Re: [clamav-users] clamav-milter compiling on FreeBSD?
(hmm, looks like clamav.elektrapro.com has been down for a while... ?) I installed GCC33, with no problems. When I go to compile from a recent snapshot release, I use the flags: ./configure --prefix=/usr/local --disable-pthreads --enable-milter --with-gcc=/usr/local/bin/gcc33 and it does not build clamav-milter. The directory is still: .deps MakefileMakefile.in clamav-milter.sh INSTALL Makefile.am clamav-milter.c clamd.sh Do you have libmilter development files properly installed ? Best regards, Tomasz Kojm -- oo. [EMAIL PROTECTED] (\/)\. http://www.konarski.edu.pl/~zolw \..._ I nie zapomnij kliknac w brzuszek... //\ /\\ - C. Amboinensiswww.pajacyk.pl - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[clamav-users] am I understanding this right?
I am looking through the mailscanner site, and see in a FAQ someone is complaining clamav does not disinfect files. Is that right, it only marks the file as infected? Raymond - Defeat is a matter of choice. --God
Re: [clamav-users] clamav-milter compiling on FreeBSD?
(hmm, looks like clamav.elektrapro.com has been down for a while... ?) I installed GCC33, with no problems. When I go to compile from a recent snapshot release, I use the flags: ./configure --prefix=/usr/local --disable-pthreads --enable-milter --with-gcc=/usr/local/bin/gcc33 and it does not build clamav-milter. The directory is still: .deps MakefileMakefile.in clamav-milter.sh INSTALL Makefile.am clamav-milter.c clamd.sh I used --disable-pthreads, since the FreeBSD port also calls for this - I don't know why, or whether pthreads are unstable on this platform. Doing a make in that directory does nothing, and there are some things in the Makefile that are commented out from the configure process, so I'm not sure what's happening. I also noted that nothing was made in the clamd directory, either. Trying to do a gmake in any of these generates errors, due to other things not being present. This is on FreeBSD-4.8, GNU Make 3.80, and GCC 3.3, using BASH 2.05b. Forrest - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[clamav-users] freshclam problem
Is clamav.elektrapro.com down? Freshclam won't update and I can't get to it through a browser. attachment: winmail.dat- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [clamav-users] Two small requests
The other thing is the stable releases. Many questions seems to be about those having problems that are solved in the snapshots. I use the snapshots and they work fine for me in Solaris and Linux but many wouldn't touch anything but a stable release. Maybe one of the recent snapshot could be added as a stable release? You're right, that will be released soon but there are few major problems (including a security one with internal zip library) that must be fixed. Best regards, Tomasz Kojm -- oo. [EMAIL PROTECTED] (\/)\. http://www.konarski.edu.pl/~zolw \..._ I nie zapomnij kliknac w brzuszek... //\ /\\ - C. Amboinensiswww.pajacyk.pl - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[clamav-users] database update
Hello, I don't know what's going on with clamav.elektrapro.com (well, it should be already available if you're reading this). The actual database can be found on clamav.ozforces.com/database. The newest versions of freshclam should use this site automatically. Best regards, Tomasz Kojm -- oo. [EMAIL PROTECTED] (\/)\. http://www.konarski.edu.pl/~zolw \..._ I nie zapomnij kliknac w brzuszek... //\ /\\ - C. Amboinensiswww.pajacyk.pl - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [clamav-users] Availability of clamav.elektrapro.com
Hi! First off, a very big thank you to the people who work on clamav and its virus database. You are an invaluable resource to everyone. Sorry if this has been discussed before (I can't check the list archives due to the reasons outlined presently), but I'm concerned that the availability of the clamav web site and the virus database is not the best. Quite frequently, it seems to be inaccessible, mostly due to some network failure close to the server. Perhaps distributing the database to a few other places in the world could remedy this? Having the main server push its contents to the mirrors immediately after an update would ensure that the database is up-to-date everywhere. What do you think? Already done. Please install the latest snapshot. Best regards, Tomasz Kojm -- oo. [EMAIL PROTECTED] (\/)\. http://www.konarski.edu.pl/~zolw \..._ I nie zapomnij kliknac w brzuszek... //\ /\\ - C. Amboinensiswww.pajacyk.pl - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [clamav-users] database update
