Strange, clamav has been update, but still cannt found Virus.MSExcel.Agent.c
, Any idea will be appreciate.
Best regards,
Eric
-Original Message-
ClamAV database updated (04 May 2010 14-47 -0400): daily.cvd
Version: 10917
..
Submission-ID: 15498675
Sender: eric
Added
I send email attached .xls file which infected X97M.Escape, but clamd didn`t
find it.
My server : postfix+MailScanner+clamd
Eric
-Original Message-
From: clamav-users-boun...@lists.clamav.net
[mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Dennis Peterson
Sent: Wednesday
How do I tell if I have sendmail-devel installed. the clamav milter tells
me to ensure that it is there. I know I am using sendmail 8.12.5 but how do
I know if its devel? which sendmail and which sendmail-devel show nothing.
Eric
---
This
what pop3 is good for multiple domains? instead of qpopper
> >
> > > > On the other hand, remove sendmail and install Postfix
instead.
>
---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbin
On 09/30/2013 11:43 AM, Eric Shubert wrote:
The data files were omitted from the source tarball beginning with
version 0.97.5. I thought that made sense. Now with 0.98 they appear to
be back.
Is there any easy/preferred way to "make install" (or "configure")
without h
On 10/04/2013 05:30 PM, Al Varnell wrote:
On Oct 3, 2013, at 12:49 PM, Eric Shubert wrote:
On 09/30/2013 11:43 AM, Eric Shubert wrote:
The data files were omitted from the source tarball beginning with
version 0.97.5. I thought that made sense. Now with 0.98 they appear to
be back.
Is there
On 10/09/2013 09:39 AM, David Raynor wrote:
On Tue, Oct 8, 2013 at 9:47 PM, Eric Shubert wrote:
On 10/04/2013 05:30 PM, Al Varnell wrote:
On Oct 3, 2013, at 12:49 PM, Eric Shubert wrote:
On 09/30/2013 11:43 AM, Eric Shubert wrote:
The data files were omitted from the source tarball
gClean yes
LogVerbose yes
LocalSocket /tmp/clamd.socket
FixStaleSocket yes
Foreground yes
ScanMail yes
Any ideas?
Thanks.
--
-Eric 'shubes'
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
On 05/09/2014 07:45 AM, Greg Folkert wrote:
On Fri, 2014-05-09 at 10:33 -0400, Bowie Bailey wrote:
On 5/8/2014 10:35 PM, Eric Shubert wrote:
[root@qmt-cos5 etc]# grep -v ^# clamd.conf | grep -v ^$
Inefficiency bugs me... You can do multiple patterns with a single grep
using the -e flag
On 05/09/2014 04:41 AM, Shawn Webb wrote:
On Thu, May 8, 2014 at 10:35 PM, Eric Shubert wrote:
Immediately after upgrading from 0.98 to 0.98.3,
when "clamdscan --stdout -V" is run (via simscanmk -g),
the clamdscan appears to go into a hard loop (eats a lot of cpu endlessly).
He
Nice work guys. That indeed took care of it.
As I'm packaging this for the qmail-toaster project, I'm wondering if I
should release this version with the patch, or simply wait for 0.98.4 to
be released. Any idea when 0.98.4 might roll out?
Thanks.
--
-Eric 'shubes'
On
On 05/09/2014 04:41 PM, Dennis Peterson wrote:
On 5/9/14, 7:33 AM, Bowie Bailey wrote:
On 5/8/2014 10:35 PM, Eric Shubert wrote:
[root@qmt-cos5 etc]# grep -v ^# clamd.conf | grep -v ^$
Inefficiency bugs me... You can do multiple patterns with a single
grep using the -e flag.
grep -v -e
ntil recently)
Is jit really worth the overhead? (I suppose the answer to this is
subjective)
Thanks for any assistance.
--
-Eric 'shubes'
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
016 -> Log file size limited to 1048576 bytes.
Tue Nov 22 12:44:59 2016 -> Reading databases from
C:\PROGRA~2\SMARTE~1\SMARTE~1\Service\Clam\share\clamav
Tue Nov 22 12:44:59 2016 -> Not loading PUA signatures.
Tue Nov 22 12:44:59 2016 -> Bytecode: Security m
This was my concern about Cisco’s AMP product on ASA’s and NGIPS’s. I’m going
to be beta testing stuff out shortly, but don’t have high hopes besides the
Snort rules.
