Ian J. Howes wrote:
Hi,
About 5 days ago my smtp server stop accepting mail with the following error
in the mailog
Dec 9 15:26:38 hermes X-Qmail-Scanner-1.24:
[hermes110256999748723023]corrupt or unknown Trend scanner error or
memory/resource/perms problem - exit status -1/16777215
increase your s
Kyle Wheeler wrote:
On Wed, Oct 13, 2004 at 12:09:08PM -0400, Jim Maul quoth:
I just upgraded my clamav from 0.75-1 to 0.80rc4 and now when i run
/var/qmail/bin/qmail-scanner-queue.pl -z, any mention of clamav has been
removed from this file. It really isnt that much of a problem because
mail i
Rolando Morales wrote:
Is there a way to block root domains, like *.kr?
Or anyone from @.kr?
I'm using qmail/qmail-scanner/tcp.smtp.
Rolando/TOR
try qmail-badmailfrom-wildcard patch
http://tomclegg.net/qmail-bmf-wildcard
--
Smeagol wrote:
An error occured while sending mail. The mail
server responded : we don't accept email with such content (#5.3.4). Pls
check the message and try again.
That's definitely not a default qmail (or QS) response.
I suspect you have Russel Nelson's antivirus patch (or variant)
incorporat
SPJ wrote:
When I send a message from mobile to my email, the
message is blocked on my mail server which is using
qmail 1.03, clamav 0.75, spamassassin 2.64 and qmail
scanner 1.23.
I tried to debug and found that the message was
quarantined with header containing something like
"unknown file type
Steffen Bisgaard wrote:
Hallo List,
This is my first question here, so sorry if it has been asked a million
times before. I have tried to browse the archives and tried a few things,
but nothing seems to work...
This is the problem.
I installed clamav 0.75 from the beginning but never actually used
Jason Haar wrote:
On Tue, Aug 10, 2004 at 08:00:36AM -0400, Doug Monroe wrote:
Also check it isn't just a out of memory issue - maybe you need to up your
memory limits? (I can't see why as clamdscan won't use a lot of RAM. But
are
you running clamd under softlimits? That would do i
Jason Haar wrote:
On Mon, Aug 09, 2004 at 11:19:11PM -0400, Doug Monroe wrote:
I notice clamscan options within QS have changed from:
my $clamscan_options="-r --disable-summary --max-recursion=10
--max-space=10";
to:
my $clamscan_options="-r -m --unzip --unrar --unzoo -
linux RH9 2.4.20-31.9
Qmail-Scanner 1.23
clamav 0.75.1
odd problem since upgrading to 1.23, with coincidental update to clamav
0.75
Over the past 3-4 days I've seen clamscan processes hanging around,
sucking up resources, never dying, causing high load. I can kill the
processes, but after some
Lucian Margarit wrote:
I'm using qmail qs-1.22 and clamav-0.74 on a RedHat 9.
Clamscan and clamdscan are working from the command
line, but qs does not quarantine the test viruse.
Actually perlscanner is working, so I receive 3 out of
4 test messages. Also, qmail-scanner-queue.pl -v says
qs it's wo
ip.guy wrote:
Hi all, can qmail-scanner "forward" spam, tagged by spamassasin to
another address (for archiving.)
try procmail or maildrop filtering
---
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings &
Thomas Wahyudi wrote:
Hi all, Is there a way that i can skip the quarantine-attachments list
if the attacment is zip file ?
how about:
--unzip no
---
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Tra
Christian Reeves wrote:
If I have a Message-ID: regex in qmail-scanner.txt, will qmail-scanner log
the hits?
If it doesn't by default, can I make it log them (to verify my regex is
working)?
logging is controlled by '--log-details [yes|syslog|no]' (yes by default)
This will log to /var/spool/qmails
Andrew van Tilburg wrote:
Can Qmail-Scanner be used to check the contents of the body of an email as
well as what's in the headers ?
short answer - no
un-pursued idea:
http://sourceforge.net/mailarchive/message.php?msg_id=5792940
---
This SF.Net
yes, the filters on source forge may make communication of Perlscan
difficult :(
Remote host said: 550-This message matches a blacklisted regular
expression
Andrew van Tilburg wrote:
Ok, thanks Doug. The quarrantine-attachments.txt file is attached. I had to
send to your address as the [EMA
Andrew van Tilburg wrote:
Hi again Jason, thanks for your response. See below for the log results and
header for an email that looks to me as if it should't have been
quarantined. Any ideas on the reason ? Note that the subject and email
address are not in the quarantine-attachments.txt file. I've
Rebs Guarina wrote:
hi guys,
i'm trying to install qmail-scanner on my debian box. i ran configure w/
my options, however, i got this output:
Searching...
