On 10/12/2004 4:51 PM +0200, marvin wrote:
Although it logs the virus to the /var/log/clamd.log, I would like it added
to the header e.g.
X-Virus-Flag: Yes - Worm.SomeFool.P
Any ideas how I can achieve this ?
Marvin
Clamav detects viruses.
Other software does the tagging/reporting/ect based on clam
Hi all,
is it possible to have detailed information ( such as sender, recipients,virus
type/name etc)
in the clamad.log when a virus is detected ?
I'd like know this information in order to produce virus detecting statistics.
Thanks in advance
Federico.
_
On Wed, 2004-10-13 at 11:49 +0200, Cali Federico wrote:
> Hi all,
> is it possible to have detailed information ( such as sender, recipients,virus
> type/name etc)
> in the clamad.log when a virus is detected ?
> I'd like know this information in order to produce virus detecting statistics.
Clama
Good Morning!
I've built a gateway using sendmail, clamav and spamassassin. After
setting the MX records for a test domain to go through this box, the
spam is rolling in! ;-) Then, I threw a virus at it. The resulting
behavior is nothing like what I expected...
1) sendmail receives message, c
Scott Rothgaber wrote:
Good Morning!
I've built a gateway using sendmail, clamav and spamassassin. After
setting the MX records for a test domain to go through this box, the
spam is rolling in! ;-) Then, I threw a virus at it. The resulting
behavior is nothing like what I expected...
1) send
On Wed, Oct 13, 2004 at 08:34:56AM -0400, Scott Rothgaber said:
> Good Morning!
>
> I've built a gateway using sendmail, clamav and spamassassin. After
> setting the MX records for a test domain to go through this box, the
> spam is rolling in! ;-) Then, I threw a virus at it. The resulting
>
Thanks for all your tips, but as it turned out, upon retrying from the
site, it worked this time. I had no need to alter any settings on my end.
Cheers
david thompson wrote:
I would like to download clamav. however using adblock in mozilla
stops the ability to download.
Are there any other pla
Stephen Gran wrote:
Why is clmilter just adding headers and passing the message on, instead
of 5xx'ing the virus?
That's what *I* want to know! ;-)
Joe suggested that spamd be told not to scan locally-generated messages.
First of all, I didn't see any options that address this in 'man spamd'.
Se
On Wed, Oct 13, 2004 at 09:26:08AM -0400, Scott Rothgaber said:
> Stephen Gran wrote:
>
> >Why is clmilter just adding headers and passing the message on, instead
> >of 5xx'ing the virus?
>
> That's what *I* want to know! ;-)
>
> Joe suggested that spamd be told not to scan locally-generated me
I'm using:
- postfix
- AMaViS-new
- ClamAV
Do you know some tools that allow to obtain statistics about viruses detected.
I know sawmill that ( reading the sw information )is able to analyze ClamAv log.
But using the trial version It seem don't recognize the log format.
thanks
Federico
___
Stephen Gran wrote:
Well, really, it looks like something sendmail is failing to do.
Thanks, Stephen! Here's what I have in .mc (wrapped)...
INPUT_MAIL_FILTER(`clmilter',`S=local:/var/run/clamav/clmilter.sock,
F=,T=S:4m;R:4m')
INPUT_MAIL_FILTER(`spamassassin',
`S=local:/var/run/spam
On Wed, Oct 13, 2004 at 09:38:03AM -0400, Scott Rothgaber said:
> Stephen Gran wrote:
>
> >Well, really, it looks like something sendmail is failing to do.
>
> Thanks, Stephen! Here's what I have in .mc (wrapped)...
>
> INPUT_MAIL_FILTER(`clmilter',`S=local:/var/run/clamav/clmilter.sock,
>
Cali Federico wrote:
> I'm using:
> - postfix
> - AMaViS-new
> - ClamAV
>
> Do you know some tools that allow to obtain statistics about viruses detected.
> I know sawmill that ( reading the sw information )is able to analyze ClamAv log.
> But using the trial version It seem don't recognize the l
Stephen Gran wrote:
On Wed, Oct 13, 2004 at 09:38:03AM -0400, Scott Rothgaber said:
Stephen Gran wrote:
Well, really, it looks like something sendmail is failing to do.
Thanks, Stephen! Here's what I have in .mc (wrapped)...
