaden last week (through the web
interface), but I haven't heard anything of it, and its not shown up in
the virusdb list. Should I resubmit?
BMRB International
http://www.bmrb.co.uk
+44 (0)20 8566 5000
__
en
I'll try and find time to add some other vendors and maybe even make it
less ugly (and validate the html!)
Its on a DSL line, so please be gentle with me!
Kevin
signature.asc
Description: This is a digitally signed message part
On Thu, 2004-04-29 at 21:42, Bernard Elbourn wrote:
> From a 1 year old installation
[snip]
> Is it time to upgrade?
Oh yes. It was probably time to upgrade some months ago!
Virus scanning (and virus production) is an arms race, really well
advised to keep pace.
BMRB International
http://
On Fri, 2004-04-30 at 08:05, Bernard Elbourn wrote:
> Unfortunately this installation is remote to me so not so easy to just
> update. Shame I did not get any warning!
>
> How can I find out when I should update so I can plan ahead?
>
Subscribe to clamav-announce list. Generally speaking its a
On Fri, 2004-05-07 at 18:36, Ken Morley wrote:
> I was surprised when clamdscan reported:
>
> //proc/kcore: Trojan.MiniCommander.dr FOUND
>
> What's the possibility that the server is really infected?
It got to be somewhat unlikely that a running linux kernel would get
infected with a Windows
On Fri, 2004-05-07 at 18:27, Mike Lambert wrote:
> Again, the advantage is sending 5xx instead of 2xx. IMO, giving the
> connecting mta a status code appropriate to the message disposition is
> better than simply accepting _all_ messages only to drop some later (I
> do not consider generating a sep
On Sun, 2004-05-16 at 02:26, Steven P. Donegan wrote:
> This was a first for me - ClamAV has been - well about as perfect as any
> software could be - today one sneaked by that Norton/Symantec caught.
>
I've only seen it twice recently..
One was a damaged Netsky/SomeFool that only Symantecs signa
For those that found my virus alias database useful I have now moved it
to http://www.rainingfrogs.co.uk to get0 rid of the annoying UK2 popup
add and banner. This also means that it will now accept direct links to
URL's of specific entries, for those that requested that facility.
On Wed, 2004-05-19 at 12:54, Betsy Schwartz wrote:
> Some PC's on our network have been flagged as having
> "agobot,gaobot,polybot" (or a sasser variant), by the perimiter security
> system. I have looked at Kevin's excellent database at
> http://www.rainingfrogs.co.uk and don't see any matches
On Thu, 2004-05-20 at 19:21, Peter Bonivart wrote:
> Jim Maul wrote:
> > There is something that is causing clamav to not be able to detect this
> > virus after the message has been bounced and now forwarded.
>
> Damaged bounces are not dangerous. Why bother making signatures for them
> when you
On Tue, 2004-05-25 at 17:12, Ken Jones wrote:
> Is it possible to configure clamav to block certain
> types of attachements even if they do not have a virus?
>
Take a look at MailScanner http://www.mailscanner.info it offers a
number of ways to apply all sorts of policy to email.
signature.asc
On Tue, 2004-05-25 at 17:12, Ken Jones wrote:
> Is it possible to configure clamav to block certain
> types of attachements even if they do not have a virus?
>
Take a look at MailScanner http://www.mailscanner.info it offers a
number of ways to apply all sorts of policy to email.
BMRB Interna
On Tue, 2004-05-25 at 17:12, Ken Jones wrote:
> Is it possible to configure clamav to block certain
> types of attachements even if they do not have a virus?
>
Take a look at MailScanner http://www.mailscanner.info it offers a
number of ways to apply all sorts of policy to email.
signature.asc
On Thu, 2004-05-27 at 09:21, Mr Mailing List wrote:
> Just noticed that scanning files with clamdscan does not scan
> filesthat are not world readable.
Perhaps it would be better if clamd could implement some kind of
privilege separation, so that a minimal process running as root reads
the files,
On Fri, 2004-05-28 at 16:29, Brandon wrote:
> Good Morning!
>
> Has anyone on this list had any luck running clamav with CommuniGate Pro?
> Our mail volume is approximately 40,000 messages per hour across two front
> end servers. Does anyone have any statistics they would like to share
> about C
On Tue, 2004-06-01 at 22:09, Fajar A. Nugraha wrote:
> Gervase wrote:
>
> >ERROR: Can't get information about database.clamav.net host.
> >
> >
> Seems like DNS problem. Configure your DNS server properly,
> or use proxy (edit freshclam.conf)
Make sure your firewall allows DNS over both UDP _an
On Fri, 2004-06-04 at 07:15, Gervase wrote:
> On Thu, 2004-06-03 at 15:22, Jo Mills wrote:
>
> > Don't give up!
>
> Many thanks for joining in. Unfortunately I was impatient and
> reinstalled. But, alas, the problem did not go away.
> > Have you tried something along the lines of:
> > host go
On Wed, 2004-06-09 at 20:10, Samuel Benzaquen wrote:
> I think the only way I could think is reporting the IP to some DNSBLs.
> That way you can stop receiving their mails and you leave the cleansing
> problem to their ISP.
Or simply block the IP with sendmails acces database (or the equivalent
f
Subject: Re: clamav 0.72 segfault
Hi,
On Jun 10, 2004, at 4:05 PM, Kevin Horton wrote:
I get a repeatable segfault when clamscan 0.72 tries to scan a
certain large Word file.
sudo clamscan /Users/kwh/Documents/Flying/RV/Avionics:Panel/gyros/gyros.doc
zsh: 23956 segmentation fault sudo clamscan
On Sat, 2004-06-12 at 22:12, Philipp Grosswiler wrote:
> Now I read a news article on heise.de, that F-Secure calls those e-mails
> under the name of Sober.H. I would like that ClamAV could also add those
> signatures to the database, as there seem to be a lot of victims out there
> being infected
At 6:56 -0400 11/6/04, Kevin Horton wrote:
Subject: Re: clamav 0.72 segfault
Hi,
On Jun 10, 2004, at 4:05 PM, Kevin Horton wrote:
I get a repeatable segfault when clamscan 0.72 tries to scan a
certain large Word file.
sudo clamscan /Users/kwh/Documents/Flying/RV/Avionics:Panel/gyros/gyros.doc
On Wed, 2004-06-16 at 22:26, List wrote:
> Hi,
>
> I notice some errors in my cron.daily. I am running RedHat 9 and Clam 7.2.
> Errors listed below :-
>
> /etc/cron.daily/clamscan:
>
> /etc/cron.daily/clamscan: line 1: clamscan: command not found
> /etc/cron.daily/clamscan: line 1: sigtool: comm
On Mon, 2004-06-21 at 19:41, Thomas Jackson wrote:
> According to the FAQ and the configure script I need to install GNU MP
> on my Solaris 8 system so that clam will support digital signatures.
>
> I've installed GMP 2.0.2, 3.1, and 4.1.3 on test systems and none will
> satisfy the configure sc
1 - 100 of 278 matches
Mail list logo
