[clamav-users] Virus update notices from month's ago.

Hi, I'm getting all sorts of virus update notifications that are months old and huge in size. Headers for one at http://pastebin.com/iMnkFiCk Regards, Rick ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http:

Re: [clamav-users] Clam AV Integration with Thunderbird

On 2017-01-08 10:35 AM, A6 wrote: Hi i was just wondering if it is possible to integrate ClamAV with thunderbird in a way so that any mail & attatchments i receive will be automatically scanned for viruses? Google Fireclam Regards, Rick --- This email has been checked for viruses by Avast

Re: [clamav-users] RE : Does clamav use internet after the many downloading of begun of scan?

Hi, clamscan needs to load all the signatures each time it is run. It does not use the Internet. clamdscan uses the signatures loaded into clamd (much faster but always uses a lot of memory) Regards, Rick On 2022-10-25 11:22 a.m., Dorian ROSSE via clamav-users wrote: Because I see at the

Re: [Clamav-users] Clamav Wiki

Nathan Gibbs wrote: Is the Wiki having issues or is it just me. I haven't been able to access it since last night. Same here, I couldn't access it at all yesterday. Regards, Rick ___ Help us build a comprehensive ClamAV guide: visit http://wiki.cl

Re: [Clamav-users] Amazon.com order confirmation tripped Phishing.Heuristics.Email.SpoofedDomain

On 09/03/2010 11:52 AM, Kris Deugau wrote: I just received a report from a customer about a legitimate Amazon.ca order confirmation that tripped the Phishing.Heuristics.Email.SpoofedDomain code in Clamav (0.95.3 from Debian lenny volatile). I'm not sure what this heuristic test looks for, but af

Re: [Clamav-users] Amazon.com order confirmation tripped Phishing.Heuristics.Email.SpoofedDomain

On 09/03/2010 12:18 PM, Jim Preston wrote: Just a coursoity, did you report the PhishinScanURL problem? No, I didn't get the chance. It was crazy busy around that period and come January I had forgotten all about it. This thread just reminded me. Regards, Rick _

Re: [Clamav-users] Lots and lots of memory...

On 05/07/2010 2:41 PM, john espiro wrote: I am running clamd on a CentOS 4 box. Today I upgraded, via yum, to the latest version of clamd Installed Packages Name : clamd Arch : i386 Version: 0.96.1 Release: 1.el4.rf Size : 24 M Repo : installed Summary: The Clam AntiVirus Daemon The

Re: [Clamav-users] Functionality level warning message after upgrade to 0.96.2

On 23/08/2010 10:56 AM, Dennis Peterson wrote: On 8/23/10 7:45 AM, Jean Jacques Siebrits wrote: WARNING: Current functionality level = 44, recommended = 51 rpm -qi clamav Sorry, I forgot to mention it was a source installation. Configuration string was: ./configure --prefix=/usr --sysconfdir

Re: [clamav-users] how to release 16K FPs from quarantine?

On 08/08/2012 9:17 AM, Len Conrad wrote: postfix + clamsmtpd + clam Received a bad sig from MBL. stef the clamsmtpd guy says it was clam that quarantined, not his software. I installed amavisd to try to use amavisd-release, but it's not working. Is there any clam tool to release from quaranti

Re: [clamav-users] Help to download ClamAV 0.97.6 tar.gz source code

On 01/10/2012 10:33 AM, Noel Jones wrote: This is correct. The link takes you to the latest release for your detected platform. I'm guessing that you are using a 64bit windows machine to do the download? Tom This makes getting source code unnecessarily complicated; lots of folks do not use a

[clamav-users] Strange error with freshclam

Hi, For some reason one of our mail servers is being denied access to download the latest cvd file because it is too out of date. Current version is the latest 97.7 and before that it was 97.6. Current working dir is /usr/local/share/clamav Max retries == 3 ClamAV update process started at T

[clamav-users] Strange error with freshclam

Hi, Re-post since I didn't see it hit the list. For some reason one of our mail servers is being denied access to download the latest cvd file because it is too out of date. Current version is the latest 97.7 and before that it was 97.6. Current working dir is /usr/local/share/clamav Max r

Re: [clamav-users] Strange error with freshclam

On 2013-03-22 10:55 AM, Joel Esler wrote: On Mar 21, 2013, at 12:05 PM, Rick Macdougall wrote: Hi, For some reason one of our mail servers is being denied access to download the latest cvd file because it is too out of date. Current version is the latest 97.7 and before that it was 97.6