On Sat, 7 Jun 2003, Tomasz Kojm [EMAIL PROTECTED] wrote Hello, I don't know what's going on with clamav.elektrapro.com (well, it should be already available if you're reading this). The actual database can be found on clamav.ozforces.com/database. The newest versions of freshclam should use this site automatically. How stable is the current snapshot? The newest stable version (0.54) doesn't support mirrors AFAICT. -- Chris Hastie - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[clamav-users] Availability of clamav.elektrapro.com
Hi! First off, a very big thank you to the people who work on clamav and its virus database. You are an invaluable resource to everyone. Sorry if this has been discussed before (I can't check the list archives due to the reasons outlined presently), but I'm concerned that the availability of the clamav web site and the virus database is not the best. Quite frequently, it seems to be inaccessible, mostly due to some network failure close to the server. Perhaps distributing the database to a few other places in the world could remedy this? Having the main server push its contents to the mirrors immediately after an update would ensure that the database is up-to-date everywhere. What do you think? Kind regards, -- Fabian Fagerholm [EMAIL PROTECTED] paniq.net - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[clamav-devel] OpenBSD port snapshot 20030605
I'm sending this out to everyone that I _think_ is concerned about the OpenBSD port. Someone please test this port of 20030605 on OpenBSD. I have not tested it extensively, but libclamav clamscan, and clamd both now compile with -pthread ( which is what the problem was ). So please compile and run and give me feedback. I am without (read to lazy to upgrade) a 3.3 machine. Special thanks to Wouter de Vries for the shell. I know the patches are less then desirablebut they work. Someone more fluent in libtool and the build system might have better luck. configure Remove -lc_r OpenBSD = 3.3, doesn't need -lc_r anymore
Re: [clamav-users] am I understanding this right?
Original Message From Raymond Norton [EMAIL PROTECTED] Date: Monday, 09 Jun 2003, 16:56 I am trying to see how this is a benefit to run over sophos. I need to cover 500 + mailboxes, so even a few bucks per user is a big deal.. I think you've just found a benefit. I can't afford to run a commercial virus scanner on the mailing list server I run for a couploe of non-commercial reasons (eg for the benefit of my local Scout Group) ... however clamav should provide reasonable protection against members of the lists infecting each other via the messages to one of the lists. I don't need to disinfect the messages, I just want to make a reasonable attempt to stop infected ones being delivered to the intended victims^Wrecipients. The sender will see the bounce, disinfect their computer (with whatever anti-virus software they have, or purchase some if not) and send out a clean version themselves. It's not my job to clean the attachments, in fact that's entirely counter productive because it removes one of the immediate reasons that the sender would have for disinfecting themselves - and if the email isn't disinfected properly it would shift some of the reponsibility for the distribution of the virus onto me. I'm suspect that 90% of mailserver administrators probably have similar objectives. -- Stephen White [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [clamav-users] am I understanding this right?
* Raymond Norton [EMAIL PROTECTED] [20030609 09:52]: wrote: I am looking through the mailscanner site, and see in a FAQ someone is complaining clamav does not disinfect files. Is that right, it only marks the file as infected? Very correct. We simply reject the e-mails that contain virii. When you disinfect the files, the virus still continues to live at source, yes? I know this is likely to generate a lot of politicking, but I personally believe disinfection should be done at source ;-) -Wash -- Odhiambo Washington [EMAIL PROTECTED] The box said 'Requires Wananchi Online Ltd. www.wananchi.com Windows 95, NT, or better,' Tel: +254 2 313985-9 +254 2 313922 so I installed FreeBSD. GSM: +254 72 743223 +254 733 744121 This sig is McQ! :-) Just because your doctor has a name for your condition doesn't mean he knows what it is. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[clamav-users] disinfect?
Someone mentioned on MailScanner that ClamAV doesn't actually disinfect, just notifies. Are there plans for a disinfection ability. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [clamav-users] Connecting to clamd.
