Can someone explain what the classification
"Pdf.Phishing.CWS4c384287-9890237-0" means? I assume it has something to do
with a link found in a document. However, we've had several of these lately
and I can't see anything wrong with the documents. We're using clamav with
OPSWAT Metadefender,
UNSUBSCRIBE
Thank you.
Dan Fiore
(410) 936-0848
> On Apr 10, 2020, at 4:01 PM, Micah Snyder (micasnyd) via clamav-users
> wrote:
>
>
> Stephen,
>
> You will have to manually unsubscribe, here:
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
Maarten -
Great summary, thanks!
Dan
On 12/20/2017 07:02 AM, Maarten Broekman wrote:
There are far more than 31 signatures that have the potential to impact
Linux systems. There are, in truth, over 23,000 signatures that are able to
detect malware on Linux and Unix systems. Most "
Steve -
Thanks!
I think I need to resolve some of the performance issues (in the other thread); I
originally turned on OnAccess for my entire home directory - THAT was a mistake. But
I'll definitely go through the archives.
Dan
On 12/19/2017 02:25 PM, Steven Morgan wrote:
Dan,
I
Sorry if I wasn't clear . . .
Do you do "OnAcess" scanning for the whole drive, or just some sub-directories?
Do you do scheduled scanning for the whole drive, or just some sub-directories?
Thanks!
Dan
On 12/19/2017 01:01 PM, Yuri wrote:
OnAccess will do by running daemon.
Yuri -
Thanks - how do you split that up (ie, which parts of the file system are "OnAcess" vs
scheduled)?
Dan
On 12/19/2017 12:46 PM, Yuri wrote:
I guess, same like Windows workstation. On Access + scheduled from cron. :-D
19.12.2017 23:44, Dan Rawson пишет:
I'm working on
sing "best practices" in
a single machine environment.
Thanks in advance!
Dan
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive
e issue. Once I'm comfortable with the speed of operation, I'll definitely
do this as a refinement.
- Smaller file size: I don't know what this is for clamscan, but the default for clamd
(if I've understood correctly) is already set to 25Mb (and 150Mb of extracted archive dat
ture FOUND
--- SCAN SUMMARY ---
Infected files: 1
Time: 1363.550 sec (22 m 43 s)
I did set LogVerbose to "yes" in clamd.conf, but it didn't make any difference
Thanks!
Dan
___
clamav-users mailing list
clamav-users@lists.clamav.ne
Steve -
Thanks - I'll do a bit of testing based on the offered suggestions and then add the
results . . . .
Dan
On 12/18/2017 11:43 AM, Steven Morgan wrote:
Dan,
I have opened ticket https://bugzilla.clamav.net/show_bug.cgi?id=11990 to
track ClamAV performance issues.
Please pos
27;s test version scans it in about 20 minutes. /usr/local is a
similar time.
I'm running a local build of 0.99.3-beta.1, but the results were essentially the same
using 0.99.2 from the distro.
What can I do to speed up the clamscan process?
Thanks!
Dan
___
software that has not been
given a ECCN. With ClamAV being open source software, and freely available on
the net, this may seem like a bizarre question, but bizarre questions are a
government bureaucracy's favorite past time.
Thank you for any assistance you can provide.
Dan Callahan
Sof
le switch to wifi.
- Dan.
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
minates with a connection reset error. But now and then, I get this:
curl: (33) HTTP server doesn't seem to support byte ranges. Cannot resume.
No idea which actual servers are having this difficulty. It would really help
if you’all would fully su
—
Dan Langille
Infrastructure & Operations
Talos Group
Sourcefire, Inc.
> On Jan 26, 2015, at 9:19 AM, Joel Esler (jesler) wrote:
>
> OH, I see what you are saying. Sorry about that. Let me look into this.
>
>
>> On Jan 26, 2015, at 6:41 AM, Walter Bürger wro
On Fri 22.Aug.14 15:36, Al Varnell wrote:
On Aug 22, 2014, at 3:26 PM, Dan McDaniel wrote:
I submitted a false positive awhile ago -- probably back in May. It
hasn't been fixed yet. Should I submit it again?
Providing the MD5 of the submitted file will allow the team to locate it
qu
I submitted a false positive awhile ago -- probably back in May. It
hasn't been fixed yet. Should I submit it again?
