Re: [Clamav-users] Problem with big mails
> Chuck Swiger wrote: > > It's certainly possible for a large Word/Excel/whatever file to be > > infected, but they aren't very common. Out of the 400+ viruses > > quarantined over the past week or so on one of my mail servers, the > > average size was 11KB, and the largest malicious email was 116KB (it > > contained Worm.Bagle.pwd-eml). > > On Thu, 2007-03-29 at 14:17 -0500, Michael Brown wrote: > I have to agree, in the technical sense that if you allow larger > attachments it really starts to sap the resources. I originally allowed > 400MB attachment scanning and it would really load down the server at > times. I set it back to default setting of 10MB and resource usage was > much better. I figured like you, that most of the virus out there come > in small packages. Any larger and the virus writer couldn't spread the > virus because the huge files would clog up all the e-mail servers. > Unless that was the intention to begin with, in which case clamav would > still move along, just a lot of virus would be ignored, but all the > others would be caught. Better to have to deal with 1 big virus than > the other 100 little ones out there. > And Clamav* may NEVER be the only virusscanning software you depend on So if the large >10MB file is infected let the desktop/fileserver/... scanning tool detect that one. * insert any other virus scanning program. -- With kind regards, Maurice Lucas TAOS-IT ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] FYI : recent clamav db updates, Google groups
Hello, > > OT, is there a possibility of moving this list to google groups? > > Archiving and search features there is really nice :) > > We are planning moving the MLs this month (though not to Google :-) ). There is a online archive of this ML at http://marc.theaimsgroup.com/ with kind regards, Maurice Lucas TAOS-IT --- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] freshclam update and the minute of the hour
Hello, Would it be possible to post on the website of clamav a subpage with a graphic representation of the folowing data. time amount of freshclamupdates 0 * 1 *** 2 * 3 * 4 5 .. 59* So everybody could check to see which times on the hour (for all the cron-users) would be "nice" to run freshclam on. In this example 4 minutes past the hour is a nice time. I'm updating on 22 past the hour but maybe there are a lot of people updating at random on this time. I would love to donate 1 to 2 GB bandwidth/month on a 10mbit connection. Thats all I could donate. So if there is in the future a new way to donate a fixed amount of bandwidth . With kind regards and keep up the good work, Met vriendelijke groet, Maurice Lucas TAOS-IT --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 13. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] OT - embedded message/rfc822 mimeparts in messageson this list
From: "Tomasz Papszun" <[EMAIL PROTECTED]> Sent: Wednesday, October 20, 2004 9:39 AM On Tue, 19 Oct 2004 at 19:51:48 -0500, Damian Menscher wrote: On Tue, 19 Oct 2004, Daniel J McDonald wrote: >Am I the only one who sees several of the posters with embedded: > >Content-Type: message/rfc822 > [...] Yes, I'm seeing them, and they're annoying as hell. Most of them seem to be from Trog, thought the other poster that said they were forwarded That's strange as none of messages from Trog to clamav-users (as delivered to my mailbox) contains rfc822. So maybe some local problem at your sites?... The problem cames because of --===0453890036== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-Shp30pRQqE5b/5PuEPY1" --=-Shp30pRQqE5b/5PuEPY1 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable and everybody with the following signature has this problem. At least the most of the time ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users With kind regards, Met vriendelijke groet, Maurice Lucas TAOS-IT ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] please fix your freshclam setup
From: "Filbert" <[EMAIL PROTECTED]> Sent: Monday, November 01, 2004 2:52 PM > On Monday 01 November 2004 13:25, Ralf Bosz wrote: > > Luca, > > > > > > > > # freshclam -v > > Current working dir is /var/lib/clamav > > Max retries == 3 > > ClamAV update process started at Mon Nov 1 13:24:56 2004 > > TTL: 900 > > main.cvd version from DNS: 27 > > Software version from DNS: 0.80 > > main.cvd is up to date (version: 27, sigs: 23982, f-level: 2, builder: > > tomek) TTL: 900 > > daily.cvd version from DNS: 566 > > daily.cvd is up to date (version: 566, sigs: 2093, f-level: 3, builder: > > ccordes) Freeing option list...done > > > > freshclam.conf was not upgraded from 075 to 0.80 on our server when I did > upgrade the package. > I had to copy it manually to /usr/local/etc to make it work with the DNS > option mentioned. My install isn't checking DNS. # cd /usr/local/src/clamav-0.80/freshclam/ # ./freshclam -V ClamAV 0.80/566/Sun Oct 31 20:06:02 2004 # ./freshclam -v Current working dir is /usr/local/share/clamav Max retries == 3 ClamAV update process started at Mon Nov 1 15:11:18 2004 Connected to database.clamav.net (62.210.153.202). Reading CVD header (main.cvd): OK main.cvd is up to date (version: 27, sigs: 23982, f-level: 2, builder: tomek) Connected to database.clamav.net (62.210.153.202). Reading CVD header (daily.cvd): OK daily.cvd is up to date (version: 566, sigs: 2093, f-level: 3, builder: ccordes) Freeing option list...done I don't have a /etc/freshclam. Why isn't my install checking the DNS? With kind regards, Met vriendelijke groet, Maurice Lucas TAOS-IT ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] Is this a bug with virus database or updatescripts ???