Re: [clamav-users] Strange error with freshclam

On 2013-03-22 11:19 AM, Gene Heskett wrote: On Friday 22 March 2013 11:19:25 Rick Macdougall did opine: Hi, Re-post since I didn't see it hit the list. It did. Yah, I saw that. Took over 24 hours though. Regards, Rick ___ Help us bu

Re: [clamav-users] Availability of virus pettern for solaris

On 2013-06-18 4:34 PM, Christopher X. Candreva wrote: On Tue, 18 Jun 2013, Joel Esler wrote: If I would have written back and said "ClamAV's db includes detection for malware on all operating systems" someone would have wrote back and said "all operating systems? srsly? 4real? all?" OK, wh

Re: [Clamav-users] How to download souce from the linux command line using WGET?

Ken Morley wrote: I have a Linux (CentOS) server and I need to download the latest ClamAV stable source. The server doesn't have a web browser, so I need to use a command line to download the source. I've read the FAQ's and ClamAV documentation, but don't find instructions for using wget or oth

Re: [Clamav-users] Performance decrease with clamav-0.90.2

Alan Stern wrote: > I upgraded clamav a few days ago from 0.90.1 to 0.90.2 and found that > clamscan's performance had deminished tremendously. The time required to > scan a single 49 KB file increased from 19 seconds to 36 seconds! Now > that scanning for viruses is a factor of two slower, my em

Re: [Clamav-users] outdated version?

zbigniew szalbot wrote: > Hello again, > > Rob MacGregor pisze: >> On 10/15/07, zbigniew szalbot <[EMAIL PROTECTED]> wrote: >>> Hello, >>> >>> In my log I read: >>> >>> Oct 15 12:57:17 lists freshclam[733]: Received signal: wake up >>> Oct 15 12:57:17 lists freshclam[733]: ClamAV update process st

Re: [Clamav-users] How to find infected file

Baz wrote: > Or this > # clamscan -r / > > Dave, keep that smug attitude going. It only helps M$. Thank God I > still have XP on another partition. > Leave the troll alone guys. It's not going any where. Regards, Rick ___ Help us build a comprehe

[Clamav-users] clamdscan not finding virus

Hi, I just got an email that contains a virus. clamdscan does not find it but clamscan does. Any ideas ? clamd.conf is as follows LogFacility LOG_MAIL LocalSocket /tmp/clamd FixStaleSocket yes MaxConnectionQueueLength 90 MaxThreads 30 SelfCheck 600 User clamav Foreground yes ScanPE yes ScanELF

Re: [Clamav-users] clamdscan not finding virus

Rick Macdougall wrote: > Hi, > > I just got an email that contains a virus. > > clamdscan does not find it but clamscan does. > > Any ideas ? To follow up, I extracted the zip file from the mail message using ripmime. clamdscan does NOT detect the virus but clamscan do

Re: [Clamav-users] clamdscan not finding virus

Rick Macdougall wrote: > To follow up, I extracted the zip file from the mail message using > ripmime. clamdscan does NOT detect the virus but clamscan does. > > Can anyone point to what I may be doing wrong ? > > Latest ClamAV 0.92, with a basic config file (the full confi

Re: [Clamav-users] clamdscan not finding virus

Andrew Watkins wrote: > Rick, > > What O/S are you running, since there was a problem with Solaris x86 and > the libclamav, but that has been fixed in the latest Development release. > >>> >> Well thanks to how ever fixed the definitions so that clamdscan now >> detects the infected file!

[Clamav-users] Clamdscan not find viruses

Hi, I have another example where clamdscan fails to find a virus but clamscan does. [EMAIL PROTECTED] aeiadm]# clamdscan /tmp/180334 /tmp/180334: OK --- SCAN SUMMARY --- Infected files: 0 Time: 0.033 sec (0 m 0 s) [EMAIL PROTECTED] aeiadm]# clamscan /tmp/180334 /tmp/180334: Ph

Re: [Clamav-users] Clamdscan not find viruses

Noel Jones wrote: > Rick Macdougall wrote: >> >> Now, mail server 2 did not see the virus this morning when I checked it >> again but it obviously did last night when PhishingScanURLs = no. >> >> Any reason for that that you can see ? > > clamscan do

