ecs-isp@2rosenthals.com Messaggio archiviato #556 messaggio precedente messaggio successivo torna alla lista

Da: "Massimo S." <ecs-isp@2rosenthals.com> Intestazioni complete
Messaggio non codificato
Oggetto: Re: [eCS-ISP] ClamAV
Data: Tue, 10 Oct 2023 11:55:06 +0200
A: eCS ISP Mailing List <ecs-isp@2rosenthals.com>



Il 09/10/2023 23:42, Steven Levine ha scritto:
In <list-6581113@2rosenthals.com>, on 03/27/23
    at 09:40 AM, "Massimo S." <ecs-isp@2rosenthals.com> said:

Hi Massimo,

is there any news about ClamAV?

In case you are wondering why I have not answered you private emails
regarding the status of clamav, I have asked you multiple times to refain
from sending PM that don't actually contain private information.  I don't
know if you have chosen to ignore my requests or don't care enough to
honor them.

Typically I ignore these private emails, because I am more interested in
helping the community as a whole than specific individuals.

Please review ticket #775 and understand what Paul has said.  If you don't
understand the answers, it's on you to ask questions.

Also, if you want anyone to work on ticket #775, you need to correct the
omissions.

First, you neglected to clearly state which version of clamav you are
running.

Second, you neglected to check that the exceptq report included symbols.

Third, you neglected to indicate what, if anything, you tried to
workaround the freshclam failure.

Steven

Hi,

about 4 months passed so, sorry, but i've forgot a lot of staff.
The ticket was abandoned after i published the eQ dump and i had not more feedback.

Let's start again.


On the server it's still installed
ClamAV 0.102.0
freshclam: ClamAV 0.102.0/26074/Mon Feb  8 13:20:40 2021

What i use are only freshclam and clamscan executables to scan mailroot.

I use clamav DB + sanesecurity scam and phishing DB even now sanesecurity 2 DBs
still updates (they use rsync), but even clamscan 0.102.0 do not work anymore
and if i run the scan on the maildirs it exit or crash with

\USR\LOCAL\CLAMAV\BIN\CLAMSCAN.EXE (10/16/2019 12