On Thu, 2005-03-31 at 19:22 -0800, Joanna Roman wrote: --- "Securiteinfo.com" <[EMAIL PROTECTED]> wrote: > Hello, > > Le vendredi 1 Avril 2005 00:50, Joanna Roman a > crit : > > I noticed that a lot of virus sigs are not > available > > in the virus database. For example, I tried to > search > > in the virus database > > > (http://clamav-du.securesites.net/cgi-bin/clamgrok) > > for HTML.Phishing.Bank-156, which is in the latest > > updates > > > (http://lurker.clamav.net/message/20050331.095845.0b407689.en.html) > > but it is not there! > > To check if the virus database include a particular > virus signature please > use : > sigtool -l|grep name_of_virus > > eg : > sigtool -l|grep HTML.Phishing.Bank-156 > > The result is yes, HTML.Phishing.Bank-156 is in the > virus database. > > Regards, > > Arnaud > ___ > http://lurker.clamav.net/list/clamav-users.html > But when it did not show up in the search result ?? Try search it at the following link and you would get nothing ... ! http://clamav-du.securesites.net/cgi-bin/clamgrok A search on this page for Phishing.Bank gives back 5 results but sigtool -l |grep Phishing.Bank|wc -l gives 163 Phishing.Bank results. Conclusion the cgi script is corrupt and not clamav This is also the answer to the other question from you "What's wrong with the database" Maurice Lucas ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] benchmarks for a LARGE site?
From: "Damian Menscher" <[EMAIL PROTECTED]> Sent: Friday, May 06, 2005 7:05 AM My silly university spent $0.5M on a commercial product to perform spam and virus filtering (they have the "if it costs that much, it MUST be good" mentality). And, just after they put it into production, Sober.P came out and knocked it flat. After a couple days with multi-hour email delays, people are pretty pissed. And I smell opportunity Nobody says clamav is for free. The development team really loves a donation of say 10%, and if your university finds that to cheap say 20% of the $0.5M. ;) I see stupid management everywhere, not just clamav related. With kind regards, Maurice Lucas ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] [OT] Rbl listing
On Wed, 2006-03-01 at 23:01 -0600, Mar Matthias Darin wrote: > Hello, > > Matt Fretwell writes: > > > Good job I was just testing this rbl with a warn status on the > > mailserver :) > > I 've found using a warn for RBLs to be the best approach. As to the > unofficial sigs I'm hold off until more testings is done. I have to > question the integrity of using them in a virus scanner virsus a spam > scanner... I am open to further evaluation on this though... I don't "trust" a spam signature as much as a virus signature. My clamav is direct on SMTP level and returns a 5xx error if you send me a virus. If I load the unofficial signatures then they will also give my mail messages a 5xx error. I would like to see more like a spamassassin plugin kind of a sollution. So ClamAV is still the AV as it is on the moment and gives away enough reason to issue a 5xx error on every email if it contains a virus. Spamassassin is called and asks ClamSA (a clam spamassassin plugin) loaded with the unofficial signatures if a given message could be a (phishing) spam message. And receive 3 or 4 out of the 5 points. This way we are safe for FP from the unofficial signatures and we get less spam in our inbox. Maurice Lucas TAOS-IT ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Small number of ClamAV known viruses ?
