Vladislav Kurz
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
email?
Hi,
this is not setting of clamav itself. It should be configurable in SMTP server
or its antivirus interface like Amavis. Clamav just decides if the file is
infected or not. It is the SMTP server that decides what is sent back.
--
Best Regards
Vladislav Kurz
__
Dne Pá 1. dubna 2016 12:16:06, Bowie Bailey napsal(a):
> >
> > Thanx! Guess I used the term bounce incorrectly. After looking at my
> > amavisd.conf file, I realized I have:
> > $final_virus_destiny = D_REJECT;
> >
> > So it is properly configured, just not behaving the way we want it to y
that case I would recommend clamfs, it is not perfect, but simple.
The main problem is that it will still allow direct (unscanned) access
to the original filesystem, so you have to be careful.
--
Regards
Vladislav Kurz
___
Help us build a comprehen
e
> dirtectory / multiple dirtectories
>
> how does it can be achived? could anyone please help me in this...
Hi,
You could scan using clamscan -r
It recurses directories and outputs status of every scanned file.
Or is there a specific reason to use clam_D_scan instead?
--
B
--
S pozdravem
Vladislav Kurz
Centrála: Celní 17/5, 63900 Brno, CZ
Web: http://www.webstep.net
E-Mail: podp...@webstep.net
Tel: 840 840 700, +420 548 214 711
Obchodní podmínky: https://zkrat.to/op
___
Help us build a comprehensive ClamAV guide:
iving
bad points.
So I am looking for alternative signatures, to improve the detection
rate. I heard about sanesecurity.com. Are there any other 3rd party
signatures?
--
Best Regards
Vladislav Kurz
___
clamav-users mailing list
clamav-
On 12/13/16 10:14, Reindl Harald wrote:
>
>
> Am 13.12.2016 um 10:03 schrieb Vladislav Kurz:
>> Hello all,
>>
>> In the last few months my satisfaction with clamav's virus signatures is
>> getting worse. Viruses getting through, while clamav catches just a
ough that "VirusEvent" could be an appropriate way to do it. (Is there
> any better way?)
Hello,
try using amavis together with your SMTP server. It has options to put
mail into quarantine and to notify recipients, that something has been
quarantined.
--
S pozdravem
Vladislav
I have the same problem, and already submitted a false positive report.
In our case it was a signad pdf, so I suspect that the signature makes
it FP. But I have no idea how to work around it now. Maybe disable pdf
scanning?
On 04/28/17 16:47, Giuseppe Ravasio wrote:
> Hi,
> since this morning dail
ying the signature.
>
> In the interim, I've dropped the current signature.
>
> On Fri, Apr 28, 2017 at 11:01 AM, Vladislav Kurz > wrote:
>
>> I have the same problem, and already submitted a false positive report.
>> In our case it was a signad pdf, so I suspect th
rcumstances)
decodes mime parts into separate files, and thus needs 2x more space in
scan spool.
I also see occasional (but very rare) leftovers in /var/spool/exim/scan
--
Best Regards
Vladislav Kurz
___
clamav-users mailing list
clamav-users@lists.cl
is another data base
>> directory?
>>
>> Jobst
>>
>>
>
>
> All the virus databases go in the same directory.
>
Hello,
if you use the script provided by sanesecurity, it will copy selected
unofficial databa
b.com/extremeshok/clamav-unofficial-sigs/issues/203
--
best Regards
Vladislav Kurz
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
htt
M.
>
> I can't tell you how much of it eats clamav without those signatures, but I
> wouldn't run clamav on machines with less than 1GB either.
>
The unofficial signatures do not eat much extra memory. I think it is
not more than 10% extra, virtually for free. I agree that 1
default 30 s), and if the update is not finished in that time, it tries again.
IMHO quite stupid... The update was working perfectly, it just needed to
download too much updates, that it needed about 60 s to finish.
--
Best regards
Vladislav Kurz
cvd, and there is no indication that it is discontinued. Perhaps,
if you talk to Debian Clamav maintainers, they could release an update that
disables this option without asking ?
Anyway I was one of those, and now disabling it everywhere...
--
Best Regards
Vladislav Kurz
__
safebrowsing.cvd result in a 403 error.
How about just making the file empty?
Also I wonder if freshclam does not check if the file has been modified, and
skip the download if not?
--
Best regards
Vladislav Kurz
___
clamav-users mai
Dne čtvrtek 8. dubna 2021 16:17:24 CEST, Ralf Hildebrandt via clamav-users
napsal(a):
> * Vladislav Kurz via clamav-users :
> > How about just making the file empty?
>
> I think this causes an error in clamav/clamd
Then just make is as small as possible - e.g. leave only one s
am
timed out before finishing the download and started over again. I think
I had to increase "ReceiveTimeout 30" in freshclam.conf.
--
Best Regards
Vladislav Kurz
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://li
ment bigger than main.cvd and
main.cvd has not beeen updated at least two years (maybe even more).
--
Best Regards
Vladislav Kurz
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
sible to reload only those that have changed since last
reload? Then it would be beneficial to have large main.* and smaller
daily.* files, and forking and loading in background would not be needed.
So the question is - what would be easier to code?
- reloa
On 17/10/2019 16:51, G.W. Haywood via clamav-users wrote:
> Hi there,
>
> On Thu, 17 Oct 2019, Vladislav Kurz via clamav-users wrote:
>
>> So the question is - what would be easier to code?
>> - reloading in background thread
>> - reloading limited to new files
&
On 17/10/2019 17:44, G.W. Haywood via clamav-users wrote:
> Hello again,
>
> On Thu, 17 Oct 2019, Vladislav Kurz via clamav-users wrote:
>
>> Is there anything blocking this patch from being accepted ?
>
> As far as I know, only the (significant) pressures and (AFAI
on a predictable schedule, you have all the time in the world to do
> that.
True. This script should never be run as root, but as clamav user. Thus
chown would not be needed at all. Just as freshclam is run as clamav
user too.
--
S pozdravem
Vladislav Kurz
Centrála: Celní 17/5, 639
at scanning in multiple threads
> increases scan time?
I don't see hosw muti-thread or multi-process would be different.
But I do not recommend scanning in parallel, the disk I/O is IMHO the
bottleneck, why you use only 10% of CPU, and running multiple scans in
parallel will make things
ry downloaded
page, and the startup of clamav takes very long time (parsing all the rules).
Also check if you have enough memory both clamav and squid can eat a lot, so
check if you are not swapping.
Best Regards
Vladislav Kurz
___
clamav-users mailing
27 matches
Mail list logo
