Re: [Clamav-users] Re: clamav-milter sendmail
- Original Message - From: Eric J. Wisti [EMAIL PROTECTED] To: ClamAV users ML clamav-users@lists.clamav.net Sent: Sunday, December 11, 2005 10:46 PM Subject: Re: [Clamav-users] Re: clamav-milter sendmail Do the following: ls -la /var /var/run /var/run/clamav /var/run/clamav/clamd.sock chmod go-w any dirs with w in group or other Be sure that this will not break other things that expect wider permissions on /var/ Or, put the sendmail stuff in it's own directory, like /var/clamav and make sure that it doesn't have any w-bits on anywhere above itself. You will find that there are numerous terse answers and lots of RTFM responses from a wide number of the mailing list members, especially since this is a sendmail operational issue and not a clamav issue. Eric snip Hi Eric if you missed my later post i got it working. looking at logs today and i see over 40 since last night stat=virus HTML.Phishing.Bank-240 detected by ClamAV For those who missed it , i used clamav-milter as the name in sendmail.mc , rebuilt sendmail.cf started clamav, clamav-milter then re-started sendmail (stop start) and no more errors. All i need to do now is RTFM on virus updating via cron. Mark ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Problems Making clamav
Hey all. sorry to bother you with this again. I downloaded the clamav tarball, it definitely contains the clamd package, however, when I try and configure the make files, it Goes normally, and then does the following: config.status: creating libclamav/Makefile sed: -e expression #1, char 306: unknown option to `s' config.status: creating clamscan/Makefile sed: -e expression #1, char 305: unknown option to `s' config.status: creating database/Makefile sed: -e expression #1, char 305: unknown option to `s' config.status: creating docs/Makefile sed: -e expression #1, char 301: unknown option to `s' config.status: creating clamd/Makefile sed: -e expression #1, char 302: unknown option to `s' config.status: creating clamdscan/Makefile sed: -e expression #1, char 306: unknown option to `s' config.status: creating clamav-milter/Makefile sed: -e expression #1, char 310: unknown option to `s' config.status: creating freshclam/Makefile sed: -e expression #1, char 306: unknown option to `s' config.status: creating sigtool/Makefile sed: -e expression #1, char 304: unknown option to `s' config.status: creating etc/Makefile sed: -e expression #1, char 300: unknown option to `s' config.status: creating Makefile sed: -e expression #1, char 296: unknown option to `s' config.status: creating clamav-config sed: -e expression #1, char 306: unknown option to `s' config.status: creating sigtool/Makefile sed: -e expression #1, char 304: unknown option to `s' config.status: creating etc/Makefile sed: -e expression #1, char 300: unknown option to `s' config.status: creating Makefile sed: -e expression #1, char 296: unknown option to `s' config.status: creating clamav-config sed: -e expression #1, char 306: unknown option to `s' config.status: creating libclamav.pc sed: -e expression #1, char 304: unknown option to `s' config.status: creating docs/man/clamd.8 sed: -e expression #1, char 303: unknown option to `s' config.status: creating docs/man/clamd.conf.5 sed: -e expression #1, char 313: unknown option to `s' config.status: creating docs/man/freshclam.1 sed: -e expression #1, char 311: unknown option to `s' config.status: creating docs/man/freshclam.conf.5 sed: -e expression #1, char 321: unknown option to `s' config.status: creating clamav-config.h config.status: clamav-config.h is unchanged config.status: executing depfiles commands [EMAIL PROTECTED] clamav-0.87.1]# And when I try make, it does the following: [EMAIL PROTECTED] clamav-0.87.1]# make make: *** No targets. Stop. [EMAIL PROTECTED] clamav-0.87.1]# Anyone know how to get this done? Thanks in advance Grant No God, No Peace, Know God, Know Peace. ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] No viruses detected ERROR/Temporary quarantine file [...] creation failed
Pete 'Wolfy' Hanson wrote: Using clamav 0.87.1 with clamav-milter 0.87 under sendmail 8.13.5 on Solaris 8, I've started seeing this type of stuff in the clam logs Dec 12 09:18:00 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.MzvOKK creation failed Dec 12 09:18:04 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHWTc024980: /tmp/clamav-2993fbe6371a9f93/msg.sAvOKK: No viruses detected ERROR Dec 12 09:18:02 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.RzvOKK creation failed Dec 12 09:18:02 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.XzvOKK creation failed Dec 12 09:18:02 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.2zvOKK creation failed Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHiNS025141: /tmp/clamav-2993fbe6371a9f93/msg._zvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHWTf024992: /tmp/clamav-2993fbe6371a9f93/msg.aAvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHiN5025133: /tmp/clamav-2993fbe6371a9f93/msg.bAvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHZG8025036: /tmp/clamav-2993fbe6371a9f93/msg.GzvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHaio025041: /tmp/clamav-2993fbe6371a9f93/msg.HzvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHWM5024981: /tmp/clamav-2993fbe6371a9f93/msg.6zvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHrWb025232: /tmp/clamav-2993fbe6371a9f93/msg.vAvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.FAvOKK creation failed Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHhjc025132: /tmp/clamav-2993fbe6371a9f93/msg.5zvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHtlf025246: /tmp/clamav-2993fbe6371a9f93/msg.kAvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.AAvOKK creation failed Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.LAvOKK creation failed followed by clamav-milter no longer working (it needs to be restarted). This is quite similar to a previously reported DoS vulnerability in older versions of clamav: http://www.idefense.com/application/poi/display?id=276type=vulnerabilitiesflashstatus=true That is a different issue. It's not an urgent problem for me since I have some simple monitors that restart clamav-milter as needed. Has your /tmp filesystem become full? -- Pete Hanson -- Nigel Horne. Arranger, Adjudicator, Band Trainer, Composer, Typesetter. NJH Music, Barnsley, UK. ICQ#20252325 [EMAIL PROTECTED] http://www.bandsman.co.uk ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] No viruses detected ERROR/Temporary quarantine file [...] creation failed
