As a follow up, I tried removing the vir- prefix, but it's still renaming
files, only now it does it without the vir prefix. So, for example,
Setup.exe gets renames to Vqxfz rather than vir-Vqxfz
Any help would be appreciated.
*Aditya Nag*
Senior Technical Analyst
*IDG Media India Pvt Ltd*
I'm following up on a previous post about logging to maillog:
http://lurker.clamav.net/message/20090408.063308.16623e5a.en.html
I am using Sendmail 8.13 on CentOS-4 but whereas previously with
0.94.2 I would get a log entry in /var/log/maillog for every scanned
message I now only get a
Kevin Clark wrote:
I appreciate the quick response but I'm sorry to say that making the changes
you suggested to clamav-milter.conf does not have the desired effect.
With these values in clamav-milter.conf...
LogFile /var/log/clamav/clamav-milter.log
LogSyslog yes
LogFacility LOG_MAIL
On Thu, 16 Apr 2009 11:44:44 +0530
Aditya Nag aditya...@gmail.com wrote:
As a follow up, I tried removing the vir- prefix, but it's still
renaming files, only now it does it without the vir prefix. So, for
example, Setup.exe gets renames to Vqxfz rather than vir-Vqxfz
Any help would be
Hello!
3 days ago compiled clamav-0.95.1 on solaris 10 x86 box.
Connected it to out MTA system through cgpav helper application.
After a few hours, clamd eats 4Gb of system RAM and keep running with
it. Can you please help me to investigate?
Right now I'm running 0.95 version back, and here
On Thu, Apr 16, 2009 at 5:22 PM, Jerry ges...@yahoo.com wrote:
On Thu, 16 Apr 2009 11:44:44 +0530
Aditya Nag aditya...@gmail.com wrote:
As a follow up, I tried removing the vir- prefix, but it's still
renaming files, only now it does it without the vir prefix. So, for
example, Setup.exe
On 2009-04-16 15:02, Aditya Nag wrote:
On Thu, Apr 16, 2009 at 5:22 PM, Jerry ges...@yahoo.com wrote:
On Thu, 16 Apr 2009 11:44:44 +0530
Aditya Nag aditya...@gmail.com wrote:
As a follow up, I tried removing the vir- prefix, but it's still
renaming files, only now it does it
I'm on a linux mailing list which I've been using for a while. Today, I send a
message and it bounces back. In the headers, I see the following reason for the
remote host denying the email;
Remote host said: 550 ClamAV detected
Sanesecurity.Phishing.Bank.3259.UNOFFICIAL
Can someone give me
Remote host said: 550 ClamAV detected
Sanesecurity.Phishing.Bank.3259.UNOFFICIAL
Can someone give me some information on this or ask more questions so that
I can help. I've searched online but can't seem to find anything?
Hi Mike,
Could you email the sample to: ste...@webtribe.net
I've
li...@grounded.net wrote:
I'm on a linux mailing list which I've been using for a while. Today, I send
a message and it bounces back. In the headers, I see the following reason for
the remote host denying the email;
Remote host said: 550 ClamAV detected
I think I know what's happened. I had cut/paste some html header response code
into the message for another mailing list but their clamav must be getting a
false positive thinking that the html code is phishing code.
Not sure but I think that's what's happened.
On Thu, 16 Apr 2009 07:19:51
li...@grounded.net wrote:
I think I know what's happened. I had cut/paste some html header response
code into the message for another mailing list but their clamav must be
getting a false positive thinking that the html code is phishing code.
Not sure but I think that's what's happened.
li...@grounded.net wrote:
In this particular case though I think the signature is too weak and
non-specific, prone to greater failure in a developer's environment than
at the local community center, but still weak. It needs a larger context.
Agreed... hence it's been dropped.
Cheers,
Steve
Glad to hear I didn't find something new. Now, on the other hand, how do I get
my output to the users of the mailing list I was trying to reply to?
