ClamAV: Difference between revisions
From DWIKI
mNo edit summary |
mNo edit summary |
||
Line 29: | Line 29: | ||
=== Amavis not finding socket clamd.ctl | = FAQ = | ||
== Amavis not finding socket clamd.ctl == | |||
Means clamd is busy handling the queue after a powre failure or such, the socket won't be created before it's done. | Means clamd is busy handling the queue after a powre failure or such, the socket won't be created before it's done. | ||
Line 37: | Line 38: | ||
| | ||
== INetMsg.SpamDomain-xxx == | |||
That's from sanesecurity.net | That's from sanesecurity.net | ||
Line 47: | Line 48: | ||
| | ||
== LibClamAV Warning: [Bytecode JIT]: Bytecode run timed out, timeout flag set == | |||
Try --bytecode-timeout=120000 | Try --bytecode-timeout=120000 | ||
== LibClamAV Warning: Bytecode run timed out in interpreter after 5000 opcodes == | |||
--bytecode-timeout=N | --bytecode-timeout=N | ||
Line 57: | Line 58: | ||
| | ||
== Ignoring mirror x.x.x.x (due to previous errors) == | |||
try removing mirrors.dat and daily.cvd | try removing mirrors.dat and daily.cvd | ||
Line 63: | Line 64: | ||
| | ||
== LibClamAV Error: CRITICAL: fmap() failed == | |||
haha yeah, good luck | haha yeah, good luck | ||
| |||
== Can't allocate memory ERROR == | |||
Some file too big? | Some file too big? | ||
== Exclude dir == | |||
clamscan --exclude-dir=/foo | |||
wildcards? | |||
scan.conf: | |||
ExcludePath /foo/*/bar ? |
Revision as of 11:07, 17 March 2021
Clam Antivirus
Virus scanner for mail and files.
A handy script for adding more goodies
#!/usr/local/bin/bash #extra signatures to catch spam and phishing #or look at http://www.sanesecurity.com/ LOCATION=/var/db/clamav GUNZIP=/usr/bin/gunzip WGET=/usr/local/bin/wget #and now the script itself cd $LOCATION || exit -1 $WGET --timestamping http://ftp.tiscali.nl/sanesecurity/phish.ndb.gz && ${GUNZIP} -f phish.ndb.gz $WGET --timestamping http://ftp.tiscali.nl/sanesecurity/scam.ndb.gz && ${GUNZIP} -f scam.ndb.gz $WGET --timestamping http://download.mirror.msrbl.com/MSRBL-SPAM.ndb $WGET --timestamping http://download.mirror.msrbl.com/MSRBL-Images.hdb $WGET -O - http://www.malware.com.br/cgi/submit?action=list_clamav > mbl.db /usr/sbin/chown clamav:clamav * killall -HUP clamd
FAQ
Amavis not finding socket clamd.ctl
Means clamd is busy handling the queue after a powre failure or such, the socket won't be created before it's done.
INetMsg.SpamDomain-xxx
That's from sanesecurity.net
Milter (clmilter): local socket name /var/run/clamav/clmilter.sock unsafe
Usually means something like clamd not running.
LibClamAV Warning: [Bytecode JIT]: Bytecode run timed out, timeout flag set
Try --bytecode-timeout=120000
LibClamAV Warning: Bytecode run timed out in interpreter after 5000 opcodes
--bytecode-timeout=N
Ignoring mirror x.x.x.x (due to previous errors)
try removing mirrors.dat and daily.cvd
LibClamAV Error: CRITICAL: fmap() failed
haha yeah, good luck
Can't allocate memory ERROR
Some file too big?
Exclude dir
clamscan --exclude-dir=/foo
wildcards?
scan.conf: ExcludePath /foo/*/bar ?