[Mimedefang] New .zip virus?
dimon at intellinetinc.com
dimon at intellinetinc.com
Tue Jan 27 12:16:33 EST 2004
Quoting mfaurot at atww.org:
> In article <4015D631.4070705 at elgas.com.au> you wrote:
> > Make sure you have the settings on to scan through zip files, and you
> > are running freshclam frequently.
>
> I'm running the current stable version of ClamAV (0.65) and have
> freshclam checking for updates several times a day. I was looking
> through clamav.conf(5) and I see no configuration options which pertain
> specifically to .zip archives/files. Are you referring to the more
> generic option StreamSaveToDisk?
>
> I have StreamSaveToDisk and the ScanMail option enabled, and clamd
> appears to have successfully caught one of these viruses for me recently,
> according to the clamd log file:
>
> Tue Jan 27 02:44:48 2004 ->
> /var/spool/MIMEDefang//mdefang-i0R7iimN013306/Work/msg-11120-148.zip:
> Worm.SCO.A FOUND
>
> So it would seem that MD v2.39 and ClamAV (in daemon mode) will catch
> this new virus.
>
Hi All,
I'm using ClamAV + MD 2.39 at my Mail Server too, and experiencing some
problems with clamd here:
in general it works fine, but sometimes it dies with this error in log file:
Tue Jan 27 09:58:59 2004 -> /var/spool/MIMEDefang/mdefang-
i0RGwwJX012136/Work/msg-206-171.zip: Zip module failure.
ERROR
Here is my clamav.conf:
LogFile /var/log/clamav/clamd.log
LogFileMaxSize 10M
LogTime
PidFile /var/spool/MIMEDefang/clamd.pid
LocalSocket /var/spool/MIMEDefang/clamd.sock
FixStaleSocket
MaxConnectionQueueLength 25
StreamSaveToDisk
StreamMaxLength 20M
MaxThreads 25
MaxDirectoryRecursion 15
FollowDirectorySymlinks
FollowFileSymlinks
User mailnull
AllowSupplementaryGroups
ScanMail
ScanArchive
ScanRAR
ArchiveMaxFileSize 20M
ArchiveMaxRecursion 5
ArchiveMaxFiles 1500
What might be a problem here?
Thank you,
Dmitry
More information about the MIMEDefang
mailing list