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
> On Jan 4, 2017, at 6:23 PM, Reindl Harald wrote:
>
>
f-level: 63, builder:
anvilleg)
Database updated (6273481 signatures) from database.clamav.net (IP:
194.186.47.19)
Clamd successfully notified about the update.
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
___
clamav-users mailing list
clamav-us
Here's links to sample files, ie use at your own risk:
https://gist.github.com/rain-1/989428fa5504f378b993ee6efbc0b168
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
-Original Message-
From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf
Of Mark
nstall with Homebrew on
OSX to test it out.
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a com
make recovery harder. (source: malwarebytes)
It seems more believable to me than everyone with SMB access to the public
internet.
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
-Original Message-
From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf
Of D
> On Jul 1, 2017, at 1:10 AM, Mark Foley wrote:
>
> I've put the expetr.yara rule from Kaspersky for the recent notPetya
> ransomware
> in my /var/lib/clamav directory.
>
> I can I tell if clamav is running it? I see nothing in /var/log/clamav.log.
>
> --Mark
My first suggestion would be m
33 03}
condition:
$id3 at 0
}
Sort of strange, that yara is catching it, but clamav isn’t.
Erics-Mac-Pro:temp eric$ clamscan -d mp3.yara ./
./.DS_Store: OK
./01 For Fruits Basket - TV Edit.mp3: OK
./01 Prologue-(Apprehension).mp3: OK
./01 The Ultimate -Naked mix -.mp3: OK
./01 Visitor.mp3: OK
ely have that signature in ClamAV as well:
PUA.Win.Trojan.Xored-1:3:*:63686172636f6465617428{-5}295e
Perhaps amavisd is different in the way it scans?
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
___
clamav-users mailing list
clamav-users@lists.clamav.ne
Kees,
> $ clamscan --detect-pua us-cert-message
> us-cert-message: PUA.Win.Trojan.Xored-1 FOUND
>
> --- SCAN SUMMARY ---
> Known viruses: 6525318
> Engine version: 0.99
> Scanned directories: 0
> Scanned files: 1
> Infected files: 1
> Data scanned: 0.16 MB
> Data read: 0.10 MB (ra
github.com/Yara-Rules/rules/tree/master/Webshells>
I’d be cautious at first and not use move or delete, at least until you’ve got
the script down pat. I’ve learned the hard way from my own false positives ;)
Eric
___
clamav-users mailing list
clamav-user
On the VirusEvent section of clamd.conf, it says that it creates two
environment variables.
I've got clamdscan running under my user account on OS X 10.13, but not
showing anything on printenv.
Is there something I'm missing?
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 61
Sorry for the noise...
The variables are only available for the duration of the script...
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman
e sucker to work, I’ll throw it up on GitHub with my configs.
Pretty basic install with homebrew and a few plist files and shell scripts, so
should be easy to use ansible/remotedesktop to configure multiple workstations.
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 6
ClamAV update server, but I wouldn’t be
opposed, as some of my clients are probably downloading updates as well. But
my guess is that you are only getting limited by the local request to the
server.
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
> On Nov 6, 2017, at 4:45 PM, Al Varn
I'm going to start posting a few to https://www.clamav.net/reports/malware
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/lis
Sorry to bother, but do you guys want raw emails or just the payload Word
Docs?
I just sent payloads, since they are real emails with responses and a virus
attached.
I can however scrub the raws and send a few of those as well.
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
rite my own signatures if I need to.
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV
incerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
-Original Message-
From: clamav-users On Behalf Of
Orion Poplawski
Sent: Wednesday, December 23, 2020 1:11 PM
To: ClamAV users ML
Subject: [clamav-users] Question about Urlhaus.Malware.452652-9766253-0
Can anyone give me some details a
ntined to a ~/Documents/Quarantine/ directory so if a file simple
went missing I would know where it was from and where it went to.
P.S. Have a good new year everyone...
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
> On Dec 31, 2020, at 6:52 PM, Jay A. Schoon via clamav-users
>
I’ve got a QNAP at my house. Looks like it’s fine on the newest version:
v4.5.3.1594
Given it’s outdated, but that doesn’t surprise me much:
ClamAV 0.102.2/26100/Sat Mar 6 07:05:22 2021
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
> On Mar 7, 2021, at 4:29 PM, Eero Voloti
quick:
https://www.reddit.com/r/qnap/comments/dcnjzo/clamav_virus_definition_downloads_failing/
<https://www.reddit.com/r/qnap/comments/dcnjzo/clamav_virus_definition_downloads_failing/>
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
> On Mar 7, 2021, at 5:48 PM, Joel Esler (je
….