Re: [Clamav-users] Clamdscan not find viruses

Noel Jones wrote: > Rick Macdougall wrote: >> Noel Jones wrote: >>> Rick Macdougall wrote: >>>> Now, mail server 2 did not see the virus this morning when I checked it >>>> again but it obviously did last night when PhishingScanURLs = no. >

Re: [Clamav-users] Clamdscan not find viruses

Noel Jones wrote: > Rick Macdougall wrote: >> Hi, >> >> I have another example where clamdscan fails to find a virus but >> clamscan does. >> >> [EMAIL PROTECTED] aeiadm]# clamdscan /tmp/180334 >> /tmp/180334: OK >> >> --- SCAN SU

Re: [Clamav-users] Problem using 'clamdscan' on claws-mail files

Gerard wrote: > Using FreeBSD-6.3 and claws-mail-3.3.1 > ClamAV 0.92.1-exp/6062/Fri Feb 29 23:56:21 2008 > > > I have run into a problem that is driving me crazy (sort drive). > > I am attempting to scan mail files that were created using claws-mail. > 'Clamscan' works fine; however, 'clamdscan'

Re: [Clamav-users] Third-Party Signatures: Sanesecurity

Bill Landry wrote: > Steve Basford wrote: >> Sorry to hijack the list...just a few quick updates: >> >> 1. Signature Tests >> >> I've introduced a few Sanesecurity Signature tests, to help you make >> sure you are getting the best out of the signatures available. Make sure >> you pass all three

[Clamav-users] Possible FP on Virus: Trojan.Dropper-9173

Hi, I don't have a copy of the file yet but there appears to be an FP on the definition for Trojan.Dropper-9173. The sig makers could take a look at it now or wait for me to receive the offending file from the client. Regards, Rick ___ Help us build

Re: [Clamav-users] Clamav 0.94

Noel Jones wrote: > Jose Julian Buda wrote: >> proxymails:~# clamscan filewitheicar.txt >> filewitheicar.txt: Eicar-Test-Signature FOUND >> >> --- SCAN SUMMARY --- >> Known viruses: 416228 >> Engine version: 0.94 >> Scanned directories: 0 >> Scanned files: 1 >> Infected files: 1 >>

Re: [Clamav-users] freshclam version logic

Dennis Peterson wrote: > Jason Bertoch wrote: >> I understand this is harmless, but shouldn't there be some logic in >> freshclam to avoid this error? >> >> freshclam[29375]: Your ClamAV installation is OUTDATED! >> freshclam[29375]: Local version: 0.94.2 Recommended version: 0.94.1 > > It's not

Re: [Clamav-users] Problem Reloading Database during self check

McDonald, Dan wrote: > On Fri, 2009-01-02 at 10:24 -0500, Frank DeChellis wrote: >> Hi there and happy new year. >> >> We are running ClamAV 0.94.2 . Just installed it 2 hours ago. When it does >> the self check and reload I get this message: > >> ERROR: Command: readsock() failed. >> Socket file

Re: [Clamav-users] Injury

Nigel Horne wrote: > Folks, > > On Saturday I broke my left collar bone while playing American Football > with some neighbourhood children. The good news is that I will still be > able to work and reply to emails and phone calls, the bad news is that > because I'm left-handed and I've lost the

Re: [Clamav-users] Disabling Filename blocks / Images coming up as Viruses

Hi, Devin Atencio wrote: I am currently using ClamAV 0.65 and I have noticed that several people Who have been trying to send random files through the server get blocked. Is there an option I can specify in the clamav.conf so that it doesn't block Files in any way of being sent to the user especi

Re: [Clamav-users] Bagle Virus/Worm Status?

Hi, Seen clamav catch a few on some of my servers today. Rick Tom Walsh wrote: Anybody seen these yet? http://www.viruslist.com/eng/alert.html?id=783050 There has been some discussion on bugtraq about it's payload today. Just curious... Tom Walsh Network Administrator http://www.ala.net/

[Clamav-users] SCO.A virus

Hi, McAfee has picked it up and is calling it MyDOOM. Virus Information Name: W32/[EMAIL PROTECTED] Risk Assessment - Home Users: High-Outbreak - Corporate Users:High-Outbreak Date Discovered:1/26/2004 Date Added: 1/26/2004 Origin: Unknown Length:

Re: [Clamav-users] Re: SCO.a not being caught at all

Hi, Don't you need the ScanMail option in your clamd.conf file to correctly scan emails? Regards, Rick Erik Bourget wrote: I have no idea how this mail got so messed up, heh. I guess I'll try again. Hey, Clam does catch other viruses but is failing to catch this sco.a thing for some reason

Re: [Clamav-users] SOT: SCO.A disappearing?

