Re: [Clamav-users] clamav-milter + sendmail won't talk to each other
At 15:32 04.10.2004 +1000, Simon Christian wrote: Hi all, I've been trying to get clamav-milter working with sendmail 8.13.1 on a linux box for a couple of days, but i continue to get the following error message in the system logs when sending email through it: Oct 4 16:13:04 localhost clamav-milter[16955]: recv failed from clamd getting PORT There are no error message when starting sendmail or clamav-milter. There are no errors, clamav-milter complains about clamd. I start clamav-milter with the following command line: clamav-milter --max-children=2 --quiet -olb local:/temp/clmilter.sock Do you also start clamd? cheers Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
RE: [Clamav-users] clamav-milter + sendmail won't talk to each other
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Simon Christian clamav-milter --max-children=2 --quiet -olb local:/temp/clmilter.sock Please do not use the -b option unless your network has no exposure to the Internet. It is also unlikely that you will need the -o option. Simon -Nigel ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] freshclam - Digital Signatures
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This has been on the list before. You need GMP-devel as well. Jim :-) Dr James Allen EMail : [EMAIL PROTECTED] GnuPG key : ftp://ftp.heartsine.co.uk/hst_gpg_public_keys/jim.allen.hst.gpg.asc On Fri, 1 Oct 2004, Scott Rothgaber wrote: Just built 0.75.1 on FreeBSD 5.2.1 and 'configure' complained that GNU MP was missing. I installed GMP 4.1.4. and re-ran 'configure' but I'm getting the same error... configure: WARNING: ** GNU MP 2 or newer NOT FOUND - digital signature support will be disabled ! What gives? Thanks! Scott ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFBYTHPRdAZy0oJ0LwRAhtpAJ9JjFEhS8Jr2nMMnA64+JPfj6cqrgCeIm3H wNZuWmT6BtGCJyuPkL1eFzc= =uMik -END PGP SIGNATURE- ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] double quarantine?
On Saturday 02 Oct 2004 12:17, christian laubscher wrote: mails containing virus' are kept twice in quarantine; once as 'msg.xx' and once as 'msg.xx.virusname' Fixed in clamav-milter 0.80h. Thanks for pointing this out. -Nigel -- Nigel Horne. Arranger, Composer, Typesetter. NJH Music, Barnsley, UK. ICQ#20252325 [EMAIL PROTECTED] http://www.bandsman.co.uk ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] clamav-milter + sendmail won't talk to each other
Nigel Horne wanted us to know: Please do not use the -b option unless your network has no exposure to the Internet. Agreed. It is also unlikely that you will need the -o option. It might be wise to put a blurb in the documentation why that is so. Personally, I use -ol. I scan outgoing messages because we run webmail and want to make sure our webmail can't be abused for proliferating viruses and other unwanted crap. I can see that many people might not want to scan outbound mail, but I can't say that any of those reasons are really good. Can you explain a bit? -- Regards... Todd We should not be building surveillance technology into standards. Law enforcement was not supposed to be easy. Where it is easy, it's called a police state. -- Jeff Schiller on NANOG Linux kernel 2.6.3-16mdkenterprise 2 users, load average: 0.02, 0.02, 0.00 ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
[Clamav-users] Digital Signatures
Just built 0.75.1 on FreeBSD 5.2.1 and 'configure' complained that GNU MP was missing. I installed GMP 4.1.4. and re-ran 'configure' but I'm getting the same error... configure: WARNING: ** GNU MP 2 or newer NOT FOUND - digital signature support will be disabled ! What gives? Thanks! Scott ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] freshclam - Digital Signatures
[EMAIL PROTECTED] wrote: You need GMP-devel as well. Thanks, and sorry for the double-post. Scott ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] Upgrade to 0.80rc3 breaks Exim malware acl
Patrick Boutilier boutilpj at ednet.ns.ca writes: What happens if you telnet localhost 3310 ? I get a connection with both rc2 and rc3 infinity:/var/log # telnet 127.0.0.1 3310 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. ^] telnet close Connection closed. Also, if you are only listening on localhost why not use a local socket instead? Well mainly because I originally installed it following a mini howto and that was how it was set up there, and if it aint broke... :) Try removing the entries in /etc/clamd.conf for TCPSocket and TCPAddr and use something like this instead: [snip] Hmmm, I get exactly the same symptoms when using a socket. Rc2 works fine, rc3 gives the same error as before (malware acl condition: clamd: unable to read from socket (No such file or directory)). I wonder if it is an exim 4.30/exiscan issue? clamdscan works fine. Thanks Paul ___ Reduce your company's IT costs today with Officemaster. Sign up for a free trial! http://www.officemaster.net ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
[Clamav-users] GMP-Devel - Where?
On Jim's suggestion, I went looking for GMP-Devel. It does not appear to be available anywhere in non-RPM format. I also searched the list archives and didn't see any clear answers. If I built GMP from source, is -devel included? If not, where is the source for -devel? Thanks, Scott - Who is as confused as a baby in a topless bar. ;-) ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] GMP-Devel - Where?
On Mon, 2004-10-04 at 15:09 -0400, Scott Rothgaber wrote: On Jim's suggestion, I went looking for GMP-Devel. It does not appear to be available anywhere in non-RPM format. I also searched the list archives and didn't see any clear answers. If I built GMP from source, is -devel included? Yes, when building from source, the header files are saved so that you can compile other things with the same library. The load the -devel answer applies to RPM based Linux distributions. I don't know what the solution is for FreeBSD. ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] GMP-Devel - Where?