INPUT_MAIL_FILTER(`clmilter',`S=local:/var/run/clamav/clmi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
>
>
> Stephen Gran wrote:
>
> >
> I read the FP as saying that after a virus is found sendmail-submit is
> called which should only happen if a notification is being sent.
>
> ___
> http://lists.clamav.net/
Here are the log entries from the test (trimmed and wrapped)...
sm-mta[11069]: i9DFeFAr011069: from=<[EMAIL PROTECTED]>,
size=337, class=0, nrcpts=1,
msgid=<[EMAIL PROTECTED]>, proto=ESMTP,
daemon=IPv4, relay=neors.cat.cc.md.us [204.153.79.3]
clamd[9893]: stream: ClamAV-Test-Signature FOUND
s
On Tue, 2004-10-12 at 18:56, [EMAIL PROTECTED] wrote:
> On Tue, 12 Oct 2004, Scott Rothgaber wrote:
> > Doug Hardie wrote:
> >
> > > have encountered quite a few situations in the last month where clamav
> > > just stopped working properly and had to be manually restarted.
> >
> > I had the same
[EMAIL PROTECTED] wrote:
Are you using the -outgoing switch in clamav-milter ?
No. I'm going to do another test and post the headers.
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
On Tue, 2004-10-12 at 21:11, Philip Ross wrote:
> Philip Ross wrote:
> > Another change to the HAVE_POLL code in clamd/others.c has now been
> > checked in to CVS:
> >
> > http://cvs.sourceforge.net/viewcvs.py/clamav/clamav-devel/clamd/others.c?r1=1.18&r2=1.19
> >
> >
> > I haven't yet tried th
On Wed, 13 Oct 2004 17:34:28 +0100 in [EMAIL PROTECTED]
Trog <[EMAIL PROTECTED]> wrote:
> > Can anyone else confirm that this is still a problem with 0.80rc4?
> >
> > Are the developers aware of this issue? Is there a fix pending?
>
> I've never used exiscan, but it sounds like a bug in exis
I guess I don't understand the question. I hate to
sound dense, but could you restate? Also, be aware
that I'm no mail genius.
--- [EMAIL PROTECTED] wrote:
> > Somewhere between Exim and Cyrus, selected emails
> are disappearing. I don't know what the criterion
> is for the emails coming up mis
On Wed, 2004-10-13 at 15:53 +0200, Wolfgang Cernohorsky wrote:
> Cali Federico wrote:
>
> > I'm using:
> > - postfix
> > - AMaViS-new
> > - ClamAV
> >
> > Do you know some tools that allow to obtain statistics about viruses detected.
> You can try "amavis-stats"[1] if you like graphs, e.g.
> htt
Hey group,
Was curious if there is a website the shows a chart of which companies, and clam, rate
in terms of updating their Virus Definitions. I need to put some documentation
together for my director. Thanks!
- Jeff
___
http://lists.clamav.net/cg
On Wed, Oct 13, 2004 at 11:47:37AM -0400, Scott Rothgaber said:
> Here are the log entries from the test (trimmed and wrapped)...
Take a look:
i9DFeFAr011069: from=<[EMAIL PROTECTED]>
to=<[EMAIL PROTECTED]>
Milter: data, reject=554 5.7.1 ClamAV-Test-Signature
> Do you really want to keep all the viruses people send you?
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> > > I had the same problem with spamass-milter a while back. What you need
> > > is a "watchdog" script, something like this...
> > >
> >
> > We had a problem similar to this this week, however, the problem wasn't
> > due to a dead/core'd process. clamdscan actually hung for one reason or
> >
On Wed, 13 Oct 2004, Greg T. wrote:
> I guess I don't understand the question. I hate to
> sound dense, but could you restate? Also, be aware
> that I'm no mail genius.
> --- [EMAIL PROTECTED] wrote:
>
> > > Somewhere between Exim and Cyrus, selected emails
> > are disappearing. I don't know
>From /etc/exim.conf:
[snip]
acl_check_content:
# Reject virus infested messages.
deny message = This message contains malware
($malware_name)
demime = *
malware = */defer_ok
deny message = This message contains malformed MIME
($demime_reason)
demime = *
con
As I understand it, here is the flow:
fetchmail -> exim -> cyrus
The clam and spam stuff gets done while exim is
processing.