Jeffrey L. Taylor wrote: I noticed that the virus count has dropped back to pre-SCO.A levels starting around 0330 UTC this morning. I have not seen a single SCO.A since then. Has anyone also seen this? Jeffrey Hi, Nope, better check your settings. I'm showing the same if not increased levels.

Re: [Clamav-users] qmail-scanner install

u may visit our website at http://www.limelyte.net for prices and contact information. Contact with previous clients can be provided as well, we have many satisfied customers. Regards, Rick Macdougall --- The SF.Net email is sponsored by

Re: [Clamav-users] SOT: SCO.A disappearing?

grep "30 Jan" quarantine.log | grep Worm.SCO | wc -l 2478 slowed a little, but not much. grep -a "30 Jan" quarantine.log | grep Worm.SCO | wc -l 27076 Still going strong here. Rick --- The SF.Net email is sponsored by EclipseCon 2004 Prem

Re: [Clamav-users] visual polling system

Tomasz Kojm wrote: On Fri, 30 Jan 2004 20:21:12 -0500 Rick Macdougall <[EMAIL PROTECTED]> wrote: I'm willing to work on something like that. I've got a few really busy servers and a few not so busy servers. You thinking of a C program or perl (or what ever)? Perl should be j

Re: [Clamav-users] SCO.a not being caught at all

I believe you need ScanMail in the clamd.conf file. Regards, Rick Erik Bourget wrote: Hey, Clam does catch other viruses but is failing to catch this sco.a thing for some reason. Does anyone have any insight? The only two kinds of malware caught this morning are Worm.Gibe.F and Exploit.IFrame.

Re: [Clamav-users] visual polling system

Tomasz Kojm wrote: It would be REALLY slick to put together a restricted (trusted) ClamAV polling system with select ClamAV users around the world so we could see a visual map of how these things spread and where the damage or infection is greatest. That's a really great idea - we only need to f

[Clamav-users] Worm.Bagle.F-zippwd-3 problems

Hi All, We are getting hammered by Worm.Bagle.F-zippwd-3 and clamav isn't picking it up. I understand that qmail-scanner breaks apart the message so that clamav can not pick up the signature (and I'll look into fixing that) but the zip file itself is NOT password protected. Winzip and unzip o

Re: [Clamav-users] Worm.Bagle.F-zippwd-3 problems

wrote: On Wed, 2004-03-03 at 14:32, Rick Macdougall wrote: Hi All, We are getting hammered by Worm.Bagle.F-zippwd-3 and clamav isn't picking it up. I understand that qmail-scanner breaks apart the message so that clamav can not pick up the signature (and I'll look into fixing tha

[Clamav-users] Forwarded Message

Hi, Because of my silliness earlier on, I've been scouring the net in hopes I could find something that might help catch the new nasties inside the zip files. Don't know if this is of any help but here it is anyways. Regards, Rick FYI - this is from the NANOG list. It may help some with crea

Re: [Clamav-users] Freshclam daemon dying

Hi, Bill Maidment wrote: I'm usinf clamav-0.68-1 and occasionally (once every two weeks) I get this response ClamAV update process started at Tue Mar 30 08:46:36 2004 SelfCheck: Database status OK. ERROR: Maximal time (1200 seconds) reached. Then the freshclam daemon died. Anyone else come acr

Re: [Clamav-users] Spam/Virus stats using mrtg

Hi, Jakub Jankowski wrote: grep FOUND clamd.log | awk '{print $8}' | sort | uniq -c | sort -k1nr,1 Appears to be faulty due to spaces in the name of the file, I get entries like 35 .pif: 15 .scr: 11 .exe: Please try again :) Or see http://mail.limelyte.net/admin/qsla/ Regards, Rick --

[Clamav-users] OT: Just some interesting stats

Hi, http://mail.limelyte.net/admin/virus/ Just something I'm messing around with currently. I was going to wait until our web mistress got a nice template up, but that may take longer. Suggestions, ideas, flames, etc, more than welcome. Regards, Rick --

