Re: [Clamav-users] clamav attachment not deleted from /tmp
Are you running in debug mode? When doing so, all tmp files are left for debugging purposes. Jim That was the problem thanks to all. Jean-Marc --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] ClamAV on Windows and Sendmail on Unix
Brad Morgan wrote: I don't know anybody who actually runs ClamAV on Windows (with cygwin, usually) for mail scanning on PRODUCTION servers. I'm running ClamAV on a PRODUCTION Windows email server using the snapshots that Fajar provides. WOW. Is it stable? How are you using it, with clamd or clamscan? The server runs Ipswitch's IMail with Declude Virus and Declude JunkMail addons. AFAIK Declude runs command line scanner (e.g. clamscan), which means your system should be OK as long as you virus db is up to date. I'd like to know user's experience with clamd on Windows though. Regards, Fajar -- Please avoid sending me Microsoft Office attachments. See http://www.newsforge.com/software/04/03/27/0134204.shtml --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] You might not see OUTDATED warning...
On Thu, 29 Apr 2004, Tomasz Kojm wrote: > On Thu, 29 Apr 2004 09:06:23 -0700 > "Mitch (WebCob)" <[EMAIL PROTECTED]> wrote: > > > Just so all will know ;-) > > > > It seems that 0.65 isn't smart enough to notice the difference - I > > didn't get the warning on that box... but I'm upgrading anyways... > > > > I'm assume the version smarts were added around 0.67? > > > > Or is there some config value that causes me to not see a warning? > > The warning has been added in 0.66. And all logging from freshclam is disabled by default (in 0.67, at least). I never would have known if not for seeing the complaints here. Time to upgrade Damian Menscher -- -=#| Physics Grad Student & SysAdmin @ U Illinois Urbana-Champaign |#=- -=#| 488 LLP, 1110 W. Green St, Urbana, IL 61801 Ofc:(217)333-0038 |#=- -=#| <[EMAIL PROTECTED]> www.uiuc.edu/~menscher/ Fax:(217)333-9819 |#=- -=#| The above opinions are not necessarily those of my employers: |#=- -=#| UIUC CITES Security Group || Beckman Imaging Technology Group |#=- --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] (no subject)
-- Rodney Mock --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id149&alloc_id66&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Updating on SuSE?
cH4os wrote: ? Im kinda new to this, here is what I thought I should do, what did I do wrong? FIx the date time on your system (as root): man date in the source directory (NOT as root) ./configure --help | less To get a list of options you may find usefull. Then put you options and run configure For example if you have libmilter (sendmail) ./configure --enable-milter && make Once it finishes compiling you can do a make install as root. --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Re: OT: Just some interesting stats
Colin A. Bartlett wrote: Jim Maul Sent: Thursday, April 29, 2004 4:10 PM I think the wording is a little confusing..I could be wrong but i assume he means current when he said last. In the same way that "the last 24 hours" means "the current 24 hours", i think "last week" means "current week". I'm sure Rick didn't want English language criticism when he asked for suggestions but just to weigh in, maybe "past 24 hours", "past week", and "past month" would be best. :) Hi, Any constructive criticism is good :) Regards, Rick --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Updating on SuSE?
> Greetings Anyone using SuSE? What is the update proccess? If you're using the SuSE RPMs, updating with YOU should be a good idea. However, it is no problem at all to build ClamAV with SuSE Linux, so if you want to use bleeding edge code, I suggest you go for manual updates. Which file would you recommend? clamav-0.70.tar ? Im kinda new to this, here is what I thought I should do, what did I do wrong? x:~/clamav-0.70 # ./configure checking build system type... i686-pc-linux-gnu checking host system type... i686-pc-linux-gnu checking target system type... i686-pc-linux-gnu creating target.h - canonical system defines checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... configure: error: newly created file is older than distributed files! Check your system clock x:~/clamav-0.70 # make install make: Warning: File `install' has modification time 2.6e+04 s in the future make: Nothing to be done for `install'. make: warning: Clock skew detected. Your build may be incomplete. x:~/clamav-0.70 # ./install ./install: line 1: Copyright: command not found ./install: line 2: Inc.: command not found ./install: line 4: This: command not found ./install: line 4: the: command not found ./install: line 5: unlimited: command not found ./install: line 7: Basic: command not found ./install: line 8: ==: command not found ./install: line 10: These: command not found ./install: command substitution: line 1: unexpected EOF while looking for matching `'' ./install: command substitution: line 4: syntax error: unexpected end of file ./install: line 15: The: command not found ./install: line 19: syntax error near unexpected token `)' ./install: line 19: `debugging `configure').' --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] FreeBSD on OSX?
cH4os at 2004-04-29 13:40 from [EMAIL PROTECTED] wrote: >Is there a port for Mac OSX? or has anyone used the FREEBSD Version on >OSX? Been using it for almost a year on 2 separate systems (using Farit's "cgpav" as the glue) with zero (0) problems - MacOS X 10.2.x thru 10.3.3 - here's what I did: http://www.CipherSpace.org.in/clamav/ http://www.CipherSpace.org.in/cgpav/ HTH. --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] clamav and postfix
On Thu, 2004-04-29 at 14:26, jjolet wrote: > check out amavis-new. it's what I use. runs clam and spamassassin on > every mail. Note, this is my home server, VERY low volume. I'm not > sure what load would look like on a heavily loaded system I do about 20K mails/day through my amavis-new box, about half of which is SPAM or viral; load average is 0.2 clamd helps a lot. -- Daniel J McDonald <[EMAIL PROTECTED]> Austin Energy --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] Re: OT: Just some interesting stats
Jim Maul Sent: Thursday, April 29, 2004 4:10 PM > I think the wording is a little confusing..I could be wrong but i assume he > means current when he said last. In the same way that "the last 24 hours" > means "the current 24 hours", i think "last week" means "current week". I'm sure Rick didn't want English language criticism when he asked for suggestions but just to weigh in, maybe "past 24 hours", "past week", and "past month" would be best. :) cheers, Colin Colin A. Bartlett Kinetic Web Solutions www.kineticweb.biz --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Problem
On Thu, 2004-04-29 at 21:42, Bernard Elbourn wrote: > From a 1 year old installation [snip] > Is it time to upgrade? Oh yes. It was probably time to upgrade some months ago! Virus scanning (and virus production) is an arms race, really well advised to keep pace. BMRB International http://www.bmrb.co.uk +44 (0)20 8566 5000 _ This message (and any attachment) is intended only for the recipient and may contain confidential and/or privileged material. If you have received this in error, please contact the sender and delete this message immediately. Disclosure, copying or other action taken in respect of this email or in reliance on it is prohibited. BMRB International Limited accepts no liability in relation to any personal emails, or content of any email which does not directly relate to our business. --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] OT: Just some interesting stats
Rick Macdougall Sent: Thursday, April 29, 2004 12:38 PM > http://mail.limelyte.net/admin/virus/ NICE! We do something similar. http://www.kineticweb.biz/virusreport.htm I have a script that parses the log file and reads it into SQL. From there, the rest is easy. cheers, Colin Colin A. Bartlett Kinetic Web Solutions www.kineticweb.biz --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Problem
Hi From a 1 year old installation I downloaded this months database and keep getting these messages: - ERROR: hex2int() translation problem (68) ERROR: Can't initialize virus database. --- SCAN SUMMARY --- Known viruses: 19931 Scanned directories: 0 Scanned files: 0 Infected files: 0 Data scanned: 0.00 Mb I/O buffer size: 131072 bytes Time: 41.111 sec (0 m 41 s) Is it time to upgrade? Freshclam claims the database is up to date. Berni --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Updating on SuSE?