** FATAL ERROR ***
/usr/bin/reformime contains bugs. Please upgrade to a release
that post-dates Mar 22 2002 (e.g. 1.3.8)
i'm using v1.38 of r
Don Walters wrote:
I was mainly wondering if you can identify (easily) what email headers
are ugly that QS doesn't like. This way, I can point to the specific
problem that the other admin needs to fix in order for these messages to
be sent with clean mime.
debug log tell you anything?
Do you s
Eric Weide wrote:
I as well would be interested.
[snip]
On Fri, 2004-05-07 at 11:16, Nick Holden wrote:
I'd certainly second that request.
Nick
On Fri, 2004-05-07 at 14:48, Barry Smoke wrote:
one of my favorite anti-virus for windows has come out for linux.
http://www.grisoft.com
any chance
Noticed something odd today.
Upgraded to 1.22 a few days ago and I know it mentions changes to date
formating but now I see that my mailstats.csv file no longer has
date/time stamp recorded -except- for when clamscan or perlscan traps
something:
Clear w/o date:
Clear:RC:0(211.144.32.94)
Jason wrote:
folks, ive had qmail-scanner 1.20 running on my freebsd box with clamav-0.70 and recently, ive
been getting emails with viri that clamav knows about getting through as follows:
...snip...
but If I export that email to a file and clamscan it with -m
clamav reports it a somefool.P.
but
Jason Haar wrote:
If you have $skip_text_msgs=1 and *don't have uudecode installed* then you
are correct. Yup, it's a bug.
However, I'd like to know who doesn't have uudecode installed on their
systems (besides you - obviously). I doubt this affects too many sites...
So, until I fix it properly, a
Since questions around regular expressions get raised here often enough
I thought I'd share these tools.
KDE Visual Regular Expression tool
http://www.blackie.dk/KDE/KRegExpEditor/ - linux version
http://www.cfregex.com/ - windows version
RegEx Coach
http://weitz.de/regex-coach/ - linux/win
Asif Iqbal wrote:
I am getting this error while trying to install qscanq on Solaris 8
root)@qmail:/package/mail/qscanq-0.38# ./package/install
Linking ./src/* into ./compile...
Compiling everything in ./compile...
./load auto-pidt buffer.a str.a error.a fmt_ulong.o
ld: fatal: file auto-pidt.o:
Pantelis Hadzipantelis wrote:
I was wondering if it was possible to add more $archiveit
domains...?
Example:
my $archiveit='.org';
I would like to add .net and .com how would I accomplish this?
my $archiveit='.org .com .net'; ???
read config option docs:
--archive [yes|no|regex] Defaults
Charly Baker wrote:
On a couple of my older mail servers the configure step fails. I have traced
the problem to the perl step at line 1509. This step apparently doesn't run,
because the generated
/usr/local/src/qmail-scanner-1.21/qmail-scanner-queue.pl
file contains none of the lines from th
CertaintyTech-Ed wrote:
On Mon, Mar 22, 2004 at 12:53:43PM -0500, CertaintyTech-Ed wrote:
What "syslog formatted" file should be used for qs2mrtg.pl ?
Mailstats.csv?
No - it means syslog! :-)
--
Cheers
Jason Haar
OK. How does one get Q-S to log virus and spam info to syslog?
--log-details [
Assured Computing wrote:
Hi,
I have a couple of installs where SpamAssassin is happily filtering mail more
or less correctly however I noticed that it does not seem to be autolearning.
How do I make it autolearn?