On Tue, 2006-07-18 at 07:39 -0700, Dennis Peterson wrote: > Zvi Kave wrote: > > Why ClamAV has significally small number of known viruses > > in comparison to other AV software ? > > There's only a small number of viruses in the wild. MS-DOS viruses from > 10 years ago are not likely to pose a problem any longer. Having them in > your database only allows you to inflate your virus pattern numbers so > that people who are impressed by big numbers will be impressed. For example big memory usage numbers ;) I like big numbers in IT but I like big numbers on my bank account more -- With kind regards, Maurice Lucas TAOS-IT ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Rewrite subject and remove virus questions
On Wed, 2006-08-09 at 11:32 -0300, Alejandro wrote: > Dear all, > > Finally I could install my first mail server with > sendmail+clamav+clamav-milter among others packages. Because I'm a > newbie I have these two short questions: > > 1) Does clamav remove virus from mail messages or it just scan and warn > about virus ??? > scan en warn > 2) How can I rewrite the subject of infected mails with a **VIRUS** > banner in order to process them with Procmail ??? How? Don't know Why do you want that? Please don't open this mail and delete this mail. .. -- With kind regards, Maurice Lucas TAOS-IT ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Zip module failure ERROR
Hello, I get the message "Zip module failure ERROR" in my clamd logfile. I use 0.88.4 I have (un)zip installed Does anybody have a glue? Is clamd calling an external zip probram or has it a internal one? -- With kind regards, Maurice Lucas TAOS-IT ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Freshclam stability as a daemon [was: DB Update email before actual update available?]
On Fri, 2006-12-29 at 12:31 +, G.W. Haywood wrote: > Hi there, > > Some time ago somebody wrote, and somebody else replied: > > >>>> Why not just run freshclam as a daemon? > >>> Then you really need to have a daemon watcher to keep it going. > > Talk of freshclam dying gives me some discomfort, yet in almost two > years running freshclam as a daemon on two - not particularly busy - > servers I've never seen it fail. It uses around a megabyte of memory > on a machine with 2G of RAM and, doing hourly updates, it takes maybe > three seconds of CPU per month on a 1GHz twin-processor Pentium box. > > Naturally if freshclam dies we can expect people to mention it. I'm > calling for those who run freshclam as a daemon and who don't see any > problems with it to chip into this thread. How many of us are there? > > Here are the non-comment line in my config in case it has a bearing: > > DatabaseDirectory /var/lib/clamav > UpdateLogFile /tmp/.clam/freshclam.log > LogVerbose > LogSyslog > PidFile /var/run/clam/freshclam.pid > DNSDatabaseInfo current.cvd.clamav.net > DatabaseMirror db.uk.clamav.net > DatabaseMirror database.clamav.net > MaxAttempts 5 > Checks 24 > > Here's how I start it: > > /usr/local/bin/freshclam -d --daemon-notify=/etc/mail/clamav/clamd.conf > > Does anyone have any clues to the reasons behind freshclam's apparent > unreliability under some circumstances? Bad DB servers? Mail load? > Swap? Locking? Conflict with other processes? OS? Libraries? ... I had freshclam working from cron and after switching to the daemon mode some while back it did hang on 1 server. Freshclam daemon was up but wasn't downloading new db's. A kill and restart of freshclam daemon did the job and I have never experienced it again. The reason is unknown for now. -- With kind regards, Maurice Lucas TAOS-IT ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Re: Freshclam stability as a daemon [was: DB Update email before actual update available?]
