[Clamav-users] License violation in unrar code
Hi, citing from https://bugzilla.redhat.com/show_bug.cgi?id=334371 While investigating the possible inclusion of a GPL'd unrar package (see Bugzilla 319831), it was discovered that clamav contained a RAR v3 implementation that was copied/derived from the RARlabs unrar source code. Eugene Roshal of RARlabs confirmed that they did not give permission for any RAR v3 implementation to be used under the GPL, only under the unrar license (which is GPL incompatible). Therefore: what is the origin of RAR v3 code? Who gave the permissions to license it under GPLv2+? How can we proceed so that clamav can be used legally? Enrico pgpX3sUrJhUQg.pgp Description: PGP signature ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] (no subject)
On 10/16/07, oboltus [EMAIL PROTECTED] wrote: Hello! I address with a question, the answer on which could not find in FAQ. whether can clamav check on viruses outcoming mail? If yes, as it to realize? thank you in advance. Yes - the solution of course will depend on your mail server, which you make no mention of. OS - Linux RedHat 7.3 MTA - sendmail mailto:[EMAIL PROTECTED] ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] (no subject)
On 10/23/07, oboltus [EMAIL PROTECTED] wrote: Yes - the solution of course will depend on your mail server, which you make no mention of. OS - Linux RedHat 7.3 MTA - sendmail Then you have a range of options, including clamav-milter, MIMEDefang and amavisd-new, to name but a few. -- Please keep list traffic on the list. Rob MacGregor Whoever fights monsters should see to it that in the process he doesn't become a monster. Friedrich Nietzsche ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] (no subject)
Hello! I address with a question, the answer on which could not find in FAQ. whether can clamav check on viruses outcoming mail? If yes, as it to realize? thank you in advance. Yes - the solution of course will depend on your mail server, which you make no mention of. OS - Linux RedHat 7.3 MTA - sendmail Then you have a range of options, including clamav-milter, MIMEDefang and amavisd-new, to name but a few. Could You set an example of practical realization with use clamav-milter? mailto:[EMAIL PROTECTED] ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] (no subject)
On 10/23/07, oboltus [EMAIL PROTECTED] wrote: Could You set an example of practical realization with use clamav-milter? See the documentation/man page/google. -- Please keep list traffic on the list. Rob MacGregor Whoever fights monsters should see to it that in the process he doesn't become a monster. Friedrich Nietzsche ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] possible GPG verify problem
P T schrieb: I downloaded clam av from the clam av site. However when I check the signature I get that basically it isn't a trusted signature. How am I doing this wrong? gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. In order to get rid of that message (and so that the signature actually produces any security benefit) you have to give your GPG installation a means of verifying that the public key it's using for checking the signature can be trusted to be really Tomasz' key. There are two ways to do that: - Either you declare your trust in one of the existing signers on that key. Normally you do that only if you know him or her personally or if it is some well-known and trusted signing authority like CAcert or Heise. Unfortunately, Tomasz' key is not signed by one of the latter. - Or you check for yourself that the key is indeed Tomasz', by verifying the fingerprint: Primary key fingerprint: 0DCA 5A08 407D 5288 279D B434 5482 2DC8 985A 444B and then sign the key with your own GPG key. This is normally done in a face to face meeting where the key owner hands you the correct fingerprint and you check his/her ID, but depending on your security concerns (or lack thereof), other more or less trusted channels such as a publication in a printed magazine or book may be sufficient. HTH T. -- Tilman Schmidt [EMAIL PROTECTED] Phoenix Software GmbH Tel. +49 228 97199 0 Geschäftsführer: W. Grießl Fax +49 228 97199 99 Adolf-Hombitzer-Str. 12 www.phoenixsoftware.de 53227 Bonn, GermanyAmtsgericht Bonn HRB 2934 signature.asc Description: OpenPGP digital signature ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Oversized.PDF