There are lines of code in the configuration file
which tell clam and spam what and how to process.
acl_check_content:
# Reject virus infested messages.
deny messa
On 10/13/2004 03:51 PM, Greg T. wrote:
As I understand it, here is the flow:
fetchmail -> exim -> cyrus
The clam and spam stuff gets done while exim is
processing.
There are lines of code in the configuration file
which tell clam and spam what and how to process.
acl_check_content:
# Reject viru
On Wed, Oct 13, 2004 at 11:51:14AM -0700, Greg T. said:
> As I understand it, here is the flow:
>
> fetchmail -> exim -> cyrus
Yes.
> The clam and spam stuff gets done while exim is processing.
Yes.
> There are lines of code in the configuration file which tell clam and
> spam what and how to
Greg T. wrote:
As I understand it, here is the flow:
fetchmail -> exim -> cyrus
The clam and spam stuff gets done while exim is
processing.
There are lines of code in the configuration file
which tell clam and spam what and how to process.
acl_check_content:
# Reject virus infested messages.
de
Trog wrote:
I've never used exiscan, but it sounds like a bug in exiscan (or a
configuration issue).
The issue started occurring (for several people on this list) between
0.80rc2 and 0.80rc3.
According to others, the change that broke it was
http://cvs.sourceforge.net/viewcvs.py/clamav/clamav-de
Brian Morrison wrote:
I'm using Exim 4.43, with exiscan-acl-4.43-28, and all of my incoming
mail has the added X-Scan-Signature header that Exim adds in there to
show that the scanning occurred. I have seen no indication that this is
not happening and I can find nothing in my mail or Exim logs that
On Wed, 13 Oct 2004 21:10:45 +0100 in [EMAIL PROTECTED] Philip
Ross <[EMAIL PROTECTED]> wrote:
> I'm running the Exim/Exiscan package that comes with Fedora Core 2
> (Exim-4.33 with exiscan-acl-4.33-20).
>
> I've just compared the clamd code between exiscan-acl-4.33-20 and
> exiscan-acl-4.3
Philip Ross wrote:
I've just compared the clamd code between exiscan-acl-4.33-20 and
exiscan-acl-4.33-28 and found the following (which looks like it could
be the cause of the problem):
(that should have been exiscan-acl-4.43-28 rather than 4.33-28 in the above)
I've now rebuilt my exim-4.33 pack
On Wed, 13 Oct 2004 22:05:01 +0100 in [EMAIL PROTECTED] Philip
Ross <[EMAIL PROTECTED]> wrote:
> This fix is in exiscan-acl-4.34-21.patch and later.
That explains it then, I have never used earlier than the -21 patch.
I always build exim from source or from a source rpm myself, the latter
by me
I installed 0.80rc3, and when I try to run freshclam I get the
following:
freshclam --user=defang
ClamAV update process started at Wed Oct 13 19:08:21 2004
main.cvd is up to date (version: 27, sigs: 23982, f-level: 2, builder:
tomek)
Downloading daily.cvd [*]
ERROR: Verification: Broken or not a C
Tim Boyer wrote:
> Downloading daily.cvd [*]
> ERROR: Verification: Broken or not a CVD file
> Giving up...
>
> I went to rc4 last night in the hope that it would be fixed, but I'm
> getting the same error.
This is answered in the archives. Can't think of the cause offhand.
Matt
_
Hi there
I'm running clamav 0.80rc4 and have just had our Qmail-Scanner system
spit the dummy on a message because clamdscan was exiting error status 2
with the message "Bad format or broken data ERROR".
I'm going to guess that the message was corrupt in some way that
clamdscan didn't like - th
On Thu, 14 Oct 2004 01:21:47 +0100, Matt <[EMAIL PROTECTED]> wrote:
>Tim Boyer wrote:
>
>> Downloading daily.cvd [*]
>> ERROR: Verification: Broken or not a CVD file
>> Giving up...
>>
>> I went to rc4 last night in the hope that it would be fixed, but I'm
>> getting the same error.
>
>
> This is
--On Wednesday, October 13, 2004 12:52 PM -0500 Jeff Bilder is rumoured to
have written:
Hey group,
Was curious if there is a website the shows a chart of which companies,
and clam, rate in terms of updating their Virus Definitions. I need to
put some documentation together for my director. Tha
42 matches
Mail list logo
