On 2007-03-03 05:52, Dennis Peterson wrote:
This is an interesting list for what it shows. It is a list from the
last 10,000 viruses caught here where there were 10 or more of a
particular virus caught. Clearly most of them are not viruses at all but
image spam and penny stock scams. Might be
Hello List,
i'm using amavis, spamassassin clamav.
It works fine, but it should not block encrypted archives.
Where can i stop this function ?
With kind regards
Dominik Weber
___
Help us build a comprehensive ClamAV guide: visit
On 2007-03-05 11:21, Weber, Dominik wrote:
Hello List,
i'm using amavis, spamassassin clamav.
It works fine, but it should not block encrypted archives.
Where can i stop this function ?
By reading the manual and editing the clamd.conf
file and setting: (actually the default!)
ArchiveBlockEncrypted
Mark encrypted archives as viruses (Encrypted.Zip,Encrypted.RAR).
Default: disabled
This option is not set in my clamd.conf
But this is the exact messages in the Report Encrypted.Zip and Encrypted.RAR.
ArchiveBlockEncrypted no is the wrong syntax.
On Mon, 2007-03-05 at 12:51 +0100, Weber, Dominik wrote:
ArchiveBlockEncrypted
Mark encrypted archives as viruses (Encrypted.Zip,Encrypted.RAR).
Default: disabled
This option is not set in my clamd.conf
But this is the exact messages in the Report Encrypted.Zip and
I'm Running 0.90.0 and for Debian there is no newer version available
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Trog
Gesendet: Montag, 5. März 2007 12:57
An: ClamAV users ML
Betreff: Re: AW: [Clamav-users] Virus Encrypted.Zip
On Mon,
On Mon, 5 Mar 2007 12:59:19 +0100
Weber, Dominik [EMAIL PROTECTED] wrote:
I'm Running 0.90.0 and for Debian there is no newer version available
No, you are not. And please don't top-post.
--
oo. Tomasz Kojm [EMAIL PROTECTED]
(\/)\.
On Monday 05 March 2007 12:08 am, Dennis Peterson wrote:
I ran it twice and both times it downloaded a new .hdb and .ndb file at
least the 'modified' times were within a couple of minutes of the current
time. I've commented out the
I just now realized you're moving the downloaded file to
Sorry but i don't top-posted.
I've replyed to the last message from Trog.
Here you can see, which version i've still running.
linux:~# clamscan -V
ClamAV 0.90/2725/Mon Mar 5 12:45:35 2007
linux:~# freshclam
ClamAV update process started at Mon Mar 5 13:08:20 2007
WARNING: Your ClamAV
On Mon, 5 Mar 2007 13:09:45 +0100
Weber, Dominik [EMAIL PROTECTED] wrote:
Sorry but i don't top-posted.
You did and you're still doing this.
--
oo. Tomasz Kojm [EMAIL PROTECTED]
(\/)\. http://www.ClamAV.net/gpg/tkojm.gpg
\..._
On Mon, 5 Mar 2007 13:09:45 +0100
Weber, Dominik [EMAIL PROTECTED] wrote:
Sorry but i don't top-posted.
You did and you're still doing this.
--
oo. Tomasz Kojm [EMAIL PROTECTED]
(\/)\. http://www.ClamAV.net/gpg/tkojm.gpg
\..._
On 2007-03-05 13:09, Weber, Dominik wrote:
Sorry but i don't top-posted.
I've replyed to the last message from Trog.
Top-posting != thread hijacking
http://en.wikipedia.org/wiki/Top-post
--
Paul Bijnens, xplanation Technology ServicesTel +32 16 397.511
Technologielaan 21 bus 2,
On 2007-03-05 12:51, Weber, Dominik wrote:
ArchiveBlockEncrypted
Mark encrypted archives as viruses (Encrypted.Zip,Encrypted.RAR).
Default: disabled
This option is not set in my clamd.conf
But this is the exact messages in the Report Encrypted.Zip and Encrypted.RAR.
On 2007-03-05 12:51, Weber, Dominik wrote:
ArchiveBlockEncrypted
Mark encrypted archives as viruses (Encrypted.Zip,Encrypted.RAR).
Default: disabled
This option is not set in my clamd.conf But this is the exact messages
in the Report Encrypted.Zip and Encrypted.RAR.
Chris wrote:
On Monday 05 March 2007 12:08 am, Dennis Peterson wrote:
I ran it twice and both times it downloaded a new .hdb and .ndb file at
least the 'modified' times were within a couple of minutes of the current
time. I've commented out the
I just now realized you're moving the downloaded
Dennis Peterson wrote:
If you use wget rather than curl you can grab both of Steve's files in
one connection rather than two. I'll submit my script to Steve when I
get caught up on things here. It pulls down Sanesecurity and MSRBL files.