Also, on the web form when submitting false positives there is a
check-box that says "notify me". It would seem to imply that you
might get some kind of notification when your sam
On 9/30/13 10:25 AM, "Joel Esler" wrote:
> On Sep 28, 2013, at 8:04 AM, G.W. Haywood wrote:
>
>> On Sat, 28 Sep 2013, Boszormenyi Zoltan wrote:
>>
>>> The machine in question is an older thingy with 256MB memory
>>> running an embedded Linux version and a special full screen application
>>> ov
I had a similar problem. I found if I removed the old main.cld and
daily.cvd, and then ran freshclam, it re-downloaded everything and seems to
be working fine. My main.cld was from 2011 (pretty old).
Dan
On Thu, Feb 14, 2013 at 11:00 AM, Clayton Keller wrote:
> Within the past hour we h
On 1/28/13 4:10 PM, "Noel Jones" wrote:
> On 1/28/2013 2:27 PM, Benny Pedersen wrote:
>
>> if you used freshclam as a deamon it will update when dns is showing
>> new versions, not wait one hour or more in cron to get the newest
>> updates
>
>
> Incorrect.
>
> When you run freshclam as a da
On Mon 26.Nov.12 08:29, Christoph wrote:
Am 24.11.2012 um 17:57 schrieb Dan McDaniel:
Here it is: 66dcf678d8ee29a91156f2baa95d531d vozacka.exe
This should be detected now (daily.cvd 15637). Sorry for the delay.
Thank you very much.
I didn't want to sound impatient, but was wo
On Fri 23.Nov.12 21:16, Alain Zidouemba wrote:
Dan,
Can you provide us with the MD5 of the sample? We'll make sure to
address your submission as soon as possible.
Thanks,
-Alain
___
Help us build a comprehensive ClamAV guide: visit
I submitted an infected file via the web page a couple of weeks ago. I
haven't heard anything and clamav still does not detect it. Should I be
concerned that my submission was lost? Or, does it normally take longer
than two weeks to process submissions?
-
On 6/15/12 9:59 AM, "gene heskett" wrote:
> On Friday, June 15, 2012 10:44:29 AM Matt Olney did opine:
>
> Is there a method that would faithfully duplicate the rpm installs image?
>
Install source rpm from your distro.
Put the new tarball and .sig file in the SOURCES directory
Edit the spec f
At 1:33 PM +0200 9/16/2011, Tomasz Kojm wrote:
On Thu, 15 Sep 2011 12:28:50 -0400 Dan wrote:
> At 10:43 AM +0200 9/15/2011, Tomasz Kojm wrote:
>> OK, now please post the output of 'freshclam --list-mirrors'
>
> Mirror #9
IP: 88.198.67.125
Successes: 13
Failures
n from DNS: 144
bytecode.cld is up to date (version: 144, sigs: 41, f-level: 60,
builder: edwin)
Database updated (1762590 signatures) from database.clamav.net (IP:
207.57.106.31)
- Dan.
--
- Psychoceramic Emeritus; South Jersey, USA, Earth.
___
Help
cesses: 24
Failures: 5
Last access: Tue Sep 13 10:45:48 2011
Ignore: Yes
"Can't connect to port 80 of host database.clamav.net (IP:
88.198.67.125)" is not considered a failure? Is there something that
I can add to freshclam.conf to make it so?
- Dan.
--
- Psychoceramic Emeritus;
eam to make a
decision one way or the other concerning this host. Even if removed,
it can always be
re-added when the cause of this issue is tracked down and fixed.
At least concerning this issue, is there anything more to be done?
1) Fix freshclam so it doesn't stall for so long.
2) Fix fr
here
for the team to make a
decision one way or the other concerning this host. Even if removed,
it can always be
re-added when the cause of this issue is tracked down and fixed.
At least concerning this issue, is there anything more to be done?
1) Fix freshclam so it doesn't stall for so
d about the update.
- Dan.
--
- Psychoceramic Emeritus; South Jersey, USA, Earth.
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
.clamav.net (IP:
207.57.106.31)
Clamd successfully notified about the update.
- Dan.
--
- Psychoceramic Emeritus; South Jersey, USA, Earth.