Re: [Clamav-users] Re: OT: Just some interesting stats

Jesse Guardiani wrote: Rick Macdougall wrote: http://mail.limelyte.net/admin/virus/ Just something I'm messing around with currently. I was going to wait until our web mistress got a nice template up, but that may take longer. Suggestions, ideas, flames, etc, more than welcome. Looks

Re: [Clamav-users] Re: OT: Just some interesting stats

Colin A. Bartlett wrote: Jim Maul Sent: Thursday, April 29, 2004 4:10 PM I think the wording is a little confusing..I could be wrong but i assume he means current when he said last. In the same way that "the last 24 hours" means "the current 24 hours", i think "last week" means "current week

Re: [Clamav-users] Patching clamd to log to stderr (for use with multilog)

Dale Gallagher wrote: Nigel Horne wrote LogFile /dev/stderr will work on many systems Slackware Linux complains if one uses the above - hence the patch ;-) I'd be interested to know which OS's are ok with the above? In my original post, I forgot to mention the use of the 'Foreground

Re: [Clamav-users] OT: Question Re: possibly infected W2K Server

http://housecall.trendmicro.com/ Regards, Rick Shaun T. Erickson wrote: Is there anything free that I can use to scan a possibly infected Windows 2000 Server system. Norton's Internet Security says it's trying to DoS my Windows clients, on port 1433. The server is sending "MSSQL_Null_Packet_DoS"

Re: [Clamav-users] Dealing with a flood of mail

Brock Nanson wrote: I've got a server running a Discus forum in addition to Exim4, Clamav and spamassassin. One of the functions of the forum is to send the latest posting to all on the mail list. The result is a flood of mail that Exim sends on to Clam and Spamassassin. Prior to adding Clam

Re: [Clamav-users] Clamav and Qscanq

galactic wrote: Anyone able to assist with this configuration? Thanks. Clamav and Qscanq>I need some help configuring the two applications. Anyone have a better write up on this? I've got Clamav installed and working very nicely but when I issue the install-wrap >command, email doesn't function, t

Re: [Clamav-users] Re: clamd suddenly dying today

Christopher X. Candreva wrote: While the discussion of top-posting is fascinating, can I take it that we are the only two people with this problem ? This seemed to have started yesterday (Monday June 14) about 11:45 AM, and continued through about 5:30 PM. I've upgraded one of my two machine

[Clamav-users] OT: Virus page almost ready to go

Hi All, As promised, the virus stats page is almost ready to go. I'll clean up the code tomorrow or Thursday and release it GPL. http://mail.limelyte.net/admin/virus/ for a preview. Suggestions, critique, etc are welcomed. Regards, Rick --- Th

Re: [Clamav-users] OT: Virus page almost ready to go

List wrote: http://mail.limelyte.net/admin/virus/ for a preview. Suggestions, critique, etc are welcomed. Can i plug it into mrtg? > It looks great! About the only thing I'd add is a list of offending > IPs with # of hits. > > Very nice, how about a (searchable) list of all known virii? > > Yes ni

Re: [Clamav-users] OT: Virus page almost ready to go

Alch wrote: Thanks Rick this is great. I was looking for something like this to put on www.clamwin.com website. However my clamav install processes rather small volumes of email and catches less than 10 viruses a day on average. Would you mind if I include your page (http://mail.limelyte.net/admin

Re: [Clamav-users] OT: Virus page almost ready to go

Shayne Lebrun wrote: Suggestions, critique, etc are welcomed. It looks great! About the only thing I'd add is a list of offending IPs with # of hits. Drillable stats would be nice, too; maybe import the log into a dbm or something every night That is already available, all the information is

Re: [Clamav-users] Not Detecting Netsky.P (With Sample)

[EMAIL PROTECTED] wrote: I just installed clamav for the first time today, so please bear with me. Although clamscan finds a lot of HTML naztyness, the Virus #1, I´m receiving Netsky.P totally gets away. I don´t know if it´s normal but freshclam is only downloading 2 files main.cvd (version 24), a

Re: [Clamav-users] (no subject)

Hi, Can we get him unsunscribed please. Yah yah, I'm top posting :) Regards, Rick [EMAIL PROTECTED] wrote: Mensagem automatica Estarei de férias no período de 19 a 23 de julho. Em caso de urgëncia, favor contatar: Wesley ([EMAIL PROTECTED]) ou Valeria ([EMAIL PROTECTED])