I just recalled that curl allows this too with
On 2007-03-05 14:51, Weber, Dominik wrote:
On 2007-03-05 12:51, Weber, Dominik wrote:
well actually, I wrote that.
Seems my thunderbird got messed up, and the message compose
scrambled the from-to-and-maybe-some-other headers.
Very strange. Anyone seen the problem?
I removed the msf file
Weber, Dominik wrote:
On Mon, 5 Mar 2007 13:09:45 +0100
Weber, Dominik [EMAIL PROTECTED] wrote:
Sorry but i don't top-posted.
You did and you're still doing this.
Ahh now i think i know what you mean.
But I don't know, how to configure my Outlook to do that.
Please don't post below the
Tomasz Kojm wrote:
On Mon, 5 Mar 2007 13:09:45 +0100
Weber, Dominik [EMAIL PROTECTED] wrote:
Sorry but i don't top-posted.
You did and you're still doing this.
Maybe instead of being snarly to the non-native English speaker and
accusing him of lying as you did to boot, you could
Hi there,
I'm using the old amavis-0.3.13per2 Version of amavis.
I know it's very old, but there for today is no chance
to install amavis-new or something else.
So my problem is, I'm running clamscan with amavis and
it works, but now I wanted to activate clamd in amavis.
The activated clamd
On Mon, 05 Mar 2007 11:28:06 -0500
Rob Munsch [EMAIL PROTECTED] wrote:
Maybe instead of being snarly to the non-native English speaker and
accusing him of lying as you did to boot, you could take 5 extra seconds
and explain what you mean and help educate him?
Noel Jones wrote:
At 09:35 AM 3/5/2007, Dennis Peterson wrote:
The mv -f ... statement should be a cp ... statement. That will leave
the msrbl files in the directory that rsync uses for downloading and
for comparing versions.
It makes a great deal of sense to move the files into the clam DB
Hello,
you are running an older clamav version (Local version: 0.88.7 Recommended
version: 0.90.1). Nothing to worry about.
On 3/5/07, Morgan Walker [EMAIL PROTECTED] wrote:
Hello,
I am running Debian Sarge and I keep getting this message:
Received signal: wake up
ClamAV update
On Mon, 5 Mar 2007, Dennis Peterson wrote:
It makes a great deal of sense to move the files into the clam DB directory
to insure an atomic operation. If clamd/clamav-milter should happen to
reload with a half-copied file in the DB dir, it will likely stop running.
Yah - I realized that
O.K. Will apt ever upgrade to a new version for me, or will I have to do
it manually?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Miroslav
Strugarevic
Sent: Monday, March 05, 2007 12:08 PM
To: ClamAV users ML
Subject: Re: [Clamav-users] ClamAV
You could try apt-get install ClamAV or whatever is on Debian. It's sure
safer to run newer version for security fixes in the first place. I noticed
ClamAV have some config syntax differences between 0.90.x and 0.88.x so be
prepared. Good luck.
On 3/5/07, Morgan Walker [EMAIL PROTECTED] wrote:
Morgan Walker wrote:
O.K. Will apt ever upgrade to a new version for me, or will I have to do
it manually?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Miroslav
Strugarevic
Sent: Monday, March 05, 2007 12:08 PM
To: ClamAV users ML
Subject: Re:
Yeah, apt-get install clamav just gives me:
clamav is already the newest version.
Not sure what else to do, might have to remove ClamAV all together and
manually install the newer version. Or just wait to see if apt does it
on down the road.
-Original Message-
From: [EMAIL PROTECTED]
Christopher X. Candreva wrote:
On Mon, 5 Mar 2007, Dennis Peterson wrote:
It makes a great deal of sense to move the files into the clam DB directory
to insure an atomic operation. If clamd/clamav-milter should happen to
reload with a half-copied file in the DB dir, it will likely stop
Hi,
WARNING: Local version: 0.88.7 Recommended version: 0.90.1
My /etc/apt/source.list contains the following:
deb http://ftp2.de.debian.org/debian-volatile sarge/volatile main
Yeah. Due to a ABI Change in ClamAV 0.90 the debian-volatile team
currently needs to backport a few
On 3/5/07, Morgan Walker wrote:
Yeah, apt-get install clamav just gives me:
clamav is already the newest version.
Not sure what else to do, might have to remove ClamAV all together and
manually install the newer version. Or just wait to see if apt does it
on down the road.
Probably Debian
Morgan Walker wrote:
Yeah, apt-get install clamav just gives me:
clamav is already the newest version.
Not sure what else to do,
Visit www.clamav.net, download the source and install from there. 5-10 mins,
less
time than it takes you to read and reply to all these emails ;-)
--
Nigel
Awesome, thanks!
