Hello Todd, > Check to make sure that your local iptables firewall and any firewall > between you and the DNS server does not block TCP port 53 (which is what > the fallback proto/port is if the DNS answer is more than 512 bytes).
we put a lot of effort in keeping the size of the RR records under 512 bytes, because TCP queries put too much load on the authoritative DNS servers for clamav.net . > With no other options, this smells like selinux. I second that. Best regards -- Luca Gibelli (luca _at_ clamav.net) ClamAV, a GPL anti-virus toolkit [Tel] +39 06 916502176 [Fax] +39 0187 015046 [IM] nervous/jabber.linux.it PGP key id 5EFC5582 @ any keyserver || http://www.clamav.net/gpg/luca.gpg _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html