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
00
16 hours ago Favorite Retweet Reply
clamav ClamAV
Daily CVD 13602 (sigs: 190357; new: 5 author: guitar) on 11 Sep 2011
18-20 -0400
11 Sep Favorite Retweet Reply
- Dan.
--
- Psychoceramic Emeritus; South Jersey, USA, Earth.
___
Help us build a comprehe
elligently
or just trying to shut the conversation down?
In YOUR opinion individuals and even small businesses are incapable
of contributing to Clam's strained infrastructure?
So OUR suggestions and inquiries on this USER mailing list are ... pointless?
And Dan, please familiarize yourse
At 9:22 AM +0300 9/12/2011, Henrik K wrote:
On Sun, Sep 11, 2011 at 04:11:07PM -0400, Dan wrote:
At 11:40 PM +0200 9/7/2011, Luca Gibelli wrote:
>Traffic is around 5TB/month on each mirror.
Short of a paid service, which I doubt any of us want, few have such
bandwidth available to don
uted
via bittorrent. Yes, some ISPs are blocking the protocol -- but when
shown that it's a legit use, they're usually willing to fix that.
fwiw,
- Dan.
--
- Psychoceramic Emeritus; South Jersey, USA, Earth.
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
> -Original Message-
> From: clamav-users-boun...@lists.clamav.net [mailto:clamav-users-
> boun...@lists.clamav.net] On Behalf Of Luca Gibelli
>
> Hello G.W.,
>
> > > If anyone can provide a CVD mirror in US, please contact me
> directly.
> > > We definitely need more capacity in the db.u
: 60, builder: edwin)
Database updated (1005669 signatures) from
database.clamav.net (IP: 168.143.19.95)
Clamd successfully notified about the update.
And dig says:
current.cvd.clamav.net. 259 IN TXT
"0.97.1:53:13337:1311166444:1:60:30946:144"
- Dan.
--
- Psychoce
is up to date (version: 53, sigs: 846214, f-level: 53, builder: sven)
daily.cld is up to date (version: 1, sigs: 159245, f-level: 60,
builder: ccordes)
bytecode.cld is up to date (version: 144, sigs: 41, f-level: 60,
builder: edwin)
fwiw,
- Dan.
--
- Psychoceramic Emeritus; South Jerse
On Feb 12, 2011, at 3:38 AM, "Steve Holdoway" wrote:
> On Fri, 2011-02-11 at 21:26 -0700, Jim Preston wrote:
>>
>> On 02/11/2011 12:59 PM, Bowie Bailey wrote:
>>> On 2/11/2011 2:17 PM, Jan-Frode Myklebust wrote:
We have a strong preference to running only RHEL5+EPEL packages,
so we're
I compiled and installed it on Mandriva Enterprise server 5.1. No issues
On Oct 23, 2010, at 10:18 AM, "Jim Preston" wrote:
>
> On Oct 22, 2010, at 1:56 PM, Török Edwin wrote:
>
>> On Fri, 22 Oct 2010 13:33:42 -0700
>> Jim Preston wrote:
>>
>>> no avail.
>>
>> Are you running it from a part
mputer viruses.
> ___
> Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
> http://www.clamav.net/support/ml
We have seen the same thing, also with java app war files, since the same sig
update and also one the same two ve
You've got your socket named incorrectly in clamd.conf. It is overwriting the
executable. You should move your socket to /var/lib/clamav.
On Jul 6, 2010, at 9:22 PM, Hook wrote:
> Sorry for the delayed response.
>
> I found that after install clamd is a ´normal exec´ file with some Kb ( lets
s for being way behind the curve with the 3rd party
stuff included with OS X and OS X Server. Really, a mission-critical
product such as ClamAV needs to be watched by the sysadmin, not left
for someone else to do it for you.
- Dan.
--
- Psychoceramic Emeritus; South Jersey, USA,
At 2:30 PM -0700 4/17/2010, Ralf Quint wrote:
At 02:09 PM 4/17/2010, Dan wrote:
Yea, I agree, the Clam team probably could have done things better.