* Rodrigo Severo [EMAIL PROTECTED] [20030609 10:45]: wrote: I thought freshclam did clamd RELOAD the virus database upon completion. As far as I can tell, it isn't. I decided to make a little program that would connect to clamd through local socket and ask it to REALOD the virus database. I couldn't make it work either. Not even the PING command got a proper answer. As far as I can tell my perl script it connecting to the socket but I got no answers from it. Some suggestions? I tried to take a deeper look at clamav documentation but I spent all day trying to get pages from the site without any success. I think that the option --daemon-notify is meant for that. /usr/local/bin/freshclam -d -c 2 -l /var/log/clamd.log --daemon-notify -Wash -- Odhiambo Washington [EMAIL PROTECTED] The box said 'Requires Wananchi Online Ltd. www.wananchi.com Windows 95, NT, or better,' Tel: +254 2 313985-9 +254 2 313922 so I installed FreeBSD. GSM: +254 72 743223 +254 733 744121 This sig is McQ! :-) Lunatic Asylum, n.: The place where optimism most flourishes. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [clamav-users] clamav update problem
At 03:48 AM 6/9/2003, Ahmad Masood Shah wrote: There was problem in clamv system. Now they have recoverd ... updating is working now.. [ ... ] Glad the problem is fixed. I certainly tried to find out what had happened, but didn't get any information. I'd like to suggest that ClamAV be moved to SourceForge.net. This would resolve these types of outage problems, and would place less reliability upon one or two web sites for making the code and snapshots available. Consider? Forrest - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [clamav-users] am I understanding this right?
Rejects as in not accepting it from the sender, or as in putting in a folder to be dealt with? - Original Message - From: ODHIAMBO Washington [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, June 09, 2003 1:56 AM Subject: Re: [clamav-users] am I understanding this right? * Raymond Norton [EMAIL PROTECTED] [20030609 09:52]: wrote: I am looking through the mailscanner site, and see in a FAQ someone is complaining clamav does not disinfect files. Is that right, it only marks the file as infected? Very correct. We simply reject the e-mails that contain virii. When you disinfect the files, the virus still continues to live at source, yes? I know this is likely to generate a lot of politicking, but I personally believe disinfection should be done at source ;-) -Wash -- Odhiambo Washington [EMAIL PROTECTED] The box said 'Requires Wananchi Online Ltd. www.wananchi.com Windows 95, NT, or better,' Tel: +254 2 313985-9 +254 2 313922 so I installed FreeBSD. GSM: +254 72 743223 +254 733 744121 This sig is McQ! :-) Just because your doctor has a name for your condition doesn't mean he knows what it is. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [clamav-users] am I understanding this right?
This is not the job of Clamav. I think you could write a script of your own to bounce messages if they are infected. On Monday, June 9, 2003, at 12:44 PM, Stephen White wrote: Original Message From Raymond Norton [EMAIL PROTECTED] Date: Monday, 09 Jun 2003, 16:56 I am trying to see how this is a benefit to run over sophos. I need to cover 500 + mailboxes, so even a few bucks per user is a big deal.. I think you've just found a benefit. I can't afford to run a commercial virus scanner on the mailing list server I run for a couploe of non-commercial reasons (eg for the benefit of my local Scout Group) ... however clamav should provide reasonable protection against members of the lists infecting each other via the messages to one of the lists. I don't need to disinfect the messages, I just want to make a reasonable attempt to stop infected ones being delivered to the intended victims^Wrecipients. The sender will see the bounce, disinfect their computer (with whatever anti-virus software they have, or purchase some if not) and send out a clean version themselves. It's not my job to clean the attachments, in fact that's entirely counter productive because it removes one of the immediate reasons that the sender would have for disinfecting themselves - and if the email isn't disinfected properly it would shift some of the reponsibility for the distribution of the virus onto me. I'm suspect that 90% of mailserver administrators probably have similar objectives. -- Stephen White [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [clamav-users] clamav update problem
There was problem in clamv system. Now they have recoverd ... updating is working now.. -- Best Regs, Masood Ahmad Shah System Administrator ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ | * * * * * * * * * * * * * * * * * * * * * * * * | Fibre Net (Pvt) Ltd. Lahore, Pakistan | Tel: +92-42-6677024 | Mobile: +92-300-4277367 | http://www.fibre.net.pk | * * * * * * * * * * * * * * * * * * * * * * * * ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie) All I want is a few minutes alone with the source code for the universe and a quick recompile. Yup, I got that message too. However, my freshclam (ClamAV version 20030522) simply switches to next mirror. Update successfull. Anybody knows what's causing this? Sohail wrote: Hi all, I am getting the following errors when i am trying to update my virus definitions after installing the clamav: #/usr/local/bin/freshclam --quiet -l /var/log/clam-update.log ERROR: Malformed md5 checksum detected. ERROR: Can't get viruses.md5 sum from clamav.elektrapro.com Can anybody help me with this error. Sincerely, Sohail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - This email was sent using Fibre Net (Internet Services Provider) Webmail ! http://www.fibre.net.pk/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [clamav-users] clamav-milter compiling on FreeBSD?