cH4os wrote: > Greetings Anyone using SuSE? What is the update proccess? If you're using the SuSE RPMs, updating with YOU should be a good idea. However, it is no problem at all to build ClamAV with SuSE Linux, so if you want to use bleeding edge code, I suggest you go for manual updates. -- Mit freundlichen Grüßen / Yours sincerely Dipl. Inform. Ralph Seichter HORUS-IT Ahornweg 10 D-57635 Oberirsen Tel +49 2686 987880 Fax +49 2686 987889 http://horus-it.de/ --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id149&alloc_id66&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] Re: OT: Just some interesting stats
> -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Jesse > Guardiani > Sent: Thursday, April 29, 2004 1:56 PM > To: [EMAIL PROTECTED] > Subject: [Clamav-users] Re: OT: Just some interesting stats > > > Rick Macdougall wrote: > > > Hi, > > > > http://mail.limelyte.net/admin/virus/ > > > > Just something I'm messing around with currently. I was going to wait > > until our web mistress got a nice template up, but that may take longer. > > > > Suggestions, ideas, flames, etc, more than welcome. > > Looks nice. I'm a little confused about the "top 10 viruses last month" > and "... last week" text though. What about this month and this week? > > You got some source code I can download for that? :) > I think the wording is a little confusing..I could be wrong but i assume he means current when he said last. In the same way that "the last 24 hours" means "the current 24 hours", i think "last week" means "current week". Just my interpretation. Jim --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] You might not see OUTDATED warning...
On Thu, 29 Apr 2004 09:06:23 -0700 "Mitch (WebCob)" <[EMAIL PROTECTED]> wrote: > Just so all will know ;-) > > It seems that 0.65 isn't smart enough to notice the difference - I > didn't get the warning on that box... but I'm upgrading anyways... > > I'm assume the version smarts were added around 0.67? > > Or is there some config value that causes me to not see a warning? The warning has been added in 0.66. -- oo. Tomasz Kojm <[EMAIL PROTECTED]> (\/)\. http://www.ClamAV.net/gpg/tkojm.gpg \..._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Thu Apr 29 21:05:22 CEST 2004 pgp0.pgp Description: PGP signature
[Clamav-users] more on socket error
and the REAL reason i think it is fubar. Thu Apr 29 14:40:46 2004 -> +++ Started at Thu Apr 29 14:40:46 2004 Thu Apr 29 14:40:46 2004 -> Log file size limited to 2097152 bytes. Thu Apr 29 14:40:46 2004 -> Verbose logging activated. Thu Apr 29 14:40:46 2004 -> Setting /var/tmp as global temporary directory Thu Apr 29 14:40:46 2004 -> Reading databases from /usr/local/share/clamav Thu Apr 29 14:40:46 2004 -> Protecting against 21304 viruses. Thu Apr 29 14:40:46 2004 -> ERROR: Socket file /var/run/clamd.sock is in use by another process. Thu Apr 29 14:41:03 2004 -> +++ Started at Thu Apr 29 14:41:03 2004 Thu Apr 29 14:41:03 2004 -> Log file size limited to 2097152 bytes. Thu Apr 29 14:41:03 2004 -> Verbose logging activated. Thu Apr 29 14:41:03 2004 -> Setting /var/tmp as global temporary directory Thu Apr 29 14:41:03 2004 -> Reading databases from /usr/local/share/clamav Thu Apr 29 14:41:03 2004 -> Protecting against 21304 viruses. Thu Apr 29 14:41:04 2004 -> ERROR: Socket file /var/run/clamd.sock is in use by another process. Thu Apr 29 15:03:22 2004 -> SIGHUP caught: re-opening log file. Thu Apr 29 15:03:22 2004 -> No stats for Database check - forcing reload Thu Apr 29 15:03:22 2004 -> Reading databases from /usr/local/share/clamav Thu Apr 29 15:03:23 2004 -> Database correctly reloaded (21304 viruses) --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] Disabling a Signature
Dexter Ang Sent: Thursday, April 29, 2004 2:02 PM > ClamAV FAQ #17: > > I found a false positive in ClamAV virus database. What shall I do? > > Fill the form at > http://clamav.sourceforge.net/cgi-bin/sendvirus.cgi Be sure to > select The file attached is... a false positive. > > - anyway, maybe ask the user to zip the html attachment first until > the false positive is cleared up in the updates. Thanks. I was going to do just that. However the document has what appears to be some sensitive financial data in it and I hesitated before diseminating it. Can someone confirm that I needn't worry about sending it? The user can't zip the document up because MailScanner checks files within the zip as any good email scanner should. cheers, Colin Colin A. Bartlett Kinetic Web Solutions www.kineticweb.biz --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] clamav and postfix
On Thu, 2004-04-29 at 12:33, Faustino Benitez wrote: > Hi: > > I have a question about the setup of clamav and postfix: > > Use two instances of postfix is the only way to integrate clamav with > postfix? No, you can run amavis-new and have one instance with two sets of options. Or, theoretically, you can run the most recent postfix with the amavis-agent, which supposedly has milter-like properties. I'm not inclined to go that route. The nice thing about running through postfix twice is that you get to accept mail with a 250 OK and then toss them in the trash. Very handy for both viri and spam. > > Thanks. > > fausto > > > > --- This SF.Net > email is sponsored by: Oracle 10g Get certified on the hottest thing > ever to hit the market... Oracle 10g. Take an Oracle 10g class now, > and we'll give you the exam FREE. > http://ads.osdn.com/?ad_id149&alloc_id66&op=click > ___ Clamav-users mailing > list [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/clamav-users -- Daniel J McDonald <[EMAIL PROTECTED]> Austin Energy --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] OT: Just some interesting stats
* Rick Macdougall <[EMAIL PROTECTED]> [20040429 21:55]: wrote: > Hi, > > http://mail.limelyte.net/admin/virus/ > > Just something I'm messing around with currently. I was going to wait > until our web mistress got a nice template up, but that may take longer. > > Suggestions, ideas, flames, etc, more than welcome. Really nice. It seems all viruses in the world are directed towards your server ;-) What do you use to generate that? cheers - wash +--+-+ Odhiambo Washington . WANANCHI ONLINE LTD (Nairobi, KE) | . 1ere Etage, Loita Hse, Loita St., | GSM: (+254) 722 743 223 . # 10286, 00100 NAIROBI | GSM: (+254) 733 744 121 . (+254) 020 313 985 - 9 | +-+--+ "Oh My God! They killed init! You Bastards!" --from a /. post --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] socket failure?