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav
subscribing to these providers irl.
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
> On Mar 19, 2021, at 7:52 PM, Joel Esler (jesler) via clamav-users
> wrote:
>
> Linode is our second biggest abuser.
>
> Slow your updater down.
>
> Sent from my iPhone
&
Just a heads up. I noticed a bunch of American Express Statements in our
quarantine.
My guess is because they are using m.amex and go.amex links in the emails.
DKIM and SPF pass so these definitely seem to be legit AMEX emails.
>From address is "American Express"
Sincerely,
E
oth.
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
-Original Message-
From: clamav-users On Behalf Of
Matus UHLAR - fantomas
Sent: Tuesday, April 6, 2021 12:03 PM
To: clamav-users@lists.clamav.net
Subject: [clamav-users] SSN question
Hello,
I see that I can enable
fo
Actual underlying link:
https://click.o.delta.com/u/?qs=1568763c78f67b6cdcd44df9cfac10c6bdd8a68c567c4d04238da45d4092cc1adeef2f53a3a8c4248f7140f92bd80fb33b830537983d2ad07ed440f137dd0226
If you ask me, that deserves to be quarantined.
For Sendmail, it should be something like "sendmail -q" I would definitely look
it up in the man pages, as I've been using po
to notify the sender
right away.
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive Cl
Guys,
Found the file causing the issue.
https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/blob/master/tests/test-images/gif-test-suite/max-width.gif
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
-Original Message-
From: clamav-users On Behalf Of Orion
Poplawski via clamav-users
,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
From: clamav-users On Behalf Of Dan
Jaap via clamav-users
Sent: Friday, September 10, 2021 12:31 PM
To: clamav-users@lists.clamav.net
Cc: Dan Jaap
Subject: [clamav-users] Pdf.Phishing.CWS4c384287-9890237-0
Can someone explain what the
mail and decode attachments.
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
From: clamav-users On Behalf Of Andreas
Wittig
Sent: Friday, January 14, 2022 6:17 AM
To: clamav-users@lists.clamav.net
Subject: [clamav-users] Does ClamAV scan attachments embedded in .msg files
Ged,
When did clamav start scanning iso files?
I just tried this and found a eicar.txt file, so yes it does work.
For email, I always just blocked iso extensions. Still doesn’t like MacOS cdr
extensions, but a great improvement.
Sincerely,
Eric Tykwinski
> On Jan 14, 2022, at 6:21 PM,
Steve,
I like the idea, but why the hex; hex?
Just thinking about my recent issues with direct deposit phishing emails from
gmail.com and they are written probably by people, so I can’t really hash it,
and have to regex it.
> On Mar 16, 2022, at 5:10 PM, Steve Basford
> wrote:
>
> On 16 Marc
Jorge,
There are a lot of alternative signatures.
Sanesecurity: http://sanesecurity.com/
Malware Patrol: https://www.malwarepatrol.net/clamav-configuration-guide/
or you can use something like clamav-unofficial-sigs:
https://github.com/extremeshok/clamav-unofficial-sigs
> On Mar 21, 2022, at 4:
Department of Defense (United States)
Impact Level 4
It’s a grading system that should say what the requirements are to reach that
level.
I honestly have no clue what the requirements are, but they should be listed on
the site.
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429
: base64
Content-Description: R5542565_IL0001_1703800_PDF[1].pdf_merge.pdf
Content-Disposition: attachment;
filename="R5542565_IL0001_1703800_PDF[1].pdf_merge.pdf"
I am looking for any ideas about how to avoid this problem, even if that means
not scanning .pd
attachment
On 2009-06-12 20:43, Eric Swanson wrote:
> I am running ClamAV 0.95.2 with MimeDefang 2.64 on Solaris 10. One inbound
> message is not getting processed by clamd, and the following error show up in
> clamd.log:
>
> Fri Jun 12 07:24:48 2009 -> /var/spool/MIMEDefang/md
Freshclam is updating the database normally. Any ideas why clamd would miss
something that clamscan detects?
Eric Swanson
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
but not clamd
On 21.09.09 14:44, Eric Swanson wrote:
> I am running clamav 0.95.2 with mimedefang 2.64 and sendmail 8.14.3 on
> Solaris 10. I am finding that messages with the following are not being
> detected by clamd, but are detected by clamscan as
> Trojan.Downloader-77566.
