Subject:
RE: qmail-scanner and ClamAV
From:
"Steve Peace" ####@####.####
Date:
9 Feb 2004 15:04:47 -0000
Message-Id: <006a01c3ef1d$fd5b6060$d319020a@HSSNB21>
>> Occationally I see the spelling "calmd" where I expected "clamd"
Yep, their typo's.
>>This part I read with great interest:
>>
>>
>>silent->>viruses='klez','bugbear','hybris','yaha','braid','nimda','tan
atos','sobig'
>>,'winevar','palyh','fizzer','gibe','
>> > cailont','lovelorn','swen','dumaru','sober','hawaii','holar-i'
>>
>>I am getting hundreds of viral warnings from all over the world
>>of viruses that had forged my name in the from-adress, occationally
>>they helpfully return the virus too. Does the scanner catch these
>>too?
>>
>>Somewhat tangentially it would be useful to be able to silently
>>drop all misguided viral warnings.
Yes, the scanner does catch these. I am assuming you are talking about
the SCO.A worm. I'm actually still working on dropping the bounces
silently as well. I have seen some information in news groups about
doing it, but haven't had time to implement it.
Steve
-----Original Message-----
From: Stein Gjoen ####@####.####
Sent: Sunday, February 08, 2004 11:19 AM
To: Steve Peace
Cc: ####@####.####
Subject: Re: qmail-scanner and ClamAV
Hello,
Steve Peace wrote:
> Unfortunately I do not have a web server available to post it to. I
am
> currently working on setting one up at home, but it is still busted.
I
> have attached a copy of the draft to this message in plain text. Let
me
> know what you think.
This looks fairly thorough. Just some minor questions:
Occationally I see the spelling "calmd" where I expected "clamd",
is this correct or a typo?
> Create the /usr/local/clamav/supervise/calmd/log/run file:
>
> #vi /usr/local/clamav/supervise/calmd/log/run
This part I read with great interest:
>
silent-viruses='klez','bugbear','hybris','yaha','braid','nimda','tanatos
','sobig','winevar','palyh','fizzer','gibe','
> cailont','lovelorn','swen','dumaru','sober','hawaii','holar-i'
I am getting hundreds of viral warnings from all over the world
of viruses that had forged my name in the from-adress, occationally
they helpfully return the virus too. Does the scanner catch these
too?
Somewhat tangentially it would be useful to be able to silently
drop all misguided viral warnings.
Best regards,
Stein Gjoen