why is my clamd.sock file have those permissions and zero bytes? this was an upgrade from a perfectly running 70-rc to 70 and now i get socket problems. or so it seems. ideas? Thu Apr 29 14:39:26 2004 -> +++ Started at Thu Apr 29 14:39:26 2004 Thu Apr 29 14:39:26 2004 -> Log file size limited to 2097152 bytes. Thu Apr 29 14:39:26 2004 -> Verbose logging activated. Thu Apr 29 14:39:26 2004 -> Setting /var/tmp as global temporary directory Thu Apr 29 14:39:26 2004 -> Reading databases from /usr/local/share/clamav Thu Apr 29 14:39:26 2004 -> Protecting against 21304 viruses. Thu Apr 29 14:39:27 2004 -> Unix socket file /var/run/clamd.sock Thu Apr 29 14:39:27 2004 -> Setting connection queue length to 15 Thu Apr 29 14:39:27 2004 -> Listening daemon: PID: 12220 Thu Apr 29 14:39:27 2004 -> Archive: Archived file size limit set to 10485760 bytes. Thu Apr 29 14:39:27 2004 -> Archive: Recursion level limit set to 5. Thu Apr 29 14:39:27 2004 -> Archive: Files limit set to 1000. Thu Apr 29 14:39:27 2004 -> Archive: Compression ratio limit set to 200. Thu Apr 29 14:39:27 2004 -> Archive support enabled. Thu Apr 29 14:39:27 2004 -> RAR support disabled. Thu Apr 29 14:39:27 2004 -> Mail files support enabled. Thu Apr 29 14:39:27 2004 -> OLE2 support disabled. Thu Apr 29 14:39:27 2004 -> Self checking every 600 seconds. (/usr/local/sbin) date;clamd ping Thu Apr 29 14:41:03 CDT 2004 LibClamAV debug: Loading databases from /usr/local/share/clamav LibClamAV debug: Loading /usr/local/share/clamav/main.cvd LibClamAV debug: /usr/local/share/clamav/main.cvd: CVD file detected LibClamAV debug: in cli_cvdload() LibClamAV debug: MD5(.tar.gz) = 1b99fa97eec06a4e2946d2c53d63f2c1 LibClamAV debug: Decoded signature: 1b99fa97eec06a4e2946d2c53d63f2c1 LibClamAV debug: Digital signature is correct. LibClamAV debug: in cli_untgz() LibClamAV debug: Unpacking /var/tmp/clamav-a82ed222151ad472/COPYING LibClamAV debug: Unpacking /var/tmp/clamav-a82ed222151ad472/viruses.db LibClamAV debug: Loading databases from /var/tmp/clamav-a82ed222151ad472 LibClamAV debug: Loading /var/tmp/clamav-a82ed222151ad472/viruses.db LibClamAV debug: Initializing trie. LibClamAV debug: Loading /usr/local/share/clamav/daily.cvd LibClamAV debug: /usr/local/share/clamav/daily.cvd: CVD file detected LibClamAV debug: in cli_cvdload() LibClamAV debug: MD5(.tar.gz) = 4a5bcb4e2e696c4e918ef8dd8d0b2ae2 LibClamAV debug: Decoded signature: 4a5bcb4e2e696c4e918ef8dd8d0b2ae2 LibClamAV debug: Digital signature is correct. LibClamAV debug: in cli_untgz() LibClamAV debug: Unpacking /var/tmp/clamav-cd1ed92da0d29e01/COPYING LibClamAV debug: Unpacking /var/tmp/clamav-cd1ed92da0d29e01/viruses.db2 LibClamAV debug: Loading databases from /var/tmp/clamav-cd1ed92da0d29e01 LibClamAV debug: Loading /var/tmp/clamav-cd1ed92da0d29e01/viruses.db2 (/var/run) date ; ls -al Thu Apr 29 14:41:35 CDT 2004 total 116 drwxr-xr-x 12 root root 4096 Apr 29 14:39 . drwxr-xr-x 31 root root 4096 Jan 8 2003 .. -rw-rw1 root root 24 Apr 29 14:39 clamd.pid srwxrwxrwx1 root root0 Apr 29 14:39 clamd.sock (/var/run) date ; ls -al Thu Apr 29 14:42:15 CDT 2004 total 120 drwxr-xr-x 12 root root 4096 Apr 29 14:43 . drwxr-xr-x 31 root root 4096 Jan 8 2003 .. -rw-rw1 root root 24 Apr 29 14:39 clamd.pid srwxrwxrwx1 root root0 Apr 29 14:39 clamd.sock -rw-r--r--1 root root 18 Apr 29 14:43 clmilter.sock --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Re: OT: Just some interesting stats
Jesse Guardiani wrote: Rick Macdougall wrote: http://mail.limelyte.net/admin/virus/ Just something I'm messing around with currently. I was going to wait until our web mistress got a nice template up, but that may take longer. Suggestions, ideas, flames, etc, more than welcome. Looks nice. I'm a little confused about the "top 10 viruses last month" and "... last week" text though. What about this month and this week? You got some source code I can download for that? :) Hi, Misnomer, that should really read Top 10 viruses in the last 7 days and last 30 days. I'm not much of an artist when it comes to html layout, or anything else really :) No code available yet. It's based on the qsla distribution that stored everything into mysql, from there I just use some php and mysql to pull out the data I want to see. If I get enough requests I'll pull something together that can be downloaded, but it's pre pre beta and does require the user to create the needed sql databases, have perl etc installed, etc etc. Thinking about adding a search function and some other stuff, and maybe integrating it into Squirrel mail and allow users to pull out stats based on their email address. Lot's of ideas, so little time. Regards, Rick --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] clamav and postfix
check out amavis-new. it's what I use. runs clam and spamassassin on every mail. Note, this is my home server, VERY low volume. I'm not sure what load would look like on a heavily loaded system On Thursday, April 29, 2004, at 12:33 PM, Faustino Benitez wrote: Hi: I have a question about the setup of clamav and postfix: Use two instances of postfix is the only way to integrate clamav with postfix? Thanks. fausto --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id149&alloc_idÅ66&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id149&alloc_id66&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] OT: Just some interesting stats
On 2004-04-29, Rick Macdougall wrote: >http://mail.limelyte.net/admin/virus/ [...] >Suggestions, ideas, flames, etc, more than welcome. Really nice one! Is the source code available somewhere? :-) s. -- (0> Jakub Jankowski [url]: s.atn.pl "Nawet w Krainie Czarow //\ [EMAIL PROTECTED] [rlu]: 174516 latwiej jest spotkac V_/_ [EMAIL PROTECTED] [ekg]: 921514 Babe Jage niz Alicje" Fingerprint: FCBF F03D 9ADB B768 8B92 BB52 0341 9037 A875 942D --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] clamav and postfix
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Faustino Benitez Sent: Thursday, April 29, 2004 1:33 PM To: [EMAIL PROTECTED] Subject: [Clamav-users] clamav and postfix Hi: I have a question about the setup of clamav and postfix: Use two instances of postfix is the only way to integrate clamav with postfix? Thanks. fausto - Umm...this doesnt sound right at all. http://www.postfix.org/docs.html might be some help. Jim --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] FreeBSD on OSX?