[snip]
maybe you've not configured SA for Bayes/autolearn?
e.g. local.cf
use_baye
Paul Norris wrote:
Hi all,
I'm having weirdness from qmail-scanner/clamscan. Firstly, here is what
I'm using:
SoL (Server optimised Linux) - a SuSE variant
netqmail-1.05 (the package with the QMAILQUEUE patch)
clamav-0.68
qmail-scanner-1.20
[snip]
BUT (and this is the only thing that isn't
Doug Monroe wrote:
just a public service announcement:
ClamAV 0.70-rc has been released
another FYI note:
clamav 0.70 version of clamscan has a new option:
--detect-encrypted
Mark encrypted archives as viruses
(Encrypted.Zip, Encrypted.RAR
just a public service announcement:
ClamAV 0.70-rc has been released
---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fu
David Lynum wrote:
Just wondering what other qmail-scanner users have done in dealing with
spam that's sent to your webmaster account.
Why...filter out high-scoring crap with procmail of course :)
:0 h
* ^X-Spam-Level: (\+\+\+\+\+\+\+\+\+)\+*
* ^X-Spam-Status: Yes
/dev/null
---
Ed BK wrote:
I get a comand not found
when I try and run
qmailctl cdb
qmailctl restart
then qmailctl is not in your $PATH and/or, depending how you set things
up, may not exist at all since it's only really a suggested link to your
qmail stop/start (init) script.
technically speaking, you shoul
Shai wrote:
Hi,
I have setup my QS like so:
./configure --admin virus --domain mydomain.com --notify
admin,sender --scanners fprot,vexira --local-domains
mydomain.com,myotherdomain.com
./configure --install --admin virus --domain mydomain.com --notify
admin,sender --scanners fprot,vexira --local
Ed BK wrote:
Does anyone know where I put my white list for qmail-scanner
and if possible SA as well.
AFAIK, Q-S has no "whitelist" feature, you -may- be able to accomplish
something with tcp.smtp.cdb rules, depending on what you want.
SA has "whitelist_from" and "whitelist_to" options
http://eu
James Herschel wrote:
It does indeed ... this seems like quite a strange anomaly as I've gotten
tons of virus's tagged and not sent on before ...
Received: from [EMAIL PROTECTED] by myscanner.domain.com by uid 100
with qmail-scanner-1.20st
(clamscan: 0.65. spamassassin: 2.60.
Clear:RC:0(24.87.14
James Herschel wrote:
Hello,
Looks like everyone's got their hands full with Bagle today, so thanks for
taking the time to look at this if you do. I'm running:
Qmail-scanner-1.20st
ClamAV 0.65
SA 2.60
A user had a Bagle.J delivered to them today even though it appears that
qmail-scanner saw that
Joe Kletch wrote:
An analysis from an associate who was getting messed up headers with
only one domain (c-cap.com) of a couple dozen others:
In the spamassassin subroutine there are several places that test
$spamc_options for a '-c' option. If the option is set, spamc just checks
the mail for sp
John McCoy, Jr wrote:
Is there a way we can add a warning to every message that has an
attachment using qmail-scanner?
We would like to pop in a line at the very top saying some thing like:
"Mills College has detected an attachment in this message, we recommend
deleting it if you were not expec
Michael Bellears wrote:
Today I noticed our gateway mailserver running particularly slow -
Investigating further revealed it had a load of 100+!
The culprit was clamscan: One of our clients had sent 500+ e-mails with
a 5Mb zip attachment, with each zip containing a compressed tif image
that was 50
Jesse Guardiani wrote:
Howdy list,
Before I re-invent the wheel: Does anyone have a cron
script that will go through the quarantine directory
removing items that are X days old?
Since implementing qmail-scanner in Sept of 2003 I have
4.8 gigs in my quarantine directory.
you'll likely need to firs
Michele Cerioni wrote:
If I scan the file thank_you.tif with a non-priv user
(/usr/local/rav8/bin/ravav thank_you.pif) rav found the virus.
I debug qmail-scanner-queue.pl putting the command echo '$?'>/tmp/ris
after the command ravav to check the exit code.
Then I send a mail with the virus, an
Adam Goryachev wrote:
[EMAIL PROTECTED] <> wrote:
On Fri, 2004-02-20 at 09:54, Doug Monroe wrote:
Greg is/was using F-Secure, but wrt to clamscan use, it might be
advisable to add the -m flag to clamuko_options (Jason?)
