I don't think the age of a program is an issue
QMAIL is by far the best and most reliable mail server, and it was
developed in 1998!
The problem is not program's age , the problem is the ugly programers :D
Ajajaja
All the programs are working perfect, all are patched with the relevant
patches
I did all the tests, with clamav
Clamav is working very good, stoping a lot of viruses, the only thing I
found was this with png files
Tell me, how can I active the " cli_dbgmsg " from libclamav ?
I have LogVerbose and Debug with yes on clamd.conf, but I don't see any
of the messages from libclamav
Do I need to build Clamav with --enable-debug ?
Thanks
Pablo Murillo
On 10/20/2020 8:53 AM, G.W. Haywood via clamav-users wrote:
Hi there,
On Mon, 19 Oct 2020, Pablo Murillo wrote:
I don't know if the PNG error is present from day 1 or not
When exactly was day 1?
Do you have any evidence that your virus scanning has ever worked at
all? Have you tried to test it e.g. by sending things like the EICAR
test file?
https://en.wikipedia.org/wiki/EICAR_test_file
Some of the references at the foot of that page may be useful to you.
I'm not using milter, I'm using SimScan ...
I'm not sure how much help I'll be able to give you with Simscan. The
little searching I've done about it doesn't fill me with confidence.
While writing my previous mail it crossed my mind to ask if you knew
that your version of Spamdyke was six years old, but I decided to let
it pass. But I do now think that you need to look at your toolchain.
Do you know exactly which version of Simscan you're using? It seems
there are several. Looking at
https://sourceforge.net/projects/simscan/files/
for example, Simscan was last updated on October 29th 2007. Looking at
https://github.com/qmail/simscan
it was cleaned up and 'modernized' around 2014 but the changelog looks
rather sparse from 2007 onwards.
I had a quick look for the alleged Simscan mailing list archives and
failed to find anything.
Have you applied any patches to Simscan? See for example
https://freebsdrocks.net/simscan.shtml
The last 13 years has seen ClamAV continuously developed, but not
Simscan. I can't point to evidence of incompatibility between the
two, but it's possible that some may have arisen. The ClamAV team
will continue development. As far as compatibility testing goes I
don't know how high Simscan will be on their priority list. Micah
will probably be able to tell us if they test with it - Micah?
It appears that Simscan may use 'ripmime' to split up a mail into its
components and write them to files, before scanning with clamd using
the clamd CONTSCAN command. There are other ways to go about it and I
wonder if it might be where the problem lies. You might want to look
for the possibility of saving the temporary files which Qmail writes
for clamd to scan, so that you can look at them, and for example scan
them manually. AFAICT the latest release of 'ripmime' is from 2011,
nearly a decade old. All the links given in 'Support options' at
https://pldaniels.com/ripmime/
seem to be dead, empty or irrelevant and looking at
https://github.com/inflex/ripMIME/blob/master/CHANGELOG
virtually nothing has been done to it since 2008.
In the past, whenever I've tried to use software with histories like
this it's been a very unhappy experience. It's possible that such old
software has no vulnerabilities, but it's also possible that it's at
least as big a threat as many of those that you're trying to protect
against by using ClamAV.
I'm sending clamd.conf and 8 minutes off log (clamd.log) attached
It might help to see more of the log - complete from restart, and with
a few controlled emails only so that it's easy to see what's going on;
but I wonder if it's worth the trouble of investigating until you've
taken a step back and given your toolchain some thought.
If, despite the risks I've pointed out, you are comfortable with it,
then I'd suggest you set up a test-bed system which has no Internet
connection and push some local mail through it to see how it behaves,
of course watching the logs carefully all the while.
Have you asked about this on a Qmail mailing list?
--
This email has been checked for viruses by AVG.
https://www.avg.com
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