Re: [Clamav-users] clamd segment violations

Trog wrote: On Wed, 2004-07-28 at 23:16, Doug Hardie wrote: I was using clamav-0.70-rc for a long time because it was stable and never crashed. However, it started missing a lot of newer viruses so I upgraded to the version above. Clamd is giving a segment violation every 2 to 6 hours and I h

Re: [Clamav-users] clamd devel-20040728 memory usage growing

Igor Brezac wrote: On Thu, 29 Jul 2004, Mike Lambert wrote: OS: FreeBSD 4.9-RELEASE-p2 ClamAV: devel-20040728 Build options: --enable-milter --disable-clamuko --enable-bigstack --disable-dependency-tracking In 24 hours of running, memory usage for clamd (devel-20040728) has steadily increased from

Re: [Clamav-users] ClamAV-20040805

Tomasz Kojm wrote: Dear users, the development version of ClamAV is mature enough to start using it instead of 0.7x stable releases. Please give it a try and report all bugs to [EMAIL PROTECTED] Thank you ! http://www.clamav.net/snapshot/clamav-20040805.tar.gz The above snapshot includes a new, me

Re: [Clamav-users] ClamAV-20040805

Jeremy Kitchen wrote: On Thursday 05 August 2004 07:44 pm, René Bellora wrote: bugs to [EMAIL PROTECTED] Thank you ! I'm testing against old viruses, it seems to miss JS.FortNight.B. Same files, with 0.75 and same signatures are caught *cough* Hi, What's that mean Jeremy ? Regards, Rick

Re: [Clamav-users] ClamAV-20040805

Fajar A. Nugraha wrote: Rick Macdougall wrote: Jeremy Kitchen wrote: On Thursday 05 August 2004 07:44 pm, René Bellora wrote: bugs to [EMAIL PROTECTED] Thank you ! I'm testing against old viruses, it seems to miss JS.FortNight.B. Same files, with 0.75 and same signatures are caught *coug

Re: [Clamav-users] SomeFool.P/Q occasionally passing through

Todd Lyons wrote: Arthur Kerpician wanted us to know: Microsoft Mail Internet Headers Version 2.0 What is that? Received: from backup.ccina.ro ([193.41.216.99]) by main-server.ccina.ro with Microsoft SMTPSVC(5.0.2195.6713); Wed, 11 Aug 2004 17:51:46 +0300 Silly question but are you running QS

Re: [Clamav-users] Leak on Linux 2.4

Nigel Horne wrote: On Thursday 19 Aug 2004 10:50, Jason Haar wrote: With which version of clamAV? -Nigel Slackware here with both 0.75.1 and devel-20040814 Restarted clamd yesterday at 2pm EDT and it is now at 11 meg (the devel version). Regards, Rick ---

Re: [Clamav-users] Leak on Linux 2.4

Nigel Horne wrote: On Thursday 19 Aug 2004 10:50, Jason Haar wrote: With which version of clamAV? Slackware here with both 0.75.1 and devel-20040814 Restarted clamd yesterday at 2pm EDT and it is now at 11 meg (the devel version). As Trog says we are not able to reproduce this problem, so any h

[Clamav-users] Zip Module Failure

Hi All, I've got a few servers getting the Zip module failure ERROR. Clamav 0.75.1 and clamav-devel as of Aug 25. Libz is 1.1.4 Below is the error, and I have a copy of towerpics.zip if the devel crew would like. @4000412f508301daa5c4 /var/spool/qmailscan/mail.nxtek.net109361982745631112/ to

Re: [Clamav-users] Banned file type is not there!!

Sean Hafeez wrote: Hi, I have a client trying to send us Premavara files (scheduling drawings) however it get bounced with this error. The thing is that there is not an .exe file attached and if he zip's the file we get the same error. I am using amavisd-new with ClamAV, SA and Postfix. I think

[Clamav-users] Errors with rc2

Hi, I know this was reported earlier, but just to back up the initial posters message. 2004-09-21 17:03:04.990049500 LibClamAV Warning: Unsupported message format `disposition-notification' 2004-09-21 17:03:04.990056500 [EMAIL PROTECTED]/work/./msg: Bad format or broken data ERROR So yes, it