>
:45 2010
With kind regards,
Eric Mink
Remote IT - Services
Pascalweg 1, Postbus 256
8000 AG Zwolle
Telefoon: 038 - 428 44 44
Fax: 038 - 428 44 40
www.remote.nl
___
Help us build a comprehensive ClamAV guide: visit http
ernel
2.6.21.1. GCC is 4.1.1.
Mine was a CentOS 3.9 machine... 32 bit.
Someone a idea?
No, can only say I've had the same problem with different OS...
Also had to back down to 0.95.3 to get it to work again.
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go
you -- and it worked!
Heck, they even asked for comments and suggestions when forming this policy.
Why did people speak up then?
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go Longhorns!
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
t someone think they are protected when they
are not, then it is to remove all protection so they know they are
unprotected and can take action to protect themselves again.
--
Eric Rostetter
The Department of Physics
The University of Texas at Austi
L for 0.96.1 rolls around.)
Exactly... Thanks for proposing a solution!
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go Longhorns!
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
oducts you
use. The second is because you refuse to upgrade. Both are, to put it
bluntly, your fault and your problem.
Yes, you can't get new definitions now, but at least you know that. This
is better than if you _thought_ you were getting new updates and were not,
is it not?
--
Eric Rost
pdates, it is
a dis-service to those who think they are being protected but are not.
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go Longhorns!
___
Help us build a comprehensive ClamAV guide: visit http://wiki.
e forced that situation on you without
your knowledge or consent.
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go Longhorns!
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
lease, the genius in the management who came out with this smart idea
may please came out and explain to us the why? Many people already know the
when...
Check the mailing list archives...
Giampaolo
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go
our server is
up and running just fine, or if not, it isn't clamav's fault.
They shut down your clamd daemon... Not your server.
Off to find a replacement...
Enjoy!
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go Longhorns!
__
urrent...
Not like they didn't announce this 6 months in advance... Not like
they didn't explain it, and ask for feedback... Why are you upset?
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go Longhorns!
___
Help us b
t archives...
Let me see: I subscribed to this list in Nov 2009. I need more time to fetch
it.
If you subscribed to it in Nov. 2009 and have been reading it, then you
should have known about this issue, and how to avoid any problems. So there
should be no problem.
Giampaolo
--
Eric Rostetter
again in any software I use or manage.
Maybe, but I doubt it.
If one can consider this as normal just because it was announced to happen,
I should subscribe to the kernel list immediately. Should I?
Yes, of course...
LOL
--
Eric Rostetter
The Department of Physics
The University of
Mail must go through", configure your
system to do so and stop whining that you failed to have your system
configured to do what YOU wanted it to do.
Amen.
Jim
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go Longhorns!
__
ware.
Your choice.
Giampaolo
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go Longhorns!
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
them for our failings.
It reminds me of the people who don't vote, then complain about who
was elected...
Giampaolo
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go Longhorns!
___
Help us build a comprehensive Cl
;s email (or web, or whatever).
So now people can stop searching for analogies and stop saying this
is unprecedented...
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go Longhorns!
___
Help us build a comprehensive Clam
Quoting Giampaolo Tomassoni :
In 6 months there were many clamav updates. I would have put the
Signature updates, yes, but not code updates. To make any changes,
you need code updates, not signature updates.
But then, we've about beat this horse to death...
--
Eric Rostetter
The Depar
w.
--
Regards,
Stephan
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go Longhorns!
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
do it.
For six months, there was NO argument at all. That is where the system
failed... What happened in the last week is not the problem. It is the
fall out of the problem. The problem is apathy. The solution is an active
community.
--
Eric Ros
e that radio, I'm going to break it' it is a case of
blackmail.
Nope, sorry. It is not. Maybe you mean Coercion?
Have a nice day :-)
Will do! :)
[1] http://en.wikipedia.org/wiki/Blackmail
--
Eric Rostetter
The Department of Physics
Th
ments are lame (calling it blackmail when
it isn't, saying they need permission from each and every user when they
don't, etc). Come on folks, make your arguments at least reasonable!
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go Longhorns!
___
blown
over ages ago.
I've admitted this often, from the beginning, and my posts are largely
ignored, or refuted, or I'm insulted/slandered/etc. So, this isn't
a true statement.
--
Eric Rostetter
The Department of Physics
The University of Texas at
Quoting Jonny Kent :
Good arguments mostly Eric but I must take issue with your statement above
about owners right and renters.
Yeah, it was kind of vague, but meant to be about the issue of "trespass"
and not about actually invading a renters home or business.
What you can o
can use the results free of charge...
The biggest problem with this suggestion is that it came after the fact,
so it isn't a useful suggestion. No one bothered to offer this advice
before the change was made.