On Thursday 29 Apr 2004 6:40 pm, cH4os wrote: > Is there a port for Mac OSX? or has anyone used the FREEBSD Version on > OSX? ClamAV should work fine on MacOS/X - it does on mine anyway. Some threading issues with 10.1, but later ones have that addressed. > Thanks > the software said: Windows 98 or Better, so I installed it on Linux! Err, that doesn't work when you're talking about MacOS or FreeBSD does it? -Nigel -- Nigel Horne. Arranger, Composer, Typesetter. NJH Music, Barnsley, UK. ICQ#20252325 [EMAIL PROTECTED] http://www.bandsman.co.uk --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] freshclam vs selfcheck
> -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Frank > Elsner > Sent: Thursday, April 29, 2004 1:19 PM > To: [EMAIL PROTECTED] > Subject: [Clamav-users] freshclam vs selfcheck > > > > RedHat 7.3, ClamAV version 0.70 > > Can anybody explain this ? freshclam says "up to date" but > selfcheck reloads ? > > Apr 29 10:07:00 freshclam[7761]: Freshclam started. > Apr 29 10:07:00 freshclam[7761]: ClamAV update process started at > Thu Apr 29 10:07:00 2004 > Apr 29 10:07:00 freshclam[7761]: main.cvd is up to date (version: > 22, sigs: 20229, f-level: 1, builder: tkojm) > Apr 29 10:07:01 freshclam[7761]: daily.cvd is up to date > (version: 294, sigs: 1075, f-level: 2, builder: diego) > Apr 29 10:10:04 clamd[656]: SelfCheck: Database modification > detected. Forcing reload. > Apr 29 10:10:04 clamd[656]: Reading databases from /usr/local/clamav/data > Apr 29 10:10:07 clamd[656]: Database correctly reloaded (21304 viruses) > I believe clam reloads every [insert value from clamav.conf here] regardless of whether or not there was a change to the database. Jim --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Patching clamd to log to stderr (for use with multilog)
On Thursday 29 Apr 2004 6:22 pm, Dale Gallagher wrote: > LogFile stderr LogFile /dev/stderr will work on many systems > Dale -- Nigel Horne. Arranger, Composer, Typesetter. NJH Music, Barnsley, UK. ICQ#20252325 [EMAIL PROTECTED] http://www.bandsman.co.uk --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] clamav and postfix
Faustino Benitez wrote: Hi: I have a question about the setup of clamav and postfix: Use two instances of postfix is the only way to integrate clamav with postfix? Thanks. fausto Typically, clamav/clamd is integrated into Postfix with another tool such as amavisd[-new] or mailscanner. Both are popular and you can also include SpamAssassin in the mix to filter out spam at the same time. -Bill --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Updating on SuSE?
- Original Message Follows - From: cH4os <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: [Clamav-users] Updating on SuSE? Date: Thu, 29 Apr 2004 10:55:23 -0700 > > Greetings, > > Greetings Anyone using SuSE? What is the update proccess? Do you use > YOU? Yes. Currently that is all I'm familiar with. I'm in the process of understanding SUSE better as we are switching from RH to SUSE. Only due to being a novell shope and its aquasition of SUSE. Kevin W. Gagel Network Administrator (250) 561-5848 local 448 (250) 562-2131 local 448 -- The College of New Caledonia, Visit us at http://www.cnc.bc.ca Virus scanning is done on all incoming and outgoing email. -- --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Disabling a Signature
On Fri, 2004-04-30 at 00:44, Colin A. Bartlett wrote: > Team, > I'm receiving FPs on Trojan.URLspoof.gen from a client that attaches HTML > documents to emails. I need to somehow disable this signature so that he can > send these emails without getting the attachments stripped. Any way of doing > this? Or is it something up to the hook into my MTA (MailScanner)? For what > it's worth I saw an almost identical post to this in the archives but there > was no follow ups. > > cheers, > Colin ClamAV FAQ #17: I found a false positive in ClamAV virus database. What shall I do? Fill the form at http://clamav.sourceforge.net/cgi-bin/sendvirus.cgi Be sure to select The file attached is... a false positive. - anyway, maybe ask the user to zip the html attachment first until the false positive is cleared up in the updates. dex --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Re: OT: Just some interesting stats
Rick Macdougall wrote: > Hi, > > http://mail.limelyte.net/admin/virus/ > > Just something I'm messing around with currently. I was going to wait > until our web mistress got a nice template up, but that may take longer. > > Suggestions, ideas, flames, etc, more than welcome. Looks nice. I'm a little confused about the "top 10 viruses last month" and "... last week" text though. What about this month and this week? You got some source code I can download for that? :) -- Jesse Guardiani, Systems Administrator WingNET Internet Services, P.O. Box 2605 // Cleveland, TN 37320-2605 423-559-LINK (v) 423-559-5145 (f) http://www.wingnet.net --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Updating on SuSE?
Greetings, Greetings Anyone using SuSE? What is the update proccess? Do you use YOU? Thanks --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] sigtool not working correctly
Hello all, I recently upgraded my Clamav from 0.70-rc to clamav-0.70. After the upgrade my sigtool stopped working as it used to. For example: [EMAIL PROTECTED] log]# sigtool -i /var/lib/clamav/daily.cvd Build time: 29 Apr 2004 07-50 +0200 Version: 294 # of signatures: 1075 Functionality level: 2 Builder: diego MD5: 4a5bcb4e2e696c4e918ef8dd8d0b2ae2 Digital signature: FUJWP7lblQugBK02KPsQMF2Seg/ IHEAanlB56P7AxZ84pLAfGnH1zxtW+B2YZyJelLSEyZOprZhHSccdoAzXMD9Q4hUipjpMJ8+ v9RlqHJpXrogrpP8vDJsjeb+N93ikPEa4TwEVmZ8aHgcfNUbhXIOQD4wOEWBWdcya9GRS+Ke Verification OK. [EMAIL PROTECTED] log]# But if I try to grep for a specific virus, I get nothing: [EMAIL PROTECTED] log]# sigtool -l |grep -i somefool [EMAIL PROTECTED] log]# Clam is catching a ton of somefool variants every hour, as well as the newest Bagle variants that I see listed in the update emails, but sigtool won't show them. Any and all ideas are appreciated! Thanks, Mark Novak --- [This E-mail scanned for viruses by Declude Virus] --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] FreeBSD on OSX?