(Doug: as far as the "-m" option WRT ClamAV goes - let m
Jason Haar wrote:
There is no problem. As far as I can tell, when such a bounce message
gets to an end-user, all they see is a raw text message - no attachments
- no virus. As such the fact that other AV systems say there is a virus
is debatable. I'd say as the user cannot possibly be infected wit
Jonathan Tai wrote:
So maybe your freshclam isn't telling clamd about the new updates, and
clamd takes a while to notice? I don't know how that situation can be
fixed on a non-debian distro; I've never had the problem myself.
just as FYI, there are 3 ways to make sure clamd knows of db updates
Greg Kelley wrote:
Folks,
We discussed this issue last week and Doug Monroe and I did some experiments
with these messages that were getting through and:
Although Norton AV 2002 discovered an attachment and quarantined it, without
Norton AV active the message appears to Outlook Express NOT to
Michele Cerioni wrote:
This is the log when I send a mail with a virus.
the file of the virus is thank_you.pif and ravlin found it, but the mail
is not blocked.
[snip]
Scan engine 8.11 for i386.
Last update: Mon Sep 1 14:58:36 2003 <== OLD
[snip]
/var/spool/qmailscan/tmp/mail210771842324
[EMAIL PROTECTED] wrote:
hello:
I am getting this in my qmail-queue.log file. my clam AV is 0.66.
what is the solution for it?
Thanks
---
15/02/2004 17:17:19:11052: error_condition: X-Qmail-Scanner-1.20: clamuko:
corrupt or unknown clamd scanner error or memory/resource/perms problem -
exit sta
Doug Monroe wrote:
Let me try to explain that. I believe (until we see proof from a -raw-
email to indicate otherwise as requested by Jason) that the message you
received was indeed a PLAIN text message and I strongly -suspect- that
Norton is doing "more" than perhaps it should by u
Greg Kelley wrote:
Doug,
Actually Norton DID quarantine an infected attachment named ofo.zip from the
email message that got thru as PLAIN text. I have the file and it is a true
infexted .zip file. So if someone did open it they would get infected.
I understand what you're saying and I believe yo
Oden Eriksson wrote:
fredagen den 13 februari 2004 10.50 skrev Awie:
Hi All,
After upgrading my ClamAV to 0.66 and recompile qmail-scanner, my smtpd got
problem with message "qq temporary problem" if I send email with big
attachment. I tried to increase softlimit to 1200, but problem still
ha
Linux wrote:
Does anybody have a patch that allows for a size check of the mailing coming
in? I hate to add load to the server scanning a 3 meg file for spam. I am
willing to bet that 90% of the worlds spam is under 200k in size. I would
like to skip the Spamassassin subroutine if the message is
Greg Kelley wrote:
Thanks for looking at this. However, the virus has been removed from the
message by Norton AV and it leaves the message:
"Norton AntiVirus removed the attachment: ofo.zip.
The attachment was infected with the [EMAIL PROTECTED] virus."
in it's place where the attachment originall
Greg Kelley wrote:
Folks,
I posted this yesterday but thought I'd send over the whole thing again so
you can look at what's going on. I got an infected message from the RedHat
Network Mailing List. This was not a bounce. It was not scanned as it was
interpreted to be PLAIN Text. Norton AV at the
O Franssen wrote:
Its happened twice now, my server starts rejecting messages because
the qmailscanner.log file has taken aup all the free space on the
disk. How do i limit the .log files size?
Please read available documentation. E.g. the QS home page...
http://qmail-scanner.sourceforge.net/
"...A
Doug Monroe wrote:
Greg Kelley wrote:
Folks,
Just had another infected Novarg email get through to my desktop where
Norton picked it up. Below is the script of qmail-queue.log and part
of the
header of the message.
I have a similar issue to report
Slightly edited (to hide user info) email
Greg Kelley wrote:
Folks,
Just had another infected Novarg email get through to my desktop where
Norton picked it up. Below is the script of qmail-queue.log and part of the
header of the message.
