M.hafez | 21 Jun 09:51 2015
Picon

mail server and clamav in different machine

Dear all
can i install the mail server (win or Linux based ) and the clamav in 
different machine, that may allow me to filter more than one mailer 
server using the same Clamav machine.

Regards
Xi
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Markus Egg | 20 Jun 19:15 2015
Picon
Picon

Using clamscan with multiple cores

Hello,

how can I use clamscan on multicore CPUs ?
I found "clamdscan" with --multiscan but for some reasons
--multiscan does not work with "clamscan".

Thank you for any pointer.

ME
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Bruce Hyatt | 20 Jun 03:44 2015
Picon

fmap errors

I get the following message from the daily cron scan in my root mail every
day:

LibClamAV Warning: fmap: map allocation failed
LibClamAV Error: CRITICAL: fmap() failed

three times. Searching this error it appears to be from scanning files
larger than my ram.

Is that right?

How do I determine which files are causing this error?

TIA

Sincerely,
Bruce Hyatt
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

G.W. Haywood | 19 Jun 19:37 2015
Picon

Re: Clamd and Systemd

Hi there,

On Fri, 19 Jun 2015, Scott Kitterman wrote:

> BTW, since I'm the primary clamav maintainer in Debian, guess how
> much action your report is going to get.

If that's their sales pitch, what must it be like in the complaints department? [1]

--

-- 

73,
Ged.

[1] No claim is made by this author for originality.
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Steve Basford | 19 Jun 12:39 2015

daily.ftm

Hi,

Wasn't sure if this should be a bugzilla or not but...

daily.ftm seems to be out-of-sync with the latest filetypes_int.h

Eg, 4546492050415254 is missed and a few of the newer ones.

Cheers,

Steve
Web : sanesecurity.com
Blog: sanesecurity.blogspot.com

_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

MATSUMOTO ATSUHIRO-OMX | 19 Jun 08:52 2015

clamdscan wasn't found eicar, but clamscan was found

Dear, ClamAV-Users,

I tried ScanOnAccess at CentOS7's fanotify.
clamd scanner daemon was running, and no error logs,

I put eicar.com on /tmp, and tryed scanning.
But, clamdscan was not found eicar.
 # clamdscan -c /etc/clamd.d/scan.conf
 /tmp: OK

So, clamscan was found same eicar.
 # clamscan
 /tmp/eicar.com: Eicar-Test-Signature FOUND

How about wrong ?

(please, show more detail this) 
https://www.centos.org/forums/viewtopic.php?f=48&t=53019
ClamAV clamdscan wasn't found eicar, but clamscan was found

thanks,
omnix-mm
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

G.W. Haywood | 18 Jun 18:35 2015
Picon

Re: Clamd and Systemd

Hi there,

On Thu, 18 Jun 2015, Simon Hobson wrote:

> I've been trying to upgrade a Debian Wheezy system to Jessie without
> allowing SystemD to sneak in.

I would

http://without-systemd.org/wiki/index.php/How_to_remove_systemd_from_a_Debian_jessie/sid_installation

and then install ClamAV from source.  I wouldn't use packages for
things like ClamAV anyway.

> Also, does anyone know how "important" this dependency is ?

Not at all, it's just Debian doing what Debian does (i.e. drive me nuts).

--

-- 

73,
Ged.
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Simon Hobson | 18 Jun 16:52 2015
Picon

Clamd and Systemd

I've been trying to upgrade a Debian Wheezy system to Jessie without allowing SystemD to sneak in. I've
found that the Debian clamav-daemon package (but none of the others) depends on libsystemd0.

I just wanted to check whether this is something that's in the upstream package, or something that's been
introduced in the Debian packaging. Does anyone know where this dependency comes in (upstream or Debian) ?

Also, does anyone know how "important" this dependency is ? Is it just some small optional features, or
something fundamental that can't be removed ? My gut feeling is that given the range or platforms ClamAV
runs on (inc many without SystemD), it can't be that important.

_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Trevor Vaughan | 14 Jun 00:54 2015

DAT File License

Hi All,

I apologize if I missed this, but I've checked through various FAQs and
have not been able to determine what license the DAT files fall under.

If anyone has this information, it would be most appreciated.

Thanks,

Trevor

--

-- 
Trevor Vaughan
Vice President, Onyx Point, Inc
(410) 541-6699

-- This account not approved for unencrypted proprietary information --
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Steven Morgan | 10 Jun 21:55 2015

Re: ClamAV(R) blog: ClamAV 0.99b Meets YARA!

Dennis,

We don't have an on-line rule testing utility. If I see one anywhere, I'll
let you know.

Line feeds and other white space can be compressed in yara rules.

Referencing other rules within a condition is one of the yara features that
is not supported in ClamAV 0.99 beta1. We are looking at how to include it
in a future release.

On Wed, Jun 10, 2015 at 10:50 AM, Dennis Peterson <dennispe <at> inetnw.com>
wrote:

> That is a pretty nice addition, Joel. Naturally somebody is going to ask
> if there is an on-line rule testing utility anywhere so that might as well
> be me :). I'm particularly interested in knowing if the linefeeds between
> the keyword rule and the closing brace in the rules can be left out so the
> sig files can be somewhat compressed.
>
> Bonus points if a condition can be  <at> rule and  <at> rule2 not  <at> rule3 so that
> rules can be re-used as in a library.
>
> dp
>
> On 6/3/15 12:02 PM, Joel Esler (jesler) wrote:
>
>> ClamAV 0.99b Meets YARA!
>> The first beta release of ClamAV 0.99 is now on SourceForge! ClamAV 0.99
>> has some important new features to improve malware detection.
(Continue reading)

Steven Morgan | 5 Jun 17:06 2015

Re: ClamAVĂ‚(R) blog: ClamAV 0.99b Meets YARA!

No windows binaries yet, but work is in progress.

Thanks,
Steve

On Fri, Jun 5, 2015 at 11:02 AM, Steve Basford <
steveb_clamav <at> sanesecurity.com> wrote:

>
> On Wed, June 3, 2015 8:02 pm, Joel Esler (jesler) wrote:
> >
>
> > ClamAV 0.99b Meets YARA!
> > The first beta release of ClamAV 0.99 is now on SourceForge! ClamAV 0.99
>
> > Since this is such a large feature, please help us by downloading, using,
> > and testing this feature and reporting bugs via our usual methods here:
> > http://www.clamav.net/contact.html
> Just catching up on emails...so sorry if this has been posted somewhere...
>
> Have any windows binaries been put live to test yet?
>
> Cheers,
>
> Steve
> Web : sanesecurity.com
> Blog: sanesecurity.blogspot.com
>
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
(Continue reading)


Gmane