On Sat, 2006-12-30 at 14:39 +, G.W. Haywood wrote: > Hi there, > > On Sat, 30 Dec 2006 Stephen Gran wrote: > > > I have seen freshclam fail several times when run as a daemon, but > > all in exactly the same way - stuck in a read() on a network socket. > > This problem has been fixed for some time, and I have not seen > > another failure since the fix went in. > > That's useful information, thanks. In the changelog I see this, which > seems a little too recent to be described as "fixed for some time". > > == > Mon Aug 7 20:49:48 CEST 2006 > ... > - freshclam/manager.c: fix possible infinite loop when read() fails > in get_database(), spotted by Everton da Silva Marques > == > > Is it the fix to which you refer? > > Can anyone who has seen freshclam hang say whether or not they've seen > it hang after installing a version later than the release of Aug 7 2006? > I believe that this would be version 0.88.4 or later. My freshclam daemon problems could be with a pre 0.88.4 version. It is indead some months ago. -- With kind regards, Maurice Lucas TAOS-IT ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] The EOL tweets
> -Original Message- > From: clamav-users-boun...@lists.clamav.net [mailto:clamav-users- > boun...@lists.clamav.net] On Behalf Of Leonardo Rodrigues > Sent: vrijdag 16 april 2010 13:39 > To: clamav-users@lists.clamav.net > Subject: Re: [Clamav-users] The EOL tweets > > Em 16/04/2010 08:29, Gareth Hopkins escreveu: > > > > Any proactive admin should be monitoring their software mailing lists > so the > > excuse of "We weren't told" or "Why all of > > a sudden" are null and void. > > > > I dont know in which world you live ... but in the REAL world i > live, not all systems are managed by proactive admins. In fact, in the > REAL world, LOTS of systems are just left alone running. And it works > most of the time, despite of all the theorical and practical > considerations against it. I know that isn't right, that isn't secure, > that's not the optimal situation . but thats the REAL situation. If you don't have the time, knowledge, or whatever. Don't be a sysadmin. Being a sysadmin for a PRODUCTION server is a real job. I hire someone to fix my car and repair my roof. Why because I could try and fix something but I know I can't complain if I break something. > > despite of all the warnings, the EOL signature was a bad move in > my opinion. We are talking about a message send to everyone who cares for there system of October 5th, 2009. An old version of ClamAV can't find the newest viruses. The really old ones don't run in the wild anymore. > > > > To the clamav team, thanks for an awesome product :) > > > > here i have to agree with you ... congratulations for clamav team > for its great software. Thanks Clamav for your work With kind regards, met vriendelijke groet, Maurice Lucas TAOS-IT Paulus Buijsstraat 191 2613 HR Delft www.taos-it.nl KvK Haaglanden nr. 27254410 Denk aan het milieu; is het afdrukken van deze e-mail echt noodzakelijk? ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] The EOL tweets
> > It was explicitly stated that clamd will be disabled. > > In which language? http://www.clamav.net/lang/en/2009/10/05/eol-clamav-094/ All ClamAV releases older than 0.95 are affected by a bug in freshclam which prevents incremental updates from working with signatures longer than 980 bytes. You can find more details on this issue on our bugzilla (see bug #1395) This bug affects our ability to distribute complex signatures (e.g. logical signatures) with incremental updates. So far we haven’t released any signatures which exceed this limit. Before we do we want as many users as possible to upgrade to the latest version of ClamAV. Starting from 15 April 2010 our CVD will contain a special signature which disables all clamd installations older than 0.95 – that is to say older than 1 year. This move is needed to push more people to upgrade to 0.95 . We would like to keep on supporting all old versions of our engine, but unfortunately this is no longer possible without causing a disservice to people running a recent release of ClamAV. The traffic generated by a full CVD download, as opposed to an incremental update, cannot be sustained by our mirrors. We plan to start releasing signatures which exceed the 980 bytes limit on May 2010. We recommend that you always run the latest version of ClamAV to get optimal protection, reliability and performance. Thanks for your cooperation! met vriendelijke groet, Maurice Lucas TAOS-IT Paulus Buijsstraat 191 2613 HR Delft www.taos-it.nl KvK Haaglanden nr. 27254410 Denk aan het milieu; is het afdrukken van deze e-mail echt noodzakelijk? ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] The EOL tweets