Hi, I get in trouble with the following virus signature: virus was found: Oversized.PDF As I can see, the virus is triggered by pdf.c in conjunction with maxratio config parameter. Until today there has been only (and many) false positives according to this alert. Is there a way to disable or bypass the problem? I don't want to increase the maxratio-parameter to unlimited because it controls zip-files as well. I've got the problem since 2007-02-10. Maybe there is a special signature involved? Can I disable a special signature? Thanks a lot, Urs Here is my config information: --- clamd daemon 0.91.2 (OS: linux-gnu, ARCH: i386, CPU: i386) Running as user clamav (UID 103, GID 104) Log file size limit disabled. Reading databases from /var/clamav Not loading PUA signatures. Loaded 293678 signatures. Unix socket file /var/run/clamav/clamd Setting connection queue length to 30 Listening daemon: PID: 8437 Archive: Archived file size limit set to 134217728 bytes. Archive: Recursion level limit set to 32. Archive: Files limit set to 4096. Archive: Compression ratio limit set to 999. Archive support enabled. Archive: Blocking archives that exceed limits. Algorithmic detection enabled. Portable Executable support enabled. ELF support enabled. Mail files support enabled. Mail: Recursion level limit set to 16. OLE2 support enabled. PDF support enabled. HTML support enabled. Self checking every 1800 seconds. --- -- Ist Ihr Browser Vista-kompatibel? Jetzt die neuesten Browser-Versionen downloaden: http://www.gmx.net/de/go/browser ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] License violation in unrar code
On Fri, 19 Oct 2007 21:04:03 +0200 Enrico Scholz [EMAIL PROTECTED] wrote: Therefore: what is the origin of RAR v3 code? Who gave the permissions to license it under GPLv2+? How can we proceed so that clamav can be used legally? Hi Enrico, I've answered your questions on @clamav-devel. Best regards, -- oo. Tomasz Kojm [EMAIL PROTECTED] (\/)\. http://www.ClamAV.net/gpg/tkojm.gpg \..._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Tue Oct 23 16:42:18 CEST 2007 ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Vote for ClamAV as the best anti-malware solution
Hi everyone, ClamAV has been nominated for the Best Anti-Malware Solution in the 2008 SC Magazine Readers Trust Awards. Please vote using the link below to make sure that ClamAV is recognized as the best anti-malware solution. These awards recognize the hard work of the ClamAV team and community contributions to the ongoing development of ClamAV and the signature database. http://www.scmagazine.com/us/awards/categories/26137/best-anti-malware-solution/ Happy Voting! Mike __ Mike Guiterman Open Source Community Manager Sourcefire, Inc. (410)423-1930 ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] clamav-milter: timeout during data read
Hello, I've noticed that clamav has some problems. I've found two strange situations (logs): 1) Oct 23 06:46:40 server sendmail[9505]: l9N4kcJE009505: from=[EMAIL PROTECTED], size=24270, class=0, nrcpts=1, msgid=[EMAIL PROTECTED], proto=ESMTP, daemon=MTA, relay=p54ACF66C.dip.t-dialin.net [84.172.246.108] Oct 23 06:46:40 server clamav-milter[7502]: /tmp/clamav-06caa41c9bc06f15eb78a6234dc2fb90/msg.U2hvF8: Worm.SomeFool.D FOUND Oct 23 06:46:40 server sendmail[9505]: l9N4kcJE009505: Milter add: header: X-Virus-Scanned: ClamAV 0.91.2/4568/Tue Oct 23 06:23:16 2007 on smtp.domain Oct 23 06:46:40 server sendmail[9505]: l9N4kcJE009505: Milter add: header: X-Virus-Status: Infected with Worm.SomeFool.D Oct 23 06:50:40 server sendmail[9505]: l9N4kcJE009505: Milter (clamav): timeout during data read Oct 23 06:50:40 server sendmail[9505]: l9N4kcJE009505: Milter (clamav): to error state Oct 23 06:50:46 server sendmail[9505]: l9N4kcJE009505: Milter add: header: X-Spam-Flag: YES ... It seems to me all messages with virus timed out (why?). 2) Oct 22 18:26:42 server sendmail[3965]: l9MGQgoK003965: from=[EMAIL PROTECTED], size=5702, class=0, nrcpts=1, msgid=[EMAIL PROTECTED], bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=dahlia.mendelu.cz [195.178.72.10] Oct 22 18:30:42 server sendmail[3965]: l9MGQgoK003965: Milter (clamav): timeout during data read Oct 22 18:30:42 server sendmail[3965]: l9MGQgoK003965: Milter (clamav): to error state Oct 22 18:30:53 server sendmail[3965]: l9MGQgoK003965: Milter add: header: X-Spam-Status: No, hits=-0.4/5.0 learn=no ... Users report this happen usually with bigger e-mails. Mailer client show them error message (client time out - but sendmail deliver the mail) so they resend it second time without problem. I have no problematic e-mail. My configuration: CentOS 4.5: sendmail 8.13.1-3.2.el4, clamav 0.91.2 (self-compiled), XFS fs clamav configuration: ./configure --prefix=/some/path --sysconfdir=/etc --enable-milter --with-dbdir=/home/clamav --enable-bigstack --enable-id-check --disable-clamuko --with-tcpwrappers --disable-zlib-vcheck I'm running clamav-milter this way: /some/path/clamav-milter -fdNH local:/var/run/clamav/milter.sock sendmail config (clamav related): O InputMailFilters=clamav,spamassassin Xclamav, S=local:/var/run/clamav/milter.sock, F=, T=C:15;S:4m;R:4m;E:10m Thanks for some hint Luf ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Vote for ClamAV as the best anti-malware solution
