Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 9.x
  4. Topic: Clam problem
« previous next »
Pages: [1]   Go Down

Clam problem

  • 3 Replies
  • 2136 Views

Offline ElFroggio

  • *
  • 262
  • +0/-0
Clam problem
« on: January 15, 2015, 04:39:06 PM »
I have sme9 current with the default install.

Every night at around 1:00am (default) clanscan, scans and occasionally it finds viruses.

Code: [Select]
/home/e-smith/files/users/kathy/Maildir/cur/1420715165.8233.ethelbert:2,: Win.Downloader.Drixed FOUND
/home/e-smith/files/users/kathy/Maildir/cur/1420715165.8233.ethelbert:2,: moved to '/var/spool/clamav/quarantine/1420715165.8233.ethelbert:2,'

----------- SCAN SUMMARY -----------
Known viruses: 3727547
Engine version: 0.98.5
Scanned directories: 409
Scanned files: 7110
Infected files: 1
Data scanned: 988.22 MB
Data read: 570.25 MB (ratio 1.73:1)
Time: 105.657 sec (1 m 45 s)

Code: [Select]
[root@ethelbert ~]# service clamd status
run: /service/clamd: (pid 3523) 531s, normally down; run: log: (pid 1276) 1458s
[root@ethelbert ~]# service freshclam status
run: /service/freshclam: (pid 2363) 1408s, normally down; run: log: (pid 1273) 1458s
[root@ethelbert ~]# service qpsmtpd status
run: /service/qpsmtpd: (pid 2517) 1408s, normally down; run: log: (pid 1265) 1459s
[root@ethelbert ~]# service sqpsmtpd status
run: /service/sqpsmtpd: (pid 2457) 1416s, normally down; run: log: (pid 1263) 1467s

and

Code: [Select]
[root@ethelbert ~]# config show clamd
clamd=service
    MemLimit=700000000
    status=enabled

Thanks

/Syv
Logged

Offline TerryF

  • grumpy old man
  • *
  • 1,847
  • +6/-0
Re: Clam problem
« Reply #1 on: January 15, 2015, 09:23:25 PM »
Perhaps the email was received with a virus that was yet to be included in clams db, after all it can't find a virus until it has an updated db with that virus's definition.

All anti virus progs are the same, the virus has to be active before they can be updated with its signature/definition to see it.
Logged
--
qui scribit bis legit

Offline Knuddi

  • *
  • 540
  • +0/-0
    • http://www.scanmailx.com
Re: Clam problem
« Reply #2 on: January 19, 2015, 10:10:57 AM »
The virus was as I can see only added to Clam Jan 14th and the mail you scan arrived January 8th.
Logged

Offline ElFroggio

  • *
  • 262
  • +0/-0
Re: Clam problem
« Reply #3 on: January 19, 2015, 04:14:43 PM »
Thanks

/Syv
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 9.x
  4. Topic: Clam problem