I have a similar issue to report
Slightly edited (to hide user info) email header/content, and QS lo
Wade Curry wrote:
Hello,
I've got a working qmail installation, and added q_s to it with
clamav and spamassassin. tcp.smtp specifies q_s for external
e-mail only. When I do this, tcpserver/qmail-smtpd accepts
messages, but that's the last I see of them. They aren't in any
working directory or q
Forwarded as FYI to clamav users
Original Message
Subject: clamav 0.65 remote DOS exploit
Date: Mon, 09 Feb 2004 15:24:17 +0100
From: Oliver Eikemeier <[EMAIL PROTECTED]>
Organization: Fillmore Labs GmbH - http://www.fillmore-labs.com/
To: [EMAIL PROTECTED]
CC: [EMAIL PROTECTED]
Not specific to Q-S, but interesting paper about decompression bombs, AV
engines, etc can be found here:
http://www.aerasec.de/security/advisories/decompression-bomb-vulnerability.html
---
The SF.Net email is sponsored by EclipseCon 2004
Premi
[EMAIL PROTECTED] wrote:
[snip]
all tests are successfully completed. I
receieve the reporting emails at my mail
client but the spam message is not modified
even though my /etc/spamassassin/local.conf is:
[snip]
see the Q-S FAQ
http://qmail-scanner.sourceforge.net/FAQ.php
items 14, 15
---
Dallas L. Engelken wrote:
> you call open() expensive!
I said -relatively- expensive, relative to hard coded.
Just my 2 cents of input anyway, no need to get testy.
---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Op
Jason Haar wrote:
On Tue, Feb 03, 2004 at 08:44:08AM -0600, Dallas L. Engelken wrote:
# HOSTNAME GRABBED DYNAMICALLY
open(ME,"/var/qmail/control/me");
flock(ME,2);
my $temphost=;
close(ME);
Care to explain the need of a flock? Seems to me you could be making things
worse with that. After all, i
Michael Menefee wrote:
One thing they keep asking me for is to compare the total numbers of SPAM
and Virii to the total number of messages processed by the system, so they
can get a feel for how much of their email content is valid or not. I'm not
sure of there's a way to use qmail-scanner to reco
I was wondering if anyone else is experiencing this problem. I have
qmail-scanner 1.20 and clamav 0.65 installed and most viruses are detected
and quarantined ok. the sco.a virus is detected if I upload a copy and run
the clamscan through shell but through q-s it comes back as clean, I have
inclu
James Herschel wrote:
I've added 'sco' to @silent_viruses_array in the hopes of curbing some of
the alerts I'm receiving. I noticed that the comment for this array says
"... virus that we don't want to inform the SENDER of". Does this mean that
the admin will receive them no matter what?
yes
If
Jason Staudenmayer wrote:
How would I go about adding the disallowed attachment warning to the silent
list?
AFAIK...you have a couple of choices:
a) BROAD scope
add "perlscan:" and/or "policy:" to the silent array
this will skip reporting on quarantine_events that contain
"Perlscan:..."
Jeff Bilder wrote:
Is it possible to add a filter to qmail-scanner that blocks emails containing a specific email header? Just curious.. if so, can someone please help me out with some examples. Thanks a lot!
read/modify your quarantine-attachments.txt file. Instructions for doing
what you wan
Michael Bellears wrote:
Read the archives, and see it is possible to enable --archive, but this
seems a little excessive when I only need to have a copy of one users
outgoing mail.
are you asking if it's possible to archive one user's mail?
If so, the answer is yes- see the config options doc and
just a heads-up FYI about a qmail crash issue reported last week by
Georgi Guninski:
http://www.ornl.gov/lists/mailing-lists/qmail/2004/01/msg00385.html
may turn out to be a non-issue, but y'all might want to keep an eye on
the qmail list for posts/followups about this.
---
Payal Rathod wrote:
On Fri, Dec 19, 2003 at 08:40:00AM -0500, Doug Monroe wrote:
that can be done with
--log-details=yes
which will dump those fields to mailstats.csv, an easily parsable
tab-separated file.
Great. mailstats.cvs is great indeed. Anyone knows a good parser for it?
yes...perl
Jason Staudenmayer wrote:
What would be the best way to have q-s log to both syslog and mailstats.csv?
I have qs2mrtg and I want to have the csv file for database reports.