Greetings All, Is there a port for Mac OSX? or has anyone used the FREEBSD Version on OSX? Thanks --- the software said: Windows 98 or Better, so I installed it on Linux! --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Patching clamd to log to stderr (for use with multilog)
Hi everyone Anyone wishing to run clamd under daemontools http://cr.yp.to/daemontools.html can use the attached patch I hacked together, which is almost identical to Len Budney's patch: http://mysite.verizon.net/vze1ypud/software/qscanq/clamav-0.70-stderr.patch.gz I didn't notice Len had updated his previous patch, so I rolled my own based on his old patch, without checking first. Anyway, here it is if anyone is interested. Patch like so: tar xzf clamav-0.70.tar.gz patch -p0 &1 exec setuidgid clamav /usr/sbin/clamd /service/clamd/log/run: #!/bin/sh exec setuidgid clamav \ multilog t s100 n20 /var/log/clamav The run files assume clamav is configured as follows: ./configure \ --prefix=/usr \ --datadir=/var/lib \ --sysconfdir=/etc/clamav \ --disable-clamuko cheers Dale clamav-0.70-stderr.patch Description: Binary data
[Clamav-users] freshclam vs selfcheck
RedHat 7.3, ClamAV version 0.70 Can anybody explain this ? freshclam says "up to date" but selfcheck reloads ? Apr 29 10:07:00 freshclam[7761]: Freshclam started. Apr 29 10:07:00 freshclam[7761]: ClamAV update process started at Thu Apr 29 10:07:00 2004 Apr 29 10:07:00 freshclam[7761]: main.cvd is up to date (version: 22, sigs: 20229, f-level: 1, builder: tkojm) Apr 29 10:07:01 freshclam[7761]: daily.cvd is up to date (version: 294, sigs: 1075, f-level: 2, builder: diego) Apr 29 10:10:04 clamd[656]: SelfCheck: Database modification detected. Forcing reload. Apr 29 10:10:04 clamd[656]: Reading databases from /usr/local/clamav/data Apr 29 10:10:07 clamd[656]: Database correctly reloaded (21304 viruses) --Frank Elsner --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] clamav and postfix
Hi: I have a question about the setup of clamav and postfix: Use two instances of postfix is the only way to integrate clamav with postfix? Thanks. fausto --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id149&alloc_id66&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Disabling a Signature
Team, I'm receiving FPs on Trojan.URLspoof.gen from a client that attaches HTML documents to emails. I need to somehow disable this signature so that he can send these emails without getting the attachments stripped. Any way of doing this? Or is it something up to the hook into my MTA (MailScanner)? For what it's worth I saw an almost identical post to this in the archives but there was no follow ups. cheers, Colin Colin A. Bartlett Kinetic Web Solutions www.kineticweb.biz --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] OT: Just some interesting stats
Hi, http://mail.limelyte.net/admin/virus/ Just something I'm messing around with currently. I was going to wait until our web mistress got a nice template up, but that may take longer. Suggestions, ideas, flames, etc, more than welcome. Regards, Rick --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Your ClamAV installation is OUTDATED
On Thursday, April 29, 2004, at 09:35 AM, Dave Ewart wrote: On Thursday, 29.04.2004 at 08:38 -0500, John Madden wrote: Update to ClamAV version 0.70 What are the consequences of not upgrading? I'd have to plan downtime, There shouldn't be any need for (significant) downtime - build the new clam and install. Then restart the clam daemon, which shouldn't take more than a second or two. If you're not using the daemon, then you don't even need to do that. That's assuming nothing goes wrong. If that's a production system, you HAVE to plan for downtime. if clamd isn't working, most likely his mta isn't delivering mail. --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] You might not see OUTDATED warning...
Just so all will know ;-) It seems that 0.65 isn't smart enough to notice the difference - I didn't get the warning on that box... but I'm upgrading anyways... I'm assume the version smarts were added around 0.67? Or is there some config value that causes me to not see a warning? Thanks. m/ --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Your ClamAV installation is OUTDATED
i´ve updated my installation and it required no downtime. it´s really a simple process, once you have all dependecies in place i've used the RPM file ricardo >>What are the consequences of not upgrading? I'd have to plan >>downtime, --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id149&alloc_id66&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] Zip module failure. ERROR
> -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Guillermo > Llenas > Sent: Thursday, April 29, 2004 10:02 AM > To: [EMAIL PROTECTED] > Subject: [Clamav-users] Zip module failure. ERROR > > > > > Hello, > > I'm getting the following error message in my logs: the > system is Fedora C1 with exim-exiscan. > Can someone tell me what this means or where I could find > out why I am getting this? > > Thanks. > > > 2004-04-28 13:54:02 1BIsJt-zV-HU malware acl condition: > clamd: connection to 127.0.0.1, port 3310 failed (Bad file descri > ptor) > 2004-04-28 13:54:06 1BIsJx-00011a-Sc malware acl condition: > clamd: connection to 127.0.0.1, port 3310 failed (Bad file descri > ptor) > 2004-04-28 13:54:06 1BIsJx-00011W-R8 malware acl condition: > clamd: connection to 127.0.0.1, port 3310 failed (Bad file descri > ptor) I dont have an answer to this but is it just me or do most/all of the file descriptor problems seem to be happening on fedora? Something to note i suppose... Jim --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Your ClamAV installation is OUTDATED
John Madden a écrit : Update to ClamAV version 0.70 What are the consequences of not upgrading? I'd have to plan downtime, etc... John I never have downtime for updating clamav. Download the source ./congifure make make install restart clamd and you are René
Re: [Clamav-users] Update Clamav
Marco Draghi a écrit : I've received the warning about the outdated version of my clamav-0.67 too. For install the new clamav-0.70.tar.gz do I need to uninstall the first one and after install the new one, or just install the last version over 0.67?? Thanks, Marco. install over. René --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id149&alloc_id66&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] ClamAV on Windows and Sendmail on Unix
> > I don't know anybody who > actually runs ClamAV on Windows (with cygwin, usually) > for mail scanning on PRODUCTION servers. > I'm running ClamAV on a PRODUCTION Windows email server using the snapshots that Fajar provides. The server runs Ipswitch's IMail with Declude Virus and Declude JunkMail addons. Regards, Brad Morgan IT Manager Horizon Interactive Inc. --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] clamav attachment not deleted from /tmp
On Thursday 29 Apr 2004 11:32 am, jean-marc pouchoulon wrote: > Nothing more and /tmp is growing. > Don't find something useful in mail archives list. miss something ? Did you configure with --enable-debug? > Thanks for you help -Nigel -- Nigel Horne. Arranger, Composer, Typesetter. NJH Music, Barnsley, UK. ICQ#20252325 [EMAIL PROTECTED] http://www.bandsman.co.uk --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Your ClamAV installation is OUTDATED