On Thu, 16 Apr 2009 16:36:40 +0100 (BST), Steve Basford wrote:
li...@grounded.net wrote:
In this particular case though I think the signature
Glad to hear I didn't find something new. Now, on the other hand, how do I
get my output to the users of the mailing list I was trying to reply to?
Once of these should do the trick...
http://pastebin.ca/
http://jqd.org/pastebin
http://papernapkin.org/pastebin/home
... or http://www.rot13.com
Thanks very much.
On Thu, 16 Apr 2009 16:44:14 +0100 (BST), Steve Basford wrote:
Glad to hear I didn't find something new. Now, on the other hand, how do I
get my output to the users of the mailing list I was trying to reply to?
Once of these should do the trick...
http://pastebin.ca/
li...@grounded.net wrote:
I'm on a linux mailing list which I've been using for a while. Today, I send
a message and it bounces back. In the headers, I see the following reason for
the remote host denying the email;
Remote host said: 550 ClamAV detected
If you were properly scanning your own outgoing mail you would have seen
this problem before the message left your system. That is another policy
issue. I
understand this is a contentious issue with some people but I'll never
understand why. For me is it simply a best practice activity.
Um,
On 2009-04-13 22:25, Jay Deiman wrote:
Török Edvin wrote:
[snip]
Well, *I* couldn't find much of any use in the ktrace output. However,
if someone else would like to take a look at the trace file, I've made
it available at:
http://janus.splitstreams.com/clamav-ktrace.out.bz2
It is
On 2009-04-16 14:46, Anatoly Pugachev wrote:
Hello!
3 days ago compiled clamav-0.95.1 on solaris 10 x86 box.
Connected it to out MTA system through cgpav helper application.
After a few hours, clamd eats 4Gb of system RAM and keep running with
it. Can you please help me to investigate?
li...@grounded.net wrote:
If you were properly scanning your own outgoing mail you would have seen
this problem before the message left your system. That is another policy
issue. I understand this is a contentious issue with some people but I'll
never understand why. For me is it simply a
an extended point about policy based on your example as it was presented. I
did say this was controversial :)
Controversial perhaps to developers, just something else to have come across by
an end user :).
Anyhow, it all worked out, thanks for everyone's help.
aCaB wrote:
Kevin Clark wrote:
...clamav-milter still does not log every scanning event to either
/var/log/maillog or its own logfile /var/log/clamav/clamav-milter.log
Hi Kevin,
As you may guess, LogInfected logs infected messages.
Your mail log should already have logs for each
On Thu, 16 Apr 2009 09:14:41 -0700
Dennis Peterson denni...@inetnw.com wrote:
[snip]
If you were properly scanning your own outgoing mail you would have
seen this problem before the message left your system. That is another
policy issue. I understand this is a contentious issue with some
people
Török Edwin wrote:
On 2009-04-13 22:25, Jay Deiman wrote:
Török Edvin wrote:
[snip]
Well, *I* couldn't find much of any use in the ktrace output. However,
if someone else would like to take a look at the trace file, I've made
it available at:
Hi,
I'm getting a positive for this in a Eudora mailbox (which is
basically just an ASCII file.) However, when I scan the same file
with Comodo it comes up as clean.
1. Is this a false positive?
2. If not, then, is there a way to locate the bad code within the
text and remove it without
Suntower,
Its just a detection of a probable phishing link in an email. There
is no virus in there just a phish.
Tom
At 5:33 PM -0700 4/16/09, Suntower West wrote:
Hi,
I'm getting a positive for this in a Eudora mailbox (which is
basically just an ASCII file.) However, when I scan the same
Suntower West wrote:
Hi,
I'm getting a positive for this in a Eudora mailbox (which is
basically just an ASCII file.) However, when I scan the same file
with Comodo it comes up as clean.
1. Is this a false positive?
2. If not, then, is there a way to locate the bad code within the
Suntower West wrote:
Hi,
I'm getting a positive for this in a Eudora mailbox (which is
basically just an ASCII file.) However, when I scan the same file
with Comodo it comes up as clean.
1. Is this a false positive?
2. If not, then, is there a way to locate the bad code within the
29 matches
Mail list logo