On Dec 12, 2005, at 17:18 , Nigel Horne wrote: Pete 'Wolfy' Hanson wrote: Using clamav 0.87.1 with clamav-milter 0.87 under sendmail 8.13.5 on Solaris 8, I've started seeing this type of stuff in the clam logs Dec 12 09:18:00 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.MzvOKK creation failed Normally the home is /var/clamav with tmp being /var/clamav/tmp. This is a permission issue or lack of space as the files should be worked out in the home tmp directory. Dec 12 09:18:04 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHWTc024980: /tmp/clamav-2993fbe6371a9f93/msg.sAvOKK: No viruses detected ERROR Dec 12 09:18:02 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.RzvOKK creation failed Dec 12 09:18:02 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.XzvOKK creation failed Dec 12 09:18:02 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.2zvOKK creation failed Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHiNS025141: /tmp/clamav-2993fbe6371a9f93/msg._zvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHWTf024992: /tmp/clamav-2993fbe6371a9f93/msg.aAvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHiN5025133: /tmp/clamav-2993fbe6371a9f93/msg.bAvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHZG8025036: /tmp/clamav-2993fbe6371a9f93/msg.GzvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHaio025041: /tmp/clamav-2993fbe6371a9f93/msg.HzvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHWM5024981: /tmp/clamav-2993fbe6371a9f93/msg.6zvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHrWb025232: /tmp/clamav-2993fbe6371a9f93/msg.vAvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.FAvOKK creation failed Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHhjc025132: /tmp/clamav-2993fbe6371a9f93/msg.5zvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHtlf025246: /tmp/clamav-2993fbe6371a9f93/msg.kAvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.AAvOKK creation failed Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.LAvOKK creation failed followed by clamav-milter no longer working (it needs to be restarted). This is quite similar to a previously reported DoS vulnerability in older versions of clamav: http://www.idefense.com/application/poi/display? id=276type=vulnerabilitiesflashstatus=true That is a different issue. It's not an urgent problem for me since I have some simple monitors that restart clamav-milter as needed. Has your /tmp filesystem become full? -- Pete Hanson -- Nigel Horne. Arranger, Adjudicator, Band Trainer, Composer, Typesetter. NJH Music, Barnsley, UK. ICQ#20252325 [EMAIL PROTECTED] http://www.bandsman.co.uk ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] LibClamAV Warning: Ignoring empty field in charset=
Nigel Horne wrote: I receive the following output from a daily clamscan: /etc/cron.daily/clamscan: LibClamAV Warning: Ignoring empty field in charset= LibClamAV Warning: Ignoring empty field in charset= --- SCAN SUMMARY --- Known viruses: 41434 Engine version: 0.87.1 Scanned directories: 6566 Scanned files: 71132 Infected files: 0 Data scanned: 1894.82 MB Time: 1962.246 sec (32 m 42 s) It means that a header within the email is syntactically wrong, and that clamAV has made a guess at what it should be. I was able to track the warning down to the offending file which, as you said, was an e-mail that did not properly specify the charset. Thanks for your help. -- Good day, eh. Chris ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] ClamAV and Redhat 8.0
Hi, I have a need to maintain a Redhet 8.0 server and am trying to apply the latest version of Clamav to it. I successfully loaded the 80 rpm from Daag. Is there any other RPM distribution for loading the latest version ? (very nervous about trying to build myself). Thanks JOR ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] ClamAV and Redhat 8.0
John O'Rourke said: Hi, I have a need to maintain a Redhet 8.0 server and am trying to apply the latest version of Clamav to it. I successfully loaded the 80 rpm from Daag. Is there any other RPM distribution for loading the latest version ? (very nervous about trying to build myself). And you're not nervous about trusting a perfect stranger to do it for you? That would make *me* very nervous. It is actually quite easy to roll your own, and repeatable, procedurally. Give it a try - if you fail you can always install an rpm some perfect stranger built. dp ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] ClamAV and Redhat 8.0
John O'Rourke wrote: Hi, I have a need to maintain a Redhet 8.0 server and am trying to apply the latest version of Clamav to it. I successfully loaded the 80 rpm from Daag. Is there any other RPM distribution for loading the latest version ? Assuming upgrading the box is out of question, I think the standard answer would be you can download Dag's SRPM and rebuild it on your RH8 box. (very nervous about trying to build myself). It's actually very easy. But if you're unable to build the SRPM, and for some reason running ./configure make make install from source failed, you can try my binaries on clamav.or.id. The static version should work on any linux x86. Regards, Fajar ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] ClamAV and Redhat 8.0
John O'Rourke wrote: Hi, I have a need to maintain a Redhet 8.0 server and am trying to apply the latest version of Clamav to it. I successfully loaded the 80 rpm from Daag. Is there any other RPM distribution for loading the latest version ? (very nervous about trying to build myself). No need to be. Building for yourself on a mainstream platform such as RedHat (even an out of date one such as 8.0) is painless and will take less time than the search for an RPM will take you. Thanks -- Nigel Horne. Arranger, Adjudicator, Band Trainer, Composer, Typesetter. NJH Music, Barnsley, UK. ICQ#20252325 [EMAIL PROTECTED] http://www.bandsman.co.uk ___ http://lurker.clamav.net/list/clamav-users.html