If you're already using syslog for qm2mrtg, why not use qm2mrtg.pl as a
basis (e.g. sub get_stats) for whatever other reporti
Stephen Bosch wrote:
At the risk of sounding like a broken record:
If you use CPAN to add modules and follow the dependencies, RH9 perl
breaks.
Chiming in late here, but -if- you're running into the RH8/RH9
"Malformed UTF-8 character" issue when installing CPAN modules. Theres
an easy fix for
Payal Rathod wrote:
Hi,
Can someone give some info/hints on using qmail-scanner as an auditing
tool?
I am looking for something like this, all the mail's To:, From:,
Subject: headers should be dumped in a text file (maybe if not asking
for too much in a database). Is it possible?
Any hints on this
Andrea Riela wrote:
Don't you have to compile the tcprules into a cdb format first?
That is?
Could you figure it out?
example:
# tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
---
This SF.net email is sponsored by: IBM Linux Tut
Salvatore Toribio wrote:
I've received this report from Sophos
Troj/Tofger-A may arrive attached to an email as a password protected
ZIP file. The email would have a blank subject line, the message text
"Hi! As I've promised I'm sending you my photo. Use old password: 123"
and an attached file
Jamie Pratt wrote:
Hi - I just upgraded from clamav 60 to 65, and qmail-scanner 1.20rc3 to
1.20... However after following the instructions in
quarantine-attachments.txt, and trying to disallow a few different file
extensions like this:
.cmd0Disallowed by System security policy
(yes,
Ken wrote:
I am very stuck trying to solve this error message. Could you
please give me
some suggestions ?
text format mail comes through fine, but html format mail
gives this in
maillog :
Nov 13 01:43:38 yoruban X-Qmail-Scanner-1.20:
[yoruban.dyndns.org106868421846115750] clamuko: corrupt or
unkn
Matt wrote:
Where do I set my size scanning limit?
/var/qmail/control/databytes
---
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive? Does it
help you create better code? SHARE THE
Lombardo Federico wrote:
I've configured Q.S. 1.20rc3 with spamassasin to do the razor test.
now the problems is that when It starts the razor 2.36 test I receive this
error into maillog:
maillog:Oct 6 13:17:46 Caronte spamd[2048]: razor2 check skipped: Illegal
seek Insecure dependency in connect
Naresh wrote:
Hi all,
I am running Qmail (patched with qmail-smtpd-viruscan-1.1.patch)+qmail-scanner+spam
assassin+clamAV on FreeBSD.
My users are on windows and use MS Outlook (I hate this!!! But they refuse to switch to
any other; I have to live with this reality). And I am responsible for thei
Jason Haar wrote:
On Tue, Sep 30, 2003 at 11:12:00AM +0200, Pau Villarragut wrote:
Protocolo: SMTP, Respuesta del servidor: 'Malformed UTF-8 character
(overflow at 0x20475a60, byte 0x6f, after start byte 0xbf) in pattern match
(m//) at /var/qmail/bin/qmail-scanner-queue.pl line 647, line 106.
[EMAIL PROTECTED] wrote:
I have these viruses listed in my qmail-scanner-queue.pl as silent viruses.
('klez','bugbear','hybris','yaha','braid','nimda','tanatos','sobig','winevar
','palyh','fizzer');
Today I noticed we're getting false sender notifications from a
Worm.LoveLorn.VBS and was wonderin
Marcio R A Garcia wrote:
Ok ...
But if I put a rule like this:
NDNDVirus-Subject:SPAM
Qmail-scanner donĀ“t block a Subject like this:
NDND_FREE
or like this:
Free-NDND aslkdjasdklj
to accomplish what you want, you need to learn how to use perl regular
expressions.
Marcio R A Garcia wrote:
Anyone can send to me an address or an tutorial that explain how to create
new rules to qmail-scanner (quarantine-attachments) ?