On Thursday, 29.04.2004 at 08:38 -0500, John Madden wrote: > > Update to ClamAV version 0.70 > > What are the consequences of not upgrading? I'd have to plan > downtime, There shouldn't be any need for (significant) downtime - build the new clam and install. Then restart the clam daemon, which shouldn't take more than a second or two. If you're not using the daemon, then you don't even need to do that. Dave. -- Dave Ewart [EMAIL PROTECTED] Computing Manager, Epidemiology Unit, Oxford Cancer Research UK PGP: CC70 1883 BD92 E665 B840 118B 6E94 2CFD 694D E370 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Your ClamAV installation is OUTDATED
On Thu, 29 Apr 2004 08:38:04 CDT "John Madden" wrote: > > Update to ClamAV version 0.70 > > What are the consequences of not upgrading? I'd have to plan downtime, > etc... Downtime because of clamav update ? --Frank Elsner --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] clamav attachment not deleted from /tmp
> -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of jean-marc > pouchoulon > Sent: Thursday, April 29, 2004 6:33 AM > To: [EMAIL PROTECTED] > Subject: [Clamav-users] clamav attachment not deleted from /tmp > > > Hi, > On fedora core B > using mimedefang 2.42 > and clamav-0.70 or 0.68 or last from cvs > I have /tmp full of directories > >drwx-- 2 defang defang 4096 avr 29 10:28 clamav-cf15fe6738d54335 >drwx-- 2 defang defang 4096 avr 29 10:28 clamav-628ab4bef9112b1d >drwx-- 2 defang defang 4096 avr 29 10:28 clamav-8857c8b5861df0cb >drwx-- 2 defang defang 4096 avr 29 10:28 clamav-c7b1de517aa4da1d > >In it there are pieces of files to be scanned I supposed > clamav-13ebdb3e9fcf2c4c: >total 64 >-rw--- 1 defang defang 59838 avr 29 10:29 18_0340013E.pdfrIRTqf > clamav-8cc0f61bce8f9e9f: >total 108 >-rw--- 1 defang defang 1329 avr 29 10:30 unknown7S9Ek5 >-rw--- 1 defang defang 100353 avr 29 10:30 Groupe action doc > avril2004.docrCptfV > These directories never disapeared > > I can see in debug mode : > > blobSetFilename: textportion > LibClamAV debug: Saving main message, encoded with scheme 1 > LibClamAV debug: Saving attachment in > /tmp/clamav-c7f9cad348796050/textportion > LibClamAV debug: Saving attachment as > /tmp/clamav-c7f9cad348796050/textportionn1nbHg (2189 bytes long) > LibClamAV debug: blobDestroy > > Nothing more and /tmp is growing. > Don't find something useful in mail archives list. miss something ? > > Are you running in debug mode? When doing so, all tmp files are left for debugging purposes. Jim --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] Your ClamAV installation is OUTDATED
where is 0.70-1 is that unstable? I only see 0.70 for stable > > > Hi, > you must update to clamav-0.70-1 and that warning, will disapear. > > > Guillermo Llenas > Tecnología > Inter.net Argentina > > +0054 11 6328-1500 > fax 0054 11 6328-1530 > www.inter.net > [EMAIL PROTECTED] > > > >> -Mensaje original- >> De: [EMAIL PROTECTED] >> [mailto:[EMAIL PROTECTED] En nombre >> de Jeff Lanzarotta >> Enviado el: Jueves, 29 de Abril de 2004 10:18 a.m. >> Para: ClamAV User List (E-mail) >> Asunto: [Clamav-users] Your ClamAV installation is OUTDATED >> >> Hello, >> >> I'm getting the following error message in my >> /var/log/freshclam.log file on my Mandrake 9.2 system: >> >> WARNING: Your ClamAV installation is OUTDATED - please update >> immediately ! >> WARNING: Current functionality level = 1, required = 2 >> >> Can someone tell me what this means or where I could find out >> why I am getting this? >> >> I have versions: >> >> clamscan / ClamAV version 0.70-rc >> freshclam / ClamAV version 0.70-rc >> >> Regards, >> >> >> Jeff Lanzarotta >> >> >> --- >> This SF.Net email is sponsored by: Oracle 10g >> Get certified on the hottest thing ever to hit the market... >> Oracle 10g. >> Take an Oracle 10g class now, and we'll give you the exam FREE. >> http://ads.osdn.com/?ad_id149&alloc_id66&op=ick >> ___ >> Clamav-users mailing list >> [EMAIL PROTECTED] >> https://lists.sourceforge.net/lists/listinfo/clamav-users >> >> --- >> Incoming mail is certified Virus Free. >> Checked by AVG anti-virus system (http://www.grisoft.com). >> Version: 6.0.672 / Virus Database: 434 - Release Date: 28/04/2004 >> >> > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.672 / Virus Database: 434 - Release Date: 28/04/2004 > > > > > --- > This SF.Net email is sponsored by: Oracle 10g > Get certified on the hottest thing ever to hit the market... Oracle 10g. > Take an Oracle 10g class now, and we'll give you the exam FREE. > http://ads.osdn.com/?ad_id149&alloc_id66&op=click > ___ > Clamav-users mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/clamav-users > > --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id149&alloc_id66&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Your ClamAV installation is OUTDATED
Guillermo Llenas wrote: This is from the Faq. :) If you don't upgrade immediately you will be in big trouble :) Well, perhaps not BIG trouble, but you will not be able to scan some types of virus. -Mensaje original- De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] En nombre de John Madden Enviado el: Jueves, 29 de Abril de 2004 10:38 a.m. Para: [EMAIL PROTECTED] Asunto: Re: [Clamav-users] Your ClamAV installation is OUTDATED Update to ClamAV version 0.70 What are the consequences of not upgrading? I'd have to plan downtime, Your version should be able to catch most (if not all) worms though. If you're happy with current performance, or can't schedule downtime, then you don't need to upgrade yet. Regards, Fajar -- Please avoid sending me Microsoft Office attachments. See http://www.newsforge.com/software/04/03/27/0134204.shtml --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Your ClamAV installation is OUTDATED
On Thursday, 29.04.2004 at 09:17 -0400, Jeff Lanzarotta wrote: > I'm getting the following error message in my /var/log/freshclam.log > file on my Mandrake 9.2 system: > > WARNING: Your ClamAV installation is OUTDATED - please update immediately ! > WARNING: Current functionality level = 1, required = 2 > > Can someone tell me what this means or where I could find out why I am > getting this? > > I have versions: > > clamscan / ClamAV version 0.70-rc > freshclam / ClamAV version 0.70-rc You should upgrade to version 0.70, I believe. Dave. -- Dave Ewart [EMAIL PROTECTED] Computing Manager, Epidemiology Unit, Oxford Cancer Research UK PGP: CC70 1883 BD92 E665 B840 118B 6E94 2CFD 694D E370 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Update
Marco Draghi wrote: I've received the warning about the outdated version of my clamav-0.67 too. For install the new clamav-0.70.tar.gz do I need to uninstall the first one and after install the new one, or just install the last version over 0.67?? Thanks, Marco. If you use the same configure arguments, you should be ok. However, do yourself a favor and search for any duplicate copies of the virus sig database. That said, you may wish to backup the config files, any local mods you have done and do a make uninstall from the .67 src directory you "make install"ed from. --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Your ClamAV installation is OUTDATED
Joe Maimon wrote: >>I'm getting the following error message in my /var/log/freshclam.log file >> on my Mandrake 9.2 system: >> >>WARNING: Your ClamAV installation is OUTDATED - please update immediately >> ! >>WARNING: Current functionality level = 1, required = 2 > Their outdated. Upgrade them. New ones at www.clamav.net I don't like that `freshclam --quiet` is really that quiet and doesn't remind me to upgrade. I have to check separately via cron: `tail /var/log/freshclam.log | grep OUTDATED` Is there a better way to do this? Has clamav stopped working properly at functionality level 1? Regards, -- Stephan Paukner <[EMAIL PROTECTED]> GnuPG public key ID: 0xAC6B7700 Jabber ID: [EMAIL PROTECTED] --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Zip module failure. ERROR