But would more announcements or warnings have really made a
difference? Why would the people, that regularly ignore the
Freshclam warnings, pay
At 9:39 PM +0100 4/17/2010, Simon Hobson wrote:
Dan wrote:
So keeping up to date has it's own risks - hence why many people
take the attitude of "if it aint broke, don't fix it".
But being a YEAR out of date?
Time is an illusion, lunchtime doubly so.
Like I said,
out-of-date, you
could just restore the database from your backup, and disable
freshclam. You do have backups, don't you?
- Dan.
--
- Psychoceramic Emeritus; South Jersey, USA, Earth.
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
On 4/16/10 9:03 AM, "Giampaolo Tomassoni" wrote:
>> If I run a ssh service on my machine, and yes I do, I keep track of the
>> ssh announce list.
>> Why because I hate it to find my root password changed because there
>> was a security update I didn't updated 6 months ago because an apt-get
>> up
to make sure
things are resecured.
To each their own, but when you've got a server that will handle the scans
there's little reason not to do it, but several reasons that you might do
it.
Dan Metcalf
___
Help us build a comprehensive
Hello Luca,
Thanks for the link. Somehow I managed to skim past that in the faq.
Regards,
Dan
On Wed, Nov 18, 2009 at 9:21 PM, Luca Gibelli wrote:
>
> Hello Dan,
>
> > I am wondering what is the best way to mirror database updates.
>
> http://www.clamav.net/support
into their organisation, and how you are doing it.
Regards,
Dan
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
On Thu, 2009-10-29 at 22:11 -0500, Chris wrote:
> Last night I attempted to build the 0.95.3 RPMS for Mandriva 2009.1 and
> ran into a problem. I kept getting this error:
>
> 1 out of 1 hunk FAILED -- saving rejects to file
> clamav-milter/clamav-milter.c.rej
> error: Bad exit status from /home/ch
Hello forum.
I've got an RHEL 3 server (yes, I know...) running clamd on generic hardware.
When I start clamd, it appears two processes are created. None of my other
systems do this (RHEL 4 and 5 systems). I didn't notice this happening until a
couple days ago when nagios started alerting low m
On Thu, 2009-07-30 at 20:02 +0200, Jack Raats wrote:
> Today I received a new kind of phissing mail.
>
> Spamassassin (freebsd), clamav (freebsd) and avg (windows) didn't recognised
> it.
>
> The email had an attached word file in which the phissing was written.
Yes, its a variation of one tha
On Sat, 2009-06-06 at 14:39 -0500, Javier Lopez wrote:
> Daniel,
>
> How I do "the redirect" with amavisd?
See http://www.ijs.si/software/amavisd/amavisd-new-docs.html#quarantine
There are lots of variations, but mainly you need a
$virus_quarantine_method of smtp or lmtp, and a $virus_quaranti
to the database?
>
>Due to the huge number of submissions we have to process it is really
>hard to tell. It mostly depends on the severity of the threat, that is,
>how many of such samples we've already received. Big outbreaks generally
>take less than one hour. Unique samples m
the virus, on average currently how
long before its sig is added to the database?
Thanks,
- Dan.
--
- Psychoceramic Emeritus; South Jersey, USA, Earth
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
e Day/Evening
>Michelle Konzack
That's nice, but we weren't asking for an opinion poll.
My domain doesn't get very many viruses at all through email, so it's a nice
ticker to see when virus activity is on the rise out th
gt;> do this? Thank.
>> --
>> View this message in context:
>> http://www.nabble.com/%22Virus-Infected%22-Message-for-recipient-tp23296120p23296120.html
>> Sent from the clamav-users mailing list archive at Nabble.com.
>>
- Original Message -
From: "
aren't looking to return the email notice to the sender. I just want to
send a notice to the local recipient that the message was not accepted due
to a virus.