I'm triyng to create some rules and them don't function
The info you need is in the comments of the quarantiune-attachments.txt
file itsel
Tim Janes wrote:
I can vouce that it is inconvenient having 400 identical emails notifiying me
and the user about the arrival of a virus. What I am seeking is a modification
to qmail-scanner so that these virus can be silently blocked.
edit your qmail-scanner-queue.pl and add gibe to the silent li
Jason Haar wrote:
On Tue, Sep 23, 2003 at 01:55:30AM -0500, [EMAIL PROTECTED] wrote:
Here is an updated version of my perl program to handle the find cleanup
parts of qmail-scanner-queue.pl -z. The first version, if the
/var/spool/qmailscan directory had not been updated in a day, went ahead
Lombardo Federico wrote:
I repoert the full error and I attach the clamav.conf:
Thu, 25 Sep 2003 13:02:19 +0200:19934: run
/usr/local/bin/clamdscan -r --disable-summary --max-recursion=10 --max-space
=100 /var/spool/qmailscan/Caronte106448773945619934 2>&1
ERROR: Please edit the example config
[EMAIL PROTECTED] wrote:
Is anyone aware that:
http://prdownloads.sourceforge.net/qmail-scanner/qmail-scanner-1.20rc3.tgz.asc?download
Is broken? Whichever mirror I choose, all I get when I try to download
the distro is the pgp sig...
thats because that's what you're requesting :)
qmail-scanner-1.
Jeff Bilder wrote:
I have this commented out in my quar-attachment.txt file [its abbreviated] and I keep getting an error when running qmail-scanner-queue.pl -g
.exe 0 attachments disallowed
perlscanner: generate new DB file from
/var/spool/qmailscan/quarantine-attachments.txt
WARNIN
Sean D. wrote:
hi all.
I was curious by what criterion qmail-scanner's configure script
determines that qmail has been compiled with guenter's qmailqueue patch?
based on the results of running 'strings' on the compiled 'qmail-smtpd'
binary:
$ /usr/bin/strings /var/qmail/bin/qmail-smtpd |grep Q
[EMAIL PROTECTED] wrote:
- Original Message -
From: "Doug Monroe" <[EMAIL PROTECTED]>
maybe I should clarify. The quarantine-attachements.txt file acts on
headers, and can not be used to "scan" message body. QS is modular and
it can pass the message to utiliti
[EMAIL PROTECTED] wrote:
- Original Message -
QS does not do message body scanning. quarantine-attachments.txt works
with message headers.
Humm that seems like a pretty major short coming. An email / qmail scanner
that can't scan email content? Are there any work arounds or alternati
[EMAIL PROTECTED] wrote:
Hi,
I've managed to filter out certain subject lines but placing them in
/var/spool/qmailscan/quarantine-attachments.txt
Example
(?i).*test.*Virus-Subject:test
What's the syntax to filter certain words or phrases in the body of the
email? There don't seem to be a
[EMAIL PROTECTED] wrote:
OK thanks for the clarification. I just want to stop the word "cum" in any
case (upper, lower or mixed) from been in the subject. But I don't want to
block words with "cum" in them like "document". So here's what I did.
(?i).* cum .*
To catch "please cum here"
(?i)cum
T
[EMAIL PROTECTED] wrote:
Thanks for the help but I still can't get it to work. I removed the
previously added "i" from qmail-scanner-queue.pl and instead changed my line
in /var/spool/qmailscan/quarantine-attachments.txt
I then ran /var/qmail/bin/qmail-scanner-queue.pl -g
It's still case sensitiv
Jay Swackhamer wrote:
Use an expression like this:
(?i).* cum .*
(?i) sets the following to be case-insensitive
doh...thanks Jay...forgot all about grouping.
---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thin
[EMAIL PROTECTED] wrote:
I've found in /var/spool/qmailscan/quarantine-attachements.txt I can block
certain words in the subject. Here's what I have.
cum Virus-Subject: cum
Unfortunately we get spam with all sorts of variation like Cum cUm cUM etc.
etc. Is there some sort of trick or reg e
Matt wrote:
I'm trying to install the qmail-queue-patch and I'm getting this:
[snip]
any ideas why?
most likely, another patch you've installed is conflicting and the line
the diff is looking for no longer "looks" the way it's expected to look.
You may have to apply the patch by hand by adding the
Jason Lieurance wrote:
Hello,
I guess I wasn't that clear. I want it to block .exe's but its blocking .zip
attachments with .exe inside the zip and saying :
{snip}
Attachment not allowed .exe0Executeable attachment too large
{snip}
and then
{snip}
It's scanning the contents of the z
1 - 100 of 162 matches
Mail list logo