Hello, I'm getting the following error message in my logs: the system is Fedora C1 with exim-exiscan. Can someone tell me what this means or where I could find out why I am getting this? Thanks. 2004-04-28 13:54:02 1BIsJt-zV-HU malware acl condition: clamd: connection to 127.0.0.1, port 3310 failed (Bad file descri ptor) 2004-04-28 13:54:06 1BIsJx-00011a-Sc malware acl condition: clamd: connection to 127.0.0.1, port 3310 failed (Bad file descri ptor) 2004-04-28 13:54:06 1BIsJx-00011W-R8 malware acl condition: clamd: connection to 127.0.0.1, port 3310 failed (Bad file descri ptor) 2004-04-28 14:48:06 1BIt7t-0004ZK-64 malware acl condition: clamd: ClamAV returned /var/spool/exim/scan/1BIt7t-0004ZK-64/1BIt 7t-0004ZK-64-2: Zip module failure. ERROR 2004-04-28 19:10:37 1BIxFv-0006rY-6S malware acl condition: clamd: ClamAV returned /var/spool/exim/scan/1BIxFv-0006rY-6S/1BIx Fv-0006rY-6S-2: Zip module failure. ERROR 2004-04-28 19:14:07 1BIxHw-00070z-I9 malware acl condition: clamd: ClamAV returned /var/spool/exim/scan/1BIxHw-00070z-I9/1BIx Hw-00070z-I9-2: Zip module failure. ERROR 2004-04-28 20:13:56 1BIyEc-0001sX-AH malware acl condition: clamd: ClamAV returned /var/spool/exim/scan/1BIyEc-0001sX-AH/1BIy Ec-0001sX-AH-2: Zip module failure. ERROR 2004-04-28 20:45:37 1BIyjZ-0003Ok-Mn malware acl condition: clamd: ClamAV returned /var/spool/exim/scan/1BIyjZ-0003Ok-Mn/1BIy jZ-0003Ok-Mn-2: Zip module failure. ERROR Guillermo Llenas Tecnología Inter.net Argentina +0054 11 6328-1500 fax 0054 11 6328-1530 www.inter.net [EMAIL PROTECTED] --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.672 / Virus Database: 434 - Release Date: 28/04/2004 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.672 / Virus Database: 434 - Release Date: 28/04/2004 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id149&alloc_id66&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Bagle.AA?
I'm getting reports of another bitmap-password zip virus, perhaps Bagle.AA? Anyone else? I'll submit a sample as soon as I see one... John -- John Madden UNIX Systems Engineer Ivy Tech State College [EMAIL PROTECTED] --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id149&alloc_id66&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Update Clamav
I've received the warning about the outdated version of my clamav-0.67 too. For install the new clamav-0.70.tar.gz do I need to uninstall the first one and after install the new one, or just install the last version over 0.67?? Thanks, Marco. --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] Your ClamAV installation is OUTDATED
This is from the Faq. :) What does WARNING: Current functionality level = 1, required = 2 mean? The functionality level of the database determines which scanner engine version is required to use all of its signatures. If you don't upgrade immediately you will be in big trouble :) > -Mensaje original- > De: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] En nombre > de John Madden > Enviado el: Jueves, 29 de Abril de 2004 10:38 a.m. > Para: [EMAIL PROTECTED] > Asunto: Re: [Clamav-users] Your ClamAV installation is OUTDATED > > > Update to ClamAV version 0.70 > > What are the consequences of not upgrading? I'd have to plan > downtime, > etc... > > John > > > > > > -- > John Madden > UNIX Systems Engineer > Ivy Tech State College > [EMAIL PROTECTED] > > > > > --- > This SF.Net email is sponsored by: Oracle 10g > Get certified on the hottest thing ever to hit the market... > Oracle 10g. > Take an Oracle 10g class now, and we'll give you the exam FREE. > http://ads.osdn.com/?ad_id149&alloc_id66&op=ick > ___ > Clamav-users mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/clamav-users > > --- > Incoming mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.672 / Virus Database: 434 - Release Date: 28/04/2004 > > --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.672 / Virus Database: 434 - Release Date: 28/04/2004 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id149&alloc_id66&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Update
I've received the warning about the outdated version of my clamav-0.67 too. For install the new clamav-0.70.tar.gz do I need to uninstall the first one and after install the new one, or just install the last version over 0.67?? Thanks, Marco. --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Your ClamAV installation is OUTDATED
> Update to ClamAV version 0.70 What are the consequences of not upgrading? I'd have to plan downtime, etc... John -- John Madden UNIX Systems Engineer Ivy Tech State College [EMAIL PROTECTED] --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id149&alloc_id66&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] Your ClamAV installation is OUTDATED
Hi, you must update to clamav-0.70-1 and that warning, will disapear. Guillermo Llenas Tecnología Inter.net Argentina +0054 11 6328-1500 fax 0054 11 6328-1530 www.inter.net [EMAIL PROTECTED] > -Mensaje original- > De: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] En nombre > de Jeff Lanzarotta > Enviado el: Jueves, 29 de Abril de 2004 10:18 a.m. > Para: ClamAV User List (E-mail) > Asunto: [Clamav-users] Your ClamAV installation is OUTDATED > > Hello, > > I'm getting the following error message in my > /var/log/freshclam.log file on my Mandrake 9.2 system: > > WARNING: Your ClamAV installation is OUTDATED - please update > immediately ! > WARNING: Current functionality level = 1, required = 2 > > Can someone tell me what this means or where I could find out > why I am getting this? > > I have versions: > > clamscan / ClamAV version 0.70-rc > freshclam / ClamAV version 0.70-rc > > Regards, > > > Jeff Lanzarotta > > > --- > This SF.Net email is sponsored by: Oracle 10g > Get certified on the hottest thing ever to hit the market... > Oracle 10g. > Take an Oracle 10g class now, and we'll give you the exam FREE. > http://ads.osdn.com/?ad_id149&alloc_id66&op=ick > ___ > Clamav-users mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/clamav-users > > --- > Incoming mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.672 / Virus Database: 434 - Release Date: 28/04/2004 > > --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.672 / Virus Database: 434 - Release Date: 28/04/2004 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id149&alloc_id66&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Your ClamAV installation is OUTDATED
Jeff Lanzarotta wrote: Hello, I'm getting the following error message in my /var/log/freshclam.log file on my Mandrake 9.2 system: WARNING: Your ClamAV installation is OUTDATED - please update immediately ! WARNING: Current functionality level = 1, required = 2 Can someone tell me what this means or where I could find out why I am getting this? I have versions: clamscan / ClamAV version 0.70-rc freshclam / ClamAV version 0.70-rc Regards, Their outdated. Upgrade them. New ones at www.clamav.net --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Your ClamAV installation is OUTDATED