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Martin
Zobel-Helas
Sent: Monday, March 05, 2007 12:00 PM
To: ClamAV users ML
Subject: Re: [Clamav-users] ClamAV installation is OUTDATED!
Hi,
WARNING: Local version: 0.88.7 Recommended
On 3/5/07, Jens Strohschnitter [EMAIL PROTECTED] wrote:
Hi there,
I'm using the old amavis-0.3.13per2 Version of amavis.
I know it's very old, but there for today is no chance
to install amavis-new or something else.
---SNIP---
amavis[19687]: /var/amavis/amavis-14905879/parts/msg-19687-2.ex_:
Dennis Peterson wrote:
I wonder if anyone ever reads the admonishments about top-posting and
pruning messages.
Or the FAQ. Or the manual. I really wish people would do their homework
before posting to this mailing list.
-R
___
Help us build a
Rob MacGregor escreveu:
On 3/5/07, Jens Strohschnitter [EMAIL PROTECTED] wrote:
Hi there,
I'm using the old amavis-0.3.13per2 Version of amavis.
I know it's very old, but there for today is no chance
to install amavis-new or something else.
---SNIP---
amavis[19687]:
Odhiambo Washington wrote:
* On 20/02/07 16:25 -0500, Kevin Way wrote:
| Dennis Peterson wrote:
| So, its been a few days. How is everyone feeling about the new version?
| I've hesitated to upgrade just yet. I've seen alot of feedback indicating
| problems and very little about smooth and
Paul Bijnens wrote:
Be careful about using clamav with the MSRBL image-spams database!!
It seems to me like detecting the image spams with clamav signatures
are not really an improvement. In fact, it is probably dangerous!
The programs generating these spams make unique images with
Dennis Peterson wrote:
How did you determine they were false positives? Their website does not
provide a context so you can't know if what you are seeing is a web
beacon image or a spacer.
I determine false positives very simply - If neither the sender nor the
intended recipient do not
On 3/5/07, Leonardo Rodrigues Magalhães [EMAIL PROTECTED] wrote:
Or maybe clamav is configured to PASS infected emails !!! It´s not
an intelligent thing to do, but amavisd allows it.
The point is, clamav doesn't block or pass the emails. Clamav simply
gives a status and it's up to amavis
Rob MacGregor wrote:
On 3/5/07, Leonardo Rodrigues Magalhães [EMAIL PROTECTED] wrote:
Or maybe clamav is configured to PASS infected emails !!! It´s not
an intelligent thing to do, but amavisd allows it.
The point is, clamav doesn't block or pass the emails. Clamav simply
gives a status
Rob MacGregor wrote:
On 3/5/07, Leonardo Rodrigues Magalhães [EMAIL PROTECTED]
wrote:
Or maybe clamav is configured to PASS infected emails !!! It´s
not an intelligent thing to do, but amavisd allows it.
The point is, clamav doesn't block or pass the emails. Clamav simply
gives
Dennis Peterson escreveu:
Rob MacGregor wrote:
On 3/5/07, Leonardo Rodrigues Magalhães [EMAIL PROTECTED]
wrote:
Or maybe clamav is configured to PASS infected emails !!! It´s not
an intelligent thing to do, but amavisd allows it.
The point is, clamav doesn't block or pass the emails.
Hi:
Sorry if this isnt the way to get support for your port of ClamAV for
Fedora.
Im trying to run the latest yum updates of Clamav and Im blocked with the
following message when run
# service clamav-milter start
Starting clamav-milter: [ OK ]
This return OK but I found the following
On Mon, 05 Mar 2007 09:23:33 -0800
Dennis Peterson [EMAIL PROTECTED] wrote:
I wonder if anyone ever reads the admonishments about top-posting and
pruning messages.
They read it, they just choose to ignore it. It is for that reason that
I will usually only reply to a top-poster once and then
Hi,
available now.
On Mon Mar 05, 2007 at 12:35:12 -0500, Morgan Walker wrote:
Awesome, thanks!
Hi,
WARNING: Local version: 0.88.7 Recommended version: 0.90.1
My /etc/apt/source.list contains the following:
deb http://ftp2.de.debian.org/debian-volatile sarge/volatile
Hello Ralph,
I wonder if anyone ever reads the admonishments about top-posting and
pruning messages.
Or the FAQ. Or the manual. I really wish people would do their homework
before posting to this mailing list.
I think it'd be better to point such users to a proper URL where they
can *find
On 3/6/07, Luca Gibelli [EMAIL PROTECTED] wrote:
I think it'd be better to point such users to a proper URL where they
can *find the answer* instead of serving the answer to them directly via
email.
This will increase the probability that next time they need some info,
they will *first* search
48 matches
Mail list logo