Dan
- Original Message -
From: "martinnitram"
To:
Sent: Wednesday, April 29, 2009 8:39 AM
Subject: [Clama
ing I did manage to find the option to add in
> the headers. Still can't get the postmaster bit sorted out though. Let
> me search further :)
>
>
> On Sat, Apr 18, 2009 at 4:36 PM, McDonald, Dan
> wrote:
> > On Sat, 2009-04-18 at 16:25 +0200, Greg McCarthy wro
On Sat, 2009-04-18 at 16:25 +0200, Greg McCarthy wrote:
> In the previous versions of clamav I used to run:
>
> /usr/local/sbin/clamav-milter -ol $CLAMAV_MILTER_SOCKET
> --postmaster-only --postmaster=not...@domain.com
> --quarantine-dir=/var/mail/quarantine
>
> I've just upgraded to 0.95
Not 0
On Tue, 2009-03-31 at 12:11 +0200, Matus UHLAR - fantomas wrote:
> > Matus UHLAR - fantomas wrote:
> > > Hmm, there could be an option for not rejecting signatures like
> > > *.Phishing.* or Safebrowsing.*
>
> On 31.03.09 11:46, aCaB wrote:
> > If you want to fine tune detection based on malware n
On Thu, 2009-03-26 at 17:16 -0400, Vigil, Joe wrote:
> My environment:
> AIX 4.3.3 (yeah, I know it's old)
> GCC 2.95.2
> Clamav v0.95
>
> I'm getting the same error " LibClamAV Warning: Cannot dlopen: file not found
> - unrar support unavailable".
> I've tried setting the LIBPATH va
On Wed, 2009-03-18 at 07:20 -0700, Dennis Peterson wrote:
> Erwan David wrote:
> > On Wed, Mar 18, 2009 at 01:55:14PM CET, Dennis Peterson
> > said:
> >> Moray Henderson (ICT) wrote:
> From: Török Edwin [mailto:edwinto...@gmail.com]
> >> Try using for the URL.
> >>
> > Is that a
On Tue, 2009-03-17 at 14:08 +, Steve Basford wrote:
> > Is there a test string I can use to see if the SafeBrowsing code is
> > working properly? I've just set up 0.95RC2 with SafeBrowsing enabled.
> > I've sent an EICAR and detected that, and scanned
> > the /usr/share/doc/clamav-0.95/test/ d
On Tue, 2009-03-17 at 14:08 +, Steve Basford wrote:
> > Is there a test string I can use to see if the SafeBrowsing code is
> > working properly? I've just set up 0.95RC2 with SafeBrowsing enabled.
> > I've sent an EICAR and detected that, and scanned
> > the /usr/share/doc/clamav-0.95/test/ d
Is there a test string I can use to see if the SafeBrowsing code is
working properly? I've just set up 0.95RC2 with SafeBrowsing enabled.
I've sent an EICAR and detected that, and scanned
the /usr/share/doc/clamav-0.95/test/ directory to find ClamAV-Test-File,
but I would like to see a SafeBrowsin
On Mon, 2009-03-02 at 12:41 +, Steve Basford wrote:
> > Having used clamd for several years without it ever crashing, I am now
> > faced with it crashing quite often. This follows me setting up the new
> > sanesecurity system!
> Some users are seeing no problems, other are - which is the frus
From: Török Edwin
>On 2009-02-28 18:08, McDonald, Dan wrote:
>> From: Török Edwin
>> On 2009-02-28 17:56, McDonald, Dan wrote:
>>
>>>> From: Török Edwin
>>>>
>>>>
>>>> dlopen does look for .so files, if the .la are not f
From: Török Edwin
On 2009-02-28 17:56, McDonald, Dan wrote:
>> From: Török Edwin
>>
>>
>> dlopen does look for .so files, if the .la are not found, but it is not
>> finding it,
>> since the code is looking for /usr/lib/libclamunrar_iface.so instead of
From: Török Edwin
>On 2009-02-28 17:35, McDonald, Dan wrote:
>> From: Török Edwin
>>
>>> On 2009-02-28 01:11, McDonald, Dan wrote:
>>>
>>>> On Fri, 2009-02-27 at 23:34 +0200, Török Edwin wrote:
>>>>
&
From: Török Edwin
>On 2009-02-28 01:11, McDonald, Dan wrote:
>> On Fri, 2009-02-27 at 23:34 +0200, Török Edwin wrote:
>>
>>> On 2009-02-27 22:58, McDonald, Dan wrote:
>>
>>> This is new. Is there another library that has been added to the
>>&g
On Fri, 2009-02-27 at 23:34 +0200, Török Edwin wrote:
> On 2009-02-27 22:58, McDonald, Dan wrote:
> > This is new. Is there another library that has been added to the
> > requirements?