On Oct 23, 2007, at 8:32 AM, Mike Guiterman wrote: ClamAV has been nominated for the Best Anti-Malware Solution in the 2008 SC Magazine Readers Trust Awards. Please vote using the link below to make sure that ClamAV is recognized as the best anti-malware solution. These awards recognize the hard work of the ClamAV team and community contributions to the ongoing development of ClamAV and the signature database. http://www.scmagazine.com/us/awards/categories/26137/best-anti- malware-solution/ While this might be a nice idea, an attempt to vote takes one to a registration page with a captcha, which is almost immediately covered up by a huge panel of sponsored links which makes it impossible to actually cast a vote. So much for HMTL design... -- -Chuck ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Vote for ClamAV as the best anti-malware solution
I went there to cast a vote, too. I couldn't find any statement of how they would use my e-mail address. I closed the window without voting. Chuck Swiger wrote: On Oct 23, 2007, at 8:32 AM, Mike Guiterman wrote: ClamAV has been nominated for the Best Anti-Malware Solution in the 2008 SC Magazine Readers Trust Awards. Please vote using the link below to make sure that ClamAV is recognized as the best anti-malware solution. These awards recognize the hard work of the ClamAV team and community contributions to the ongoing development of ClamAV and the signature database. http://www.scmagazine.com/us/awards/categories/26137/best-anti- malware-solution/ While this might be a nice idea, an attempt to vote takes one to a registration page with a captcha, which is almost immediately covered up by a huge panel of sponsored links which makes it impossible to actually cast a vote. So much for HMTL design... ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Vote for ClamAV as the best anti-malware solution
Dean Brunson wrote: I went there to cast a vote, too. I couldn't find any statement of how they would use my e-mail address. I closed the window without voting. Ditto - a data harvesting page if ever I've seen one. I think the least useful piece of info you can leave on that page is your vote. dp ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Vote for ClamAV as the best anti-malware solution
I used a junk e-mail account, they only use the e-mail for vote verification. So far, no spam. If I get any before the voting closes, I'll report it back. Thanks, Michael Dean Brunson wrote: I went there to cast a vote, too. I couldn't find any statement of how they would use my e-mail address. I closed the window without voting. Chuck Swiger wrote: On Oct 23, 2007, at 8:32 AM, Mike Guiterman wrote: ClamAV has been nominated for the Best Anti-Malware Solution in the 2008 SC Magazine Readers Trust Awards. Please vote using the link below to make sure that ClamAV is recognized as the best anti-malware solution. These awards recognize the hard work of the ClamAV team and community contributions to the ongoing development of ClamAV and the signature database. http://www.scmagazine.com/us/awards/categories/26137/best-anti- malware-solution/ While this might be a nice idea, an attempt to vote takes one to a registration page with a captcha, which is almost immediately covered up by a huge panel of sponsored links which makes it impossible to actually cast a vote. So much for HMTL design... ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] clamav on lotus?
Hello, this is my first post so please be gentle, my boss bough a nice lotus solution, but then he realized that he hadn't bought any anti virus for the smtp, so my questions is... is it possible and safe to get together clamav with lotus 7.0.2? the smtp and the lotus are different servers (both on sles sp3) -- Ciao, Javier linux counter #393724 GPG Key Fingerprint = 46B76CFEDB0161089D9ECB22FEFDE7EBA8C2007E ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html