Re: [Clamav-users] stats

ahellary wrote: hi there im keen to start a web based stats page on virus es caught etc ... i seem to remember a thread where one of you guys were developing such a thing can you please advise Hi, http://mail.limelyte.net/admin/virus/ ?? It uses qsla as the backend to write to a mysql database,

Re: [Clamav-users] Unable to open file or directory ERROR

Grant Supp wrote: I'm using qmail, qmail-scanner 1.23 and ClamAV 0.75.1 on CentOS 3.1 (recompile of RHEL3.) Ocassionally, I get the "Unable to open file or directory ERROR" message in my clamd.log. Now I know this sounds like a permissions problem, but bear with me. This only happens sometimes,

Re: [Clamav-users] Unable to open file or directory ERROR

Grant Supp wrote: Rick Macdougall wrote: I had a similar problem Sunday but with qmail-scanner opening the quarantine-attachments.db file. Turned out my softlimit was too low. Perhaps this is your problem as well. Regards, RIck My softlimit is set to 50MB which is pretty large as far as I

[Clamav-users] Re: Errors with rc2

Rick Macdougall wrote: Hi, I know this was reported earlier, but just to back up the initial posters message. 2004-09-21 17:03:04.990049500 LibClamAV Warning: Unsupported message format `disposition-notification' 2004-09-21 17:03:04.990056500 [EMAIL PROTECTED]/work/./msg: Bad form

Re: [Clamav-users] Test

Tomasz Kojm wrote: Please ignore this message. Ummm, make me ? Rick ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Re: [Clamav-users] ClamAV & daemontools

Arthur Kerpician wrote: Hi all, And this is clamd.conf: LogFile /dev/stdout LocalSocket /tmp/clamd FixStaleSocket MaxThreads 20 User qscand ScanOLE2 ScanMail ScanHTML ScanArchive ScanRAR Foreground in clamd.conf Regards, Rick ___ http://lists.clamav.net/

Re: [Clamav-users] How to Unsubscribe

Greg T. wrote: After sending untold requests to: [EMAIL PROTECTED] and not getting any replies, I'm sending this out to the users: How do I unsubscribe from this list? Hi, From the headers in every email... List-Unsubscribe: ,

Re: [Clamav-users] ClamAV 0.80, daemontools and logging

Matt Gourley wrote: I've just installed ClamAV 0.80 onto a new mail server. It's running well through daemontools, as the test EICAR virus I send it through qmail-scanner is caught, marked and quarantined. However, I cannot get it to log to /var/log/clamd. /service/clamd/run: #!/bin/sh exec

Re: [Clamav-users] ClamAV 0.80, daemontools and logging

Matt Gourley wrote: Rick Macdougall wrote: Matt Gourley wrote: clamd.conf: FixStaleSocket Foreground LocalSocket /tmp/clamd LogVerbose MaxThreads 20 ScanArchive ScanHTML ScanMail User qscand Hi, Logfile /dev/stdout (or stderr) in clamd.conf I tried that. If I do that, I get either: ERROR

Re: [Clamav-users] ClamAV 0.80, daemontools and logging

Matt Gourley wrote: Logfile /dev/stdout (or stderr) in clamd.conf I tried that. If I do that, I get either: ERROR: Problem with internal logger. Please check the permissions on the /dev/stdout file. ERROR: Can't open /dev/stdout in append mode (check permissions!). or the same for /dev/stderr. R

Re: [Clamav-users] Research on ClamAV

Thomas Cameron wrote: On Fri, 2004-12-10 at 08:26 +0100, Paul Bijnens wrote: Does that mean I missed the $25 gif certificate, and this is the second prize? :-) LOL! On a (slightly) more serious note, I didn't get the gift certificate. Did anyone else? Not yet but it may take a week or more for t

Re: [Clamav-users] virus incident response?

Tomasz Kojm wrote: On Wed, 16 Feb 2005 20:04:55 -0500 (EST) "John Madden" <[EMAIL PROTECTED]> wrote: Found 0 submissions - Total results (0 pages) (on both your name and "ivytech") Uh. 'Guess I can't explain that, unless submissions for already-submitted virii don't count. They count so this is

[OT] Re: [Clamav-users] virus incident response?

Tomasz Kojm wrote: On Wed, 16 Feb 2005 20:27:27 -0500 Rick Macdougall <[EMAIL PROTECTED]> wrote: Two of them have been published, one (some trojan, i.e. low priority) is still waiting for its turn: Page(s): << 1 >> Found 3 submissions - Total results (1 pages) Cool, I

Re: [Clamav-users] Will ClamAV always be an open source project ?