> >
> > Starting Clam AntiVirus Daemon: LibClamAV Warning: Cannot dlopen: file
&g
On Fri, 2009-02-27 at 14:48 -0600, McDonald, Dan wrote:
> On Fri, 2009-02-27 at 15:36 -0500, James Kosin wrote:
> > Nigel Horne wrote:
> > > Folks,
> > >
> > > 0.95 RC1 was published on Wednesday 25/2/09.
> > >
> > Nigel,
> >
> >
On Fri, 2009-02-27 at 15:36 -0500, James Kosin wrote:
> Nigel Horne wrote:
> > Folks,
> >
> > 0.95 RC1 was published on Wednesday 25/2/09.
> >
> Nigel,
>
> Compiles and links in FC1. I know it is old; but, nothing is broken in
> the compiling.
Just finished altering the mandriva spec file so i
From: clamav-users-boun...@lists.clamav.net on behalf of Nathan Brink
#Charles Gregory wrote:
#> More often than not, I see this kind of thinking as *policy* but without a
[...]
#>
#Wouldn't this easily break threading? In this case, the respondent
[...]
Not germane to clamav - please send fo
On Wed, 2009-02-18 at 14:03 -0700, s...@softhome.net wrote:
> Please forgive me for raising this question. When can we expect the OS X
> malware submitted to ClamAV to be included in the database.
Are you submitting samples?
If no samples are submitted, then there is nothing for the Clamav team
On Fri, 2009-02-06 at 10:08 -0800, Madhuri Somavarapu wrote:
> Hi,
>
> I installed clamav on my machine. I am using it for scanning files not
> for my mail server I want to know what kind of maintainence needed for
> this software (Like upgrades).
Upgrades are not automatic, so watch the user lis
According to the twitter feed, Daily 8867 had 1325 new signatures. But
the [clamav-virusdb] mailing doesn't have a single entry without "Added:
No". Where do the 1325 new entries come from?
--
Daniel J McDonald, CCIE #2495, CISSP #78281, CNX
Austin Energy
http://www.austinenergy.com
signatu
On Fri, 2009-01-02 at 10:24 -0500, Frank DeChellis wrote:
> Hi there and happy new year.
>
> We are running ClamAV 0.94.2 . Just installed it 2 hours ago. When it does
> the self check and reload I get this message:
> ERROR: Command: readsock() failed.
> Socket file removed.
> ERROR: Can't unlink
On Tue, 2008-12-30 at 15:17 -0600, Chris wrote:
> I'm working on updating my old Mandrake 10.1 system to Mandriva 2009, what
> a pain, anyway, using urpmi I installed 94.2. When trying to start it I got a
> 'command not found' and noticed that in /usr/bin there is no clamd file.
> There
> is a
On Wed, 2008-12-10 at 13:59 -0500, Nigel Horne wrote:
> McDonald, Dan wrote:
>
> > how about:
> > Daily CVD 8721 (sigs: 32788, new: 1) at 04 Dec 2008 13-26 +
>
> Thank you for your suggestion. It's a great idea so we've made the change!
I noticed. It
A new version of clamav was released this week, along with the typical
"this is a bugfix release" announcement. Along comes the end of the
week, and SANS reports a vulnerability [1] in the previous version.
It's a lot easier to get linux distro folks to make new packages for
security releases. W
On Thu, 2008-12-04 at 12:45 -0500, Nigel Horne wrote:
> Folks,
>
> We'd like to hear any feedback people have who are following our Twitter
> channel at http://twitter.com/clamav.
the RSS feed from twitter truncates it much shorted, and you have a lot
of repeated characters, so it's not as usefu
On Thu, 2008-12-04 at 18:37 +0200, Zvi Kave wrote:
> I forgot to specify that it is ClamAV 0.94.2 in Fedora 8.
> sigtool -l shows this:
> # sigtool -v -l | grep -i mabezat
> W32.Mabezat-1
> W32.Mabezat-2
> W32.Mabezat
> W32.Mabezat-3
>
> NODE32 detects it from Windows as W32/Mabezat.A
Have you su
>From: "Christoph Cordes" <[EMAIL PROTECTED]>
>
> Am 29.08.2007 um 00:59 schrieb Dan Metcalf:
>
>> I have a client that is having some trouble when forwarding some
>> spamcop
>> complaints to the appropriate parties. They keep getting
>> Email.