> > > despite of all the warnings, the EOL signature was a bad move > in > >> my opinion. > > > >We are talking about a message send to everyone who cares for there > >system of October 5th, 2009. > > As pointed out, it was ***NOT*** sent to people running the servers - > you've done the equivalent of Ford putting a notice up in it's > corporate reception and expecting all owners to know about it. Had I > known 6 months ago rather than this morning, I'd not be complaining > for the simple reason that I'd have been able to deal with it. > > >An old version of ClamAV can't find the newest viruses. The really > >old ones don't run in the wild anymore. > > For half the day I've been forced to detect no virus's. Now I'm only > detecting the ones known about up till yesterday. So you don't mind something like Tue Aug 4 15:10:12 CEST 2009 (tk) -- * freshclam, libclamav: work around possible race condition during db updates (bb#1624) Mon Aug 3 14:48:27 CEST 2009 (tk) -- * libclamav/unzip.c: fix detection of encrypted zip files embedded into other files (bb#1660) Fri Jul 31 12:52:08 CEST 2009 (acab) * libclamav/pe.c: fix check for pe32+ Wed Jun 10 18:04:53 CEST 2009 (tk) -- * libclamav: detect and handle archives hidden inside other files (eg. images), which can be unpacked by WinZip, WinRAR and other tools (bb#1554) Reported by ROGER Mickael and Thierry Zoller I'm on multiple mailinglists I don't read every day but are on a ones a week a quick scan. And a lot of them are announce lists for all production critical software I use. If I run a ssh service on my machine, and yes I do, I keep track of the ssh announce list. Why because I hate it to find my root password changed because there was a security update I didn't updated 6 months ago because an apt-get update/upgrade didn't work anymore. met vriendelijke groet, Maurice Lucas TAOS-IT Paulus Buijsstraat 191 2613 HR Delft www.taos-it.nl KvK Haaglanden nr. 27254410 Denk aan het milieu; is het afdrukken van deze e-mail echt noodzakelijk? ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] You have been unsubscribed from the clamav-users mailing list
> Forcefully unsubscribing people is not a fair way to silence them. Not > even > explaining why is even worse. > > Maybe somebody of you will reply "Welcome to world!", but this doesn't > make > you any better at all. Could it be that there where bouncing emails because of the downtime you had? met vriendelijke groet, Maurice Lucas TAOS-IT Paulus Buijsstraat 191 2613 HR Delft www.taos-it.nl KvK Haaglanden nr. 27254410 Denk aan het milieu; is het afdrukken van deze e-mail echt noodzakelijk? ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] (no subject)
> From: clamav-users-boun...@lists.clamav.net [mailto:clamav-users- > boun...@lists.clamav.net] On Behalf Of Jim Preston > Steve Wray wrote: > > Spiro Harvey wrote: > >>> Shame you haven't talked to to others - like havp for example - > before > >>> doing this. > >> > >> The announcement to EOL the old releases was made at the start of > >> october last year. If people using clam as an integral part of their > >> software don't read announcements, what fault is that of the clam > >> developers? > >> > >> They had 6 months to sort it out. > > > > The thing is that there are a few little issues here that, as points > > of law are not clear yet. In what follows words like 'vendor' may not > > be used entirely legally precisely, IANAL, but I am certain that with > > a bit of squinting my meaning will be clear. > > > > I know that in certain jurisdictions, reaching out to someone elses > > computer (ie not your property) and disabling functionality on it > > could constitute a criminal act. > > > > I sincerely hope that someone somewhere under such a jurisdiction > goes > > to the police and reports the Clamav developers for such an offense. > > > > > > Well, prosecution would be justified if ClamAV had actually done > something illegal. What they did was modifiy their signature database > to > support new features with advance notice and the fact that any > particular installation of unsupported software failed to handle it > properly is the onus of the owners / sysadmins of the individual > systems. If you happen to fall into that category, then it is time to > upgrade your system. > If it aint broke - don't