emoved by hand before you try
>> to reinstall clamav and clamav-daemon. In clamd.conf, make sure you have:
>> User clamav
> I have only uninstalled/reinstalled clamav, not clamav-daemon. I'm now
> removing all logs (why "carefully") and purge and reinstall both, and
> When clamd starts up, if configured to do so, it tries to create a
> Unix socket. I'm pretty sure what is happening in this case is clamd
> is unable to create clamd.ctl due to a permissions or configuration problem.
>
> Make sure the /var/run/clamav directory is owned by clamav before the
> cla
EXTENSION")
>
> Is this evidence you have installed and are using procmail?
Apparently, and as noted above I set procmailrc to have postfix use
spamassassin.
> > Nov 4 07:31:31 teufel postfix/qmgr[21306]: 6C15117B1: removed
> > Nov 4 07:31:31 teufel amavis[2770]: (0
>> Nov 4 06:26:29 teufel amavis[1204]:
>> (01204-07) Clam Antivirus-clamd:
>> Can't connect to UNIX socket /var/run/clamav/clamd.ctl:
>> No such file or directory, retrying (2)
When clamd starts up, if configured to do so, it tries to create a
Unix socket. I'm pretty sure what is
:27 teufel amavis[2770]:
> (02770-03) WARN:
> all primary virus scanners failed, considering backups
> Nov 4 07:31:31 teufel postfix/local[2733]:
> 6C15117B1: to=<[EMAIL PROTECTED]>, relay=local, delay=5,
> status=sent (delivered to command: p
In case anyone who used clam av missed this:
ZDI-05-002: Clam Antivirus Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-05-002.html
November 4th, 2005
-- CVE ID:
CAN-2005-3303
-- Affected Vendor:
Clam AntiVirus
-- Affected Products:
Clam AntiVirus 0.80 thr
Set up a shared imap (public) folder on exchange server.
Users drag spam into that folder.
Look for "sa-learn" for the perl scripts to read it and submit it as
spam.
---
SF.Net email is sponsored by:
Tame your development challenges with Apache
1: to=<[EMAIL PROTECTED]>, relay=local, delay=5,
status=sent (delivered to command: procmail -a "$EXTENSION")
Nov 4 07:31:31 teufel postfix/qmgr[21306]: 6C15117B1: removed
Nov 4 07:31:31 teufel amavis[2770]: (02770-03) Not-Delivered,
<[EMAIL PROTECTED]> ->
Nicklas,
> Is there a somehow "simple" way to let a file pass through the rules. I'd
> like a known filename to to simply pass these checks.
Sure, just place a rule which permits a specific name
before rules that would block it, e.g.:
$banned_filename_re = new_RE(
[ qr'^secret\.exe$' => 0 ],
amavis-stats (0.1.18) stable; urgency=low
0.1.18 Release
* fixed an image issue when using rrdtool 1.2.x where no virus
image is
generated when no graphing data is present during a time period.
* fixed a tab image issue when using PHP4 and no image is generated
or d
Is there a somehow "simple" way to let a file pass through the rules. I'd
like a known filename to to simply pass these checks.
Thanks,
Nicklas B
---
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App S
11 matches
Mail list logo