I have a client that is having some trouble when forwarding some spamcop
complaints to the appropriate parties. They keep getting
Email.Webaccount-11 rejections.
Looked all over, but haven't found the right place for a definition of what
this is? Anybody know?
Dan Metcalf <[EMAIL P
>From: [EMAIL PROTECTED] on behalf of Jeff Thurston
>I thought ClamAV was able to catch these "Greeting Cards from family
>member", our domain keeps getting these emails in large quantities even
>after upgrading to ClamAV 0.90.3 recently.
As far as I know, you have to use the follow-url thingy,
>From: [EMAIL PROTECTED] on behalf of Luca Gibelli
>Hello jacusy,
>> this night my clamd-process terminated with an error. The reason was
>> that freshclam took too long to do its update, so that clamd could not
>> lock the database. So clamd exited. But this behaviour is very fatal
>> because the
Hi,
I'm running clamav 0.88.7 on a FC5 for a OpenXchange mail server.
Trying to update to .9 I see that it needs libssl.so.6 and
libcrypto.so.6 (i'm working in .5)
This means upgrading from mysql to cyrus and postfix, openssl, httpd and
perl, openldap and almost everything.
OpenXchange install
On Mon, 2006-10-16 at 14:23 +0100, Stephen Gran wrote:
> On Mon, Oct 16, 2006 at 08:55:24AM -0400, Robert Blayzor said:
> > Balzi Andrea wrote:
> > > FixStaleSocket
> > > Remove stale socket after unclean shutdown.
> > > Default: disabled
> > >
> > > What are the value
Jim Holland writes:
You will need to check to see whether your version of Postfix is fully
supported - I understand that there has been a recent code update to
Postfix which might have introduced some incompatibilities with
MailScanner. These will be sorted out by MailScanner's developer as soo
See bottom of thread for thoughts
the circumstances arose where mail folders are kept
from a pre-clamav time, or there was an issue with the clamav setup at
the time, or clamav was not scanning incoming mail
I have to say that while I commend your sharing of a concept/idea, it
does appear t
Had discovered this a while back... seems to have come up again.
The documentation (man page) for clamav-milter says that the quarantine
address is always whitelisted, but this appears to have been broken
between 2006-03-18 (the last dev snapshot I was running) and 2006-05-15
(the current snaps
2
>
> Fabio Landriscina
> Arthis SpA
> Strada 4 Palazzo Q
> 20089 Rozzano (MI)
> 02 5758 2899
> [EMAIL PROTECTED]
>
> ___
> http://lurker.clamav.net/list/clamav-users.html
>
>
Dan Sjolseth
(scribbly handwriting
Thomas Hruska wrote:
[asks in a somewhat forceful way that clam detect spyware]
Perhaps you might offer to pay the clamav group to add the features you
desire.
"free" is speech not beer.
___
http://lurker.clamav.net/list/clamav-users.html
ally when I'm going to have to update them again when the
new options format is released.. I ended up using a CVS version because
0.85 was not properly whitelisting the quarantine address. I guess I'll
have to check to see if 0.86.1 fixes that issue next.
Dan O'Brien
___
The Little Prince, Antoine de Saint-Exupery
>
> _______
> http://lurker.clamav.net/list/clamav-users.html
>
Since sendmail 8.13.3 was released 1/12/2005, and your mfapi.h files date shows
Aug 20 2004, its probably from a previous (older) version of sendmail.
Get the latest/greatest sendmail and install it and libmilter.
Dan Sjolseth
___
http://lurker.clamav.net/list/clamav-users.html
Nigel Horne <[EMAIL PROTECTED]> wrote:
> You forgot to add "in my configuration", since it is working for me and
> others. Your statement implies that it doesn't work at all.
I'm happy to report that the CVS version *did* apparently resolve the
issue of the whitelist apparently not working. The
but it doesn't seem to be
working.
Anyone else using the whitelist feature successfully?
Dan O'Brien
__
Axon Solutions, Inc. Telephone: 703-845-8400
P.O Box 16725 Facsimile: 703-845-5
1 - 100 of 150 matches
Mail list logo