Yes, libmilter files are properly installed, via the FreeBSD sendmail-old port. They are : /usr/local/lib/libmilter.a /usr/local/include/libmilter: mfapi.h At 01:16 PM 6/9/2003, you wrote: (hmm, looks like clamav.elektrapro.com has been down for a while... ?) I installed GCC33, with no problems. When I go to compile from a recent snapshot release, I use the flags: ./configure --prefix=/usr/local --disable-pthreads --enable-milter --with-gcc=/usr/local/bin/gcc33 and it does not build clamav-milter. The directory is still: .deps MakefileMakefile.in clamav-milter.sh INSTALL Makefile.am clamav-milter.c clamd.sh Do you have libmilter development files properly installed ? Best regards, Tomasz Kojm -- oo. [EMAIL PROTECTED] (\/)\. http://www.konarski.edu.pl/~zolw \..._ I nie zapomnij kliknac w brzuszek... //\ /\\ - C. Amboinensiswww.pajacyk.pl - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [clamav-users] disinfect?
Original Message From Tomasz Kojm [EMAIL PROTECTED] Date: Monday, 09 Jun 2003, 18:08 I've partially written --clean option which disinfects OLE2 files. There are no plans for PE disinfection. Nearly all of the previlaent viruses recently aren't actually viruses anyway but worms, which means there's nothing to disinfect anyway. The entire executable (and in most cases the email it came in) are the problem, they're not 'piggybacking' on anything good that you might want to rescue. -- Stephen White [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[clamav-users] Cannot update the virus definitions
Hi all, I am getting the following errors when i am trying to update my virus definitions after installing the clamav: #/usr/local/bin/freshclam --quiet -l /var/log/clam-update.log ERROR: Malformed md5 checksum detected. ERROR: Can't get viruses.md5 sum from clamav.elektrapro.com Can anybody help me with this error. Sincerely, Sohail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [clamav-users] False Positives
I tried downloading some of the Reportedly infected files again and clanscan again reports them as being infected. Norton AV for a PC, however, does not!! Steve On Fri, 2003-06-06 at 09:59, Steven J. Reilly wrote: Hi, I'm new here so be gentle. I've been running Clamscan on all user data on my mixed Solaris/Linux network for months now, with it only reporting infection in the clamav test files. However, today I woke up to find that 14 files are reportedly infected by Worm.BugBear.B. These are files that are owned by me and are archive software download files (like GIMP, EAGLE PCB Layout, Filezilla) I use RH 9.0 as my desktop and Evolution as my email client (although all my users use Outlook) My concern is that these are false positive reports. Has anybody out there had a similar problem? Steve -- Steven J. Reilly, EDA Engineer Allegro Microsystems Europe Ltd Stuart House, Eskmills Park, Musselburgh, EH21 7PB, Scotland. Tel: +44 (0)131 273 4306 Fax: +44 (0)131 273 4301 e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [clamav-users] am I understanding this right?
I was speaking of MailScanner which can be configured to do several things to spam and virus. You don't need another program to delete infected files, MailScanner can do that for you. But if you feel comfortable delivering disinfected attachments you do need another program than ClamAV. I need timely updates of signatures a lot more than disinfection which I would never trust anyway. ClamAV works for us and we have Sophos on the clients if something slips in. By the way, on the MailScanner mail list Sophos problems seems to outnumber all the other 14 supported virus scanners combined... /Peter Bonivart --Unix lovers do it in the Sun On Mon, 2003-06-09 at 17:56, Raymond Norton wrote: If we're talking MailScanner with ClamAV you can choose what to do but most deliver the message with the infected attachment replaced by a message. The attachments are stored on the mail server for closer inspection. Basically, everything that is not infected is deliverd I am trying to see how this is a benefit to run over sophos. It seems we still need to either delete, or disinfect the file, so I would need another program to do this. Presently, we are running sophos, but I am trying to find an open source solution, so I don't have to spend a chunk of change each year per server, or user. I need to cover 500 + mailboxes, so even a few bucks per user is a big deal.. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [clamav-users] Is it dead?
Well I will provide free hosting if it is. But I did a download off it only 10 minutes ago Michael Saunders - Original Message - From: Dapid Candra [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, June 09, 2003 10:42 AM Subject: [clamav-users] Is it dead? ERROR: Can't connect to port 80 of host clamav.elektrapro.com ERROR: Connection with clamav.elektrapro.com failed. It's been almost a week. -- dapidc - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