Daniel J McDonald wrote: On Mon, 2004-10-04 at 15:09 -0400, Scott Rothgaber wrote: On Jim's suggestion, I went looking for GMP-Devel. It does not appear to be available anywhere in non-RPM format. I also searched the list archives and didn't see any clear answers. If I built GMP from source, is -devel included? Yes, when building from source, the header files are saved so that you can compile other things with the same library. The load the -devel answer applies to RPM based Linux distributions. I don't know what the solution is for FreeBSD. GMP is already part of base FreeBSD, but worth copying GMP files to /usr/lib/libgmp.* if you have upgraded libgmp. Matt ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] GMP-Devel - Where?
On Jim's suggestion, I went looking for GMP-Devel. It does not appear to be available anywhere in non-RPM format. I also searched the list archives and didn't see any clear answers. If I built GMP from source, is -devel included? Yes, when building from source, the header files are saved so that you can compile other things with the same library. The load the -devel answer applies to RPM based Linux distributions. I don't know what the solution is for FreeBSD. http://www.freebsd.org/cgi/ports.cgi?query=gmpstype=all or pkgsrc.netbsd.org... ;) -- mit vorzüglichster Hochachtung/best regards, Timo Schöler //macfinity -- finest IT services | Triftstrasse 39 | 13353 Berlin | Germany Fon ++49 30 25 20 30 20 | Fax ++49 30 25 20 30 19 PGP data http://www.macfinity.net/~tis/contact/PGPPKB_timo.schoeler.txt ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
[Clamav-users] Re: Delays scanning MS Access db file ?
Just to update my own post: I've since found that clamd is shooting to 99% cpu quite often. I've identified a few files that cause this. For example, I've identified one particular 440k .exe file (aparently an SNES emulator) that takes almost 2 minutes to scan, pegging CPU usage at that time. As a comparison, the latest 12meg mozilla installer .exe scans in about 6 seconds. Production systems are Solaris 8 on sparc, but I've also confirmed on my linux desktop. Am I the only one seeing this ? == Chris Candreva -- [EMAIL PROTECTED] -- (914) 967-7816 WestNet Internet Services of Westchester http://www.westnet.com/ ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] Re: Delays scanning MS Access db file ?
On Mon, Oct 04, 2004 at 04:51:08PM -0400, Christopher X. Candreva wrote: Just to update my own post: I've since found that clamd is shooting to 99% cpu quite often. I've identified a few files that cause this. For example, I've identified one particular 440k .exe file (aparently an SNES emulator) that takes almost 2 minutes to scan, pegging CPU usage at that time. As a comparison, the latest 12meg mozilla installer .exe scans in about 6 seconds. Production systems are Solaris 8 on sparc, but I've also confirmed on my linux desktop. Am I the only one seeing this ? I have a 6Mb e-mail file which takes 9-11 minutes to be scanned with clamscan 0.80rc3 and latest cvs snapshots. Tested in Solaris 7 on Sparc. ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] Re: Delays scanning MS Access db file ?
On Mon, Oct 04, 2004 at 06:25:09PM -0300, Everton da Silva Marques wrote: On Mon, Oct 04, 2004 at 04:51:08PM -0400, Christopher X. Candreva wrote: Just to update my own post: I've since found that clamd is shooting to 99% cpu quite often. I've identified a few files that cause this. For example, I've identified one particular 440k .exe file (aparently an SNES emulator) that takes almost 2 minutes to scan, pegging CPU usage at that time. As a comparison, the latest 12meg mozilla installer .exe scans in about 6 seconds. Production systems are Solaris 8 on sparc, but I've also confirmed on my linux desktop. Am I the only one seeing this ? I have a 6Mb e-mail file which takes 9-11 minutes to be scanned with clamscan 0.80rc3 and latest cvs snapshots. Tested in Solaris 7 on Sparc. I recently started getting mimedang sendmail Milter error state situations, which seemed to be a consequence of clamav taking several minutes or more to scan certain files. This is on multi-cpu 450MHz SPARC 420R systems running Solaris9. Increasing the milter-related timeouts from 1 minute to several minutes seemes to have eliminated many of the errors, however this is more fixing the symptom than the root cause of the problem. Certain files, often several MB though not necessarily, take minutes to scan, instead of seconds. On a off-topic side note, if anyone knows what SMTP related timeout issues come up if a Milter timeout is set to greater than several minutes, I'd be very interested to hear. Does sendmail somehow keep the SMTP session alive even if the Milter is taking longer than the SMTP DATA timeout might be, or am I restricted to the SMTP timeout periods? Mark -- Mark G. Thomas ([EMAIL PROTECTED]) http://www.misty.com/ http://mail-cleaner.com/ ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
RE: [Clamav-users] Re: Delays scanning MS Access db file ?
On a off-topic side note, if anyone knows what SMTP related timeout issues come up if a Milter timeout is set to greater than several minutes, I'd be very interested to hear. Does sendmail somehow keep the SMTP session alive even if the Milter is taking longer than the SMTP DATA timeout might be, or am I restricted to the SMTP timeout periods? My understanding (from attempted understanding behaviour I saw a while ago) is that if sendmail OR the other side times out waiting for a response, you will likely receive multiple copies - the remote MTA see's anything that is not a SUCCESS, as a FAIL, and so considers the message undelivered. This can result in hugely overflowed mailq's ;-) m/ ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users