fix it People it is broken because YOU didn't want to fix it. There was a message (not everybody saw the message but it was there and every deb, rpm, god knows which format developer/owner/maker who case about his product had 6 months to FIX it so the system wasn't going to break. If you - compiled by hand: it's your problem - installed a deb/rpm and your distro isn't updating because you didn't want to upgrade it: your problem Who are you going to beat if your system is hacked? Debian/ubuntu/RedHat - installed a deb/rpm and your distro isn't updating because your distro is EOL: it's your problem Who are you going to beat if your system is hacked? Debian/ubuntu/RedHat If your lock of the front door is very easy to break open do you want to change locks? People please forget stupid child plays like my uptime is bigger than your uptime. The system broke, because of a good reason(more/beter signatures) so update. If you don't want to update your complete server buy a very small new one ($400) and install only clamav on it or install it with vmware/kvm/xen/ met vriendelijke groet, Maurice Lucas TAOS-IT Paulus Buijsstraat 191 2613 HR Delft www.taos-it.nl KvK Haaglanden nr. 27254410 Denk aan het milieu; is het afdrukken van deze e-mail echt noodzakelijk? ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] (no subject)
> -Original Message- > From: clamav-users-boun...@lists.clamav.net [mailto:clamav-users- > boun...@lists.clamav.net] On Behalf Of lists > Sent: woensdag 21 april 2010 8:10 > To: ClamAV users ML > Subject: Re: [Clamav-users] (no subject) > > On Tue, 2010-04-20 at 20:34 -0700, Jim Preston wrote: > > Well, prosecution would be justified if ClamAV had actually done > > something illegal. > > They did. Releasing 'code' that they new had a potential to harm or > interfere with the operation of systems. It's a clearly defined > CRIMINAL > offence in my part of the world. I suspect that this state of affairs > is > also true in the USA if the case of Gary McKinnon is used as a point of > reference. Perhaps, Jim, you would like to offer the name and address > of > the person pushing this code out if it does not bother you at all? I'm > sure there are a few pissed people in the UK and Europe who would like > to even the score up on behalf of Gary McKinnon. > > It is also clearly a case of blackmail. 'If you don't do this, I will > break that' - again, that is a criminal offence in most parts of the > civilised world. (I do accept that this may have been the work of > *Americans* who may have lower moral and ethical standards than the > rest > of the world). Please show us some evidence that clamav made you install there free product on your server. Why didn't you install "some other product"? Is it your server? Then you have the power to install every product you want onto the machine but YOU choose Clamav and they didn't ordered/payed/beat you to dead if you didn't install there product. met vriendelijke groet, Maurice Lucas TAOS-IT Paulus Buijsstraat 191 2613 HR Delft www.taos-it.nl KvK Haaglanden nr. 27254410 Denk aan het milieu; is het afdrukken van deze e-mail echt noodzakelijk? ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Outdated warning even though it is up to date.
Hello, > I noticed this morning that my systems all report that my clamav is outdate > even though it running the current version 0.96.3. Here is the freshclam > message: > Software version from DNS: 0.96.3 > WARNING: Your ClamAV installation is OUTDATED! > WARNING: Local version: 0.96.1 Recommended version: 0.96.3 DON'T PANIC! Which version are you running 0.96.3 or 0.96.1? met vriendelijke groet, Maurice Lucas TAOS-IT Paulus Buijsstraat 191 2613 HR Delft www.taos-it.nl KvK Haaglanden nr. 27254410 Denk aan het milieu; is het afdrukken van deze e-mail echt noodzakelijk? ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] need to know the scanned file contains .EXE files
> I have requirement that if the scanned archive file contains .EXE > file, i need to delete the archive files itself. > is the a way i can find out the scanned archives contains .EXE file? Check http://untroubled.org/mailfront/plugin-patterns.html for a list with executable content and make a filter using these. No FP for the last few years using these ;) met vriendelijke groet, Maurice Lucas TAOS-IT Paulus Buijsstraat 191 2613 HR Delft www.taos-it.nl KvK Haaglanden nr. 27254410 Denk aan het milieu; is het afdrukken van deze e-mail echt noodzakelijk? ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