--
Eric Rostetter
The Department of Physics
The University of Texas at Austi
normal in
purpose signatures" that crashed it, or that they pushed a "different
in purpose" one first, where the "purpose" was to notify users of both
the issue, and how to fix it?
--
Simon Hobson
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
oint of view, you (and I for that matter) were not sufficiently
involved is all... The blame therefore rests with us as much as with
sourcefire.
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go Longhorns!
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
t with updates, that's fine and it
still leaves me in control of what I run and when I update it.
True. And a perfectly legitimate stance to hold. But that doesn't mean
sourcefire/clamav has to respect that stance...
--
Simon Hobson
--
Eric Rostetter
The Department of Physics
The U
lease philosophies from their distros...
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go Longhorns!
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
EL 4 or RHEL 5, and when I talk
about a RHEL versions I mean RHEL 5.1 or RHEL 5.2. Red Hat calls
these the opposite way (5.1 is a "dot release" where as 4 to 5 is an
version). So it can be confusing, to say the least. If I'm using
release in a way you don't intend, then I apol
e the --on-outdated-execute option to email
you...
Thanks,
Cliff
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
--
Eric Rostetter
The Department of Physics
The University of Tex
-- Noel Jones
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go Longhorns!
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
it is how I solved a problem I had
(a way too general rule that triggered on base64 encoded text).
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go Longhorns!
___
Help us build a comprehensive ClamAV guide: vis
Thank you for helping the ClamAV
project.
Thank you,
Eric
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
sed with someone knowing that the database files were
empty. That to me is negligent.
I agree with Jim as well that I don't see a reason to change. If there's
a reason to change that we're not aware of, simply let us know *ahead of
time* so that we can make changes accordingly.
sing a new build
process, and might be considering packaging the database separately
(which makes a lot of sense if you ask me).
--
-Eric 'shubes'
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
g clamav-toaster,
and am obtaining the data files in the %post processing, and I don't
want them encumbering the rpm.
I poked around the makefiles a bit, but I'm not very familiar with them.
I'm thinking that a "make install-nodata" or so
y internal domain to tell clam "chill" on my hosts??
Using postfix 2.4, amavisd-new 2.3, clamav 0.90
Thanks,
Eric
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
Good Day.
I've noticed, after running a strace on clamdscan, that clamdscan sends
"control messages" using the UNIX socket "clamav.sock" on file
descriptor 3. The first of these is the string "STREAM". The response
from clamd is a port number to stream the email/file through. The IP
socket is conn
ur clamav databases on a RAMDISK to try to speed it up some, etc.
But I am always waiting for either the RC code to get released, or for
someone reliable to release the RC code as an RPM for my OS versions.
It is annoyingly slow, though still usable, as is.
leave you without
protection... And the same for the milter too... In fact, why not just
label all the code that way. In fact, it isn't even a release verison yet,
so why would you use it in production?
Anyway, my point is, your millage may vary. Don't try to impose your views
on ever
Quoting "Christopher X. Candreva" <[EMAIL PROTECTED]>:
> On Mon, 18 Jun 2007, Eric Rostetter wrote:
>
>> Anyway, my point is, your millage may vary. Don't try to impose your views
>> on everyone else.
>
> Whoa here. Did you chime and and give a go
problems.
Having said that, it is some of the best pre-1.0 code I've ever used!
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go Longhorns!
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
epends on your available resources. And in
my opinion, with my resources, it is tolerable. Your milage may vary.
Do I wish it was faster again? Sure! But can I live with it until it
is faster again? Sure! And if not, why not use the newest RC which is
fast? Come on folks, this isn't rock
.
> Anyway, you're happy so I'm happy :).
Okay! Happy Happy Happy! :)
> dp
> ___
> Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
> http://lurker.clamav.net/list/clamav-users.html
>
--
Eric Rostetter
The Department of Physics
The Un
Quoting Henrik Krohns <[EMAIL PROTECTED]>:
> On Mon, Jun 18, 2007 at 10:45:30PM -0500, Eric Rostetter wrote:
>>
>> if you have sufficient system resources, and are willing to
>> tolerate slow delivery times (up to 4 minutes on my system, with clamscan
>> on
7;m not trying
to impose any view on you except for "your milage may vary" which I really
am trying to impose on everyone. :)
> And back to the reality, my last post in this thread. Hope you didn't enjoy.
Yeah, I'll join in. This is my last posting too. Sorry if people st
1 - 100 of 309 matches
Mail list logo