On Thu, 29 Apr 2004 09:17:55 -0400 "Jeff Lanzarotta" <[EMAIL PROTECTED]> wrote: > I'm getting the following error message in my /var/log/freshclam.log file on my > Mandrake 9.2 system: > > WARNING: Your ClamAV installation is OUTDATED - please update immediately ! > WARNING: Current functionality level = 1, required = 2 > > Can someone tell me what this means or where I could find out why I am getting this? > > I have versions: > > clamscan / ClamAV version 0.70-rc > freshclam / ClamAV version 0.70-rc Update to ClamAV version 0.70 -- Korchmenuk Nickolay 29 Apr 2004 16:22:50 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Your ClamAV installation is OUTDATED
Hello, I'm getting the following error message in my /var/log/freshclam.log file on my Mandrake 9.2 system: WARNING: Your ClamAV installation is OUTDATED - please update immediately ! WARNING: Current functionality level = 1, required = 2 Can someone tell me what this means or where I could find out why I am getting this? I have versions: clamscan / ClamAV version 0.70-rc freshclam / ClamAV version 0.70-rc Regards, Jeff Lanzarotta --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id149&alloc_id66&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] [PATCH] clamav-milter --max-child-wait
working. It would be really nice to actually have the bug fixed properly though, rather than resorting to work-rounds like that. Mike. Well than try my latest patch for max-children-wait argument http://www.jmaimon.com/clamav The default will be to EXIT when we hit the max-children mark, instead of loitering around, piling up and delaying email, then still running even though there are still too many children. BE Warned: This means that unless you configure otherwise, clamav-milter will TEMPFAIL email whenever it hits the max-children threshold. Which means you would probably wish to consider exactly why the max-children figure you are using and the sendmail define(`confMAX_DAEMON_CHILDREN',`100')dnl are different... --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] clamav attachment not deleted from /tmp
Hi, On fedora core B using mimedefang 2.42 and clamav-0.70 or 0.68 or last from cvs I have /tmp full of directories drwx-- 2 defang defang 4096 avr 29 10:28 clamav-cf15fe6738d54335 drwx-- 2 defang defang 4096 avr 29 10:28 clamav-628ab4bef9112b1d drwx-- 2 defang defang 4096 avr 29 10:28 clamav-8857c8b5861df0cb drwx-- 2 defang defang 4096 avr 29 10:28 clamav-c7b1de517aa4da1d In it there are pieces of files to be scanned I supposed clamav-13ebdb3e9fcf2c4c: total 64 -rw--- 1 defang defang 59838 avr 29 10:29 18_0340013E.pdfrIRTqf clamav-8cc0f61bce8f9e9f: total 108 -rw--- 1 defang defang 1329 avr 29 10:30 unknown7S9Ek5 -rw--- 1 defang defang 100353 avr 29 10:30 Groupe action doc avril2004.docrCptfV These directories never disapeared I can see in debug mode : blobSetFilename: textportion LibClamAV debug: Saving main message, encoded with scheme 1 LibClamAV debug: Saving attachment in /tmp/clamav-c7f9cad348796050/textportion LibClamAV debug: Saving attachment as /tmp/clamav-c7f9cad348796050/textportionn1nbHg (2189 bytes long) LibClamAV debug: blobDestroy Nothing more and /tmp is growing. Don't find something useful in mail archives list. miss something ? Thanks for you help --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] [PATCH] clamav-milter --max-child-wait
Joe Maimon wrote: > This is actualy a lot worse than I thought. > > Apr 27 04:25:50 nameserver2 clamav-milter[4431]: ClamAv: private data > not NULL > Apr 27 04:25:50 nameserver2 clamav-milter[4417]: ClamAv: private data > not NULL > Something obviously went horribly wrong. > > Patches at http://www.jmaimon.com/clamav > > (the ClamAv: private data not NULL are libmilter errors. I think the > reason they occur is because sendmail places the mail filter into error > state and closes the connection. Therefore I do not yet see how > clamfi_cleanup would get called) Those milter errors have been in every version of ClamAV I've ever used, since early September last year. I found that setting a higher max-children threshold helped the situation for me - milter processes still hang all the time, but eventually they do die, and as long as one doesn't actually hit max-children, the system as a whole keeps on working. It would be really nice to actually have the bug fixed properly though, rather than resorting to work-rounds like that. Mike. --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] error on make in OS X/Panther clamav
>> I've made some progress, running $export SED=sed seems to fix the original >> error. However I have another problem. The following error message will >> hopefully shed some light on my problems: >> >> >> /usr/bin/ld: -o: multiply specified >> make[2]: *** [libclamav.la] Error 1 >> make[1]: *** [all-recursive] Error 1 >> make: *** [all] Error 2 >> >> >> Am I missing something obvious here? I should probably specify my system >> spec here too: >> >> Running the latest clam av from cvs. >> Mac OSX 10.3.2 (server) running on Xserve >> Installed gmp-4.1.2 without any problems >> >> However make still won't run correctly. My knowledge is fairly limited here >> so unfortunately I'm stuck. > > Huw, > > I think you may be bumping into some version conflicts. > > Can you provide the output of the following? > > % gcc --version && glibtool --version && sed --version && autoconf --version > && automake --version > > richard > The output of said command is: mail4:~ root# gcc --version && glibtool --version && autoconf --version && automake --version && sed --version gcc (GCC) 3.3 20030304 (Apple Computer, Inc. build 1495) Copyright (C) 2002 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ltmain.sh (GNU libtool) 1.5 (1.1220 2003/04/05 19:32:58) Copyright (C) 2003 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. autoconf (GNU Autoconf) 2.57 Written by David J. MacKenzie and Akim Demaille. Copyright 2002 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. automake (GNU automake) 1.6.3 Written by Tom Tromey <[EMAIL PROTECTED]>. Copyright 2002 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. There is one issue however and that is that $sed --version doesn't seem to want to run! I'm looking into why but as I said I'm not hugely experienced in this field. Maybe this is why I'm having problems? Regards Huw --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] How to bypass milter scanning for selectedusers?
On Tue, 13 Apr 2004 16:30:24 +0100 Nigel Horne <[EMAIL PROTECTED]> wrote: > On Tuesday 13 Apr 2004 3:11 pm, Andrei Bucur wrote: > > > can i stop scaning email for selected users ? not from ! > > No-one has ever asked for that before, so the answer is currently no means to do > that. It wood be pretty good to have not only source and destiantion ignore e-mail lists. What about mask([EMAIL PROTECTED] for example) in that lists? and I wood like to ignore scan mail for some subnets. -- Korchmenuk Nickolay 29 Apr 2004 11:16:42 --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Clam assigns wrong virus name??
freshclam is downloading the database to one location and clamav is using an older database in another directory. try running a locate or a find for main.cvd Jim Yes! Everyone pointing in that direction was totally right. I'm actually embarrassed a little now, because it was so obvious. After upgrading to 0.70 I hadn't uncommented the /var/lib/clamav path in clamav.conf, but that is where my freshclam is depositing its files. *duh* Thanks to everyone! This is a great commmunity! Cheers Ralf G. --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users