Joanna Roman wrote: What if it got bought up by some company one day ? We'd have the last release to fork and continue on with. That's what the GPL is all about. Regards, Rick ___ http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] Virus Volumes

Steffen Winther Soerensen wrote: On Wed, 13 Apr 2005, Doug Hardie wrote: I have been running clamav for quite some time now. For most of that time I was receiving between 1500 and 2000 viruses per day. However, lately the number is down to about 200 per day. I don't have any users complaining a

Re: [Clamav-users] Clean just infected emails in existent mailbox files

Hans Poo wrote: Hi I'am reposting to myself. Yesterday i made a question of the subject, i felt really bad when someone respond me the answer was in the faq. I felt with the responsability to build a solution without resorting to mailbox conversions. I developped a simple tool that using clamd,

Re: [Clamav-users] Virus Volumes

R. Scott Baer wrote: Rick Macdougall wrote: About the same here, almost one years worth of data http://newmail.axess.com/qmailmrtg/clamd.html Rick, Would you mind sharing where you got the mrtg setup for clamav, or if you would mind sharing your setup/config ? This has been on my todo list for

[Clamav-users] Looping scan on an email

Hi, I've captured a copy of an email that looks like it's causing clamav to loop. It does it with both clamdscan and clamscan. (Version 0.84). Would the devs like a copy and if so, where should I send it. Regards, Rick ___ http://lurker.clamav.net/list/

Re: [Clamav-users] clamd segfaulting as of about thursday

Pete Hicks wrote: On Mon, May 02, 2005 at 04:19:53PM -0500, Jeremy Kitchen wrote: I'm having lots of customers call up saying their clamd is segfaulting.. installations that have been around for many months (0.80) and all of a sudden, later in the week last week.. everyone's been having problems

Re: [Clamav-users] Looping scan on an email

Nigel Horne wrote: I've captured a copy of an email that looks like it's causing clamav to loop. Thank you for the sample which I have looked at. The email has several sizable zip files attached to each of which contains a number of word documents. Since each of the files MUST be individually s

[Clamav-users] Exit code with password protected zip file

Hi, I noticed today that clamdscan exits with an exit code of 2 instead of 0 when it encounters a password protected zip file, even with ArchiveBlockEncrypted commented out. Is this the recommended exit code, or have I encountered a bug ? If this is the recommended exit code, where might I find

Re: [Clamav-users] Re: Exit code with password protected zip file

René Berber wrote: Rick Macdougall wrote: I noticed today that clamdscan exits with an exit code of 2 instead of 0 when it encounters a password protected zip file, even with ArchiveBlockEncrypted commented out. Is this the recommended exit code, or have I encountered a bug ? If this is the

Re: [Clamav-users] Re: Exit code with password protected zip file

[EMAIL PROTECTED] wrote: Rick Macdougall wrote: René Berber wrote: man clamdscan: [snip] RETURN CODES 0 : No virus found. 1 : Virus(es) found. 2 : An error occured. Thanks, One place I didn't look that I should have but still, is a password protected zip file considered an

Re: [Clamav-users] Re: Exit code with password protected zip file

René Berber wrote: Rick Macdougall wrote: One place I didn't look that I should have but still, is a password protected zip file considered an error ? I can't really allow scans that return a 2 to pass through (well I can but I don't think it's a good idea). It has been

Re: [Clamav-users] Input/Output error

Светлов А.А wrote: Hello. var/spool/exim/scan/1DTkDH-000McG-5o/1DTkDH-000McG-5o-0.zip: Input/Output error ERROR I've never seen this error before in the log. Yesterday I've upgraded clamav from 0.83 to 0.84. Hi, Most likely a password protected zip file. I'm trying to find a solution to tha

Re: [Clamav-users] Input/Output error

Tomasz Kojm wrote: On Thu, 5 May 2005 17:39:06 +0300 ó×ÅÔÌÏ× á.á <[EMAIL PROTECTED]> wrote: Hello. var/spool/exim/scan/1DTkDH-000McG-5o/1DTkDH-000McG-5o-0.zip: Input/Output error ERROR I've never seen this error before in the log. Yesterday I've upgraded clamav from 0.83 to 0.84. I've alread

  1   2   >