New Server on RH8.0

Karl Perason karlp at ourldsfamily.com
Sat May 15 00:32:53 UTC 2004 

<quote who="Rick Stevens">
>
> 1.3?  ClamAV's current release is 0.70.  That being said, if you're
> running clamd and scanning via clamav-milter, yes.  Any incoming stuff
> is run through clamAV if you're using that.  As for RPMs, I dunno.  I
> don't use them myself as they typically lag behind the releases too
> much.  I'm a tarball-build-install kind of guy.

Duh. 0.65-4 currently. I've been an rpm guy so I can see what's there by
doing rpm -qa|grep whatever

I'll get the .70 so I can install milter and have it run stdin for email
scanning. Is there a better option out there?


>
> Remember that an "mbox" is one file.  clamscan doesn't pull it apart,
> purge the infection and put it back together--it deletes the _file_
> (which happens to be "mbox").  For the "--remove" to only delete the
> infected message, you need to be scanning a MailDir-style mail account.

Drat. That's what I'd do. It's really not that hard:

Parse the file, find the virus, reverse to the previous "From " and delete
that line until the next "From " is found. done.

>
> Note that ClamAV 0.70 no longer has clamscan.  It has clamdscan, which
> is a client for clamd.  It doesn't support the "--mbox" option.  You
> must have "ScanMail" option set in clamd.conf for that to work.

Interestingly enough, clamav.conf HAS ScanMail as an option to set for
this version. Of course it doesn't do anything. It's also got an email
notify option, which doesn't seem to work either. I have viruses on my
mail server and know right where they are, but nothing gets reported...
I'm pretty sure I just need to set things up right. I'm pretty new to this
thing still, so should have it figured out soon enough.

Thanks Rick. Glad to see you are still on the list.

> ----------------------------------------------------------------------
> - Rick Stevens, Senior Systems Engineer     rstevens at vitalstream.com -
> - VitalStream, Inc.                       http://www.vitalstream.com -
> -                                                                    -
> -              Death is nature's way of dropping carrier             -
> ----------------------------------------------------------------------
                 How about...   ...way of "dumping the core"
-- 
Karl Pearson
karlp at ourldsfamily.com
http://consulting.ourldsfamily.com
http://emailgroups.ourldsfamily.com
 --     If you don't think      --
 -- the dead come back to life, --
 --  Be here at quitting time   --

More information about the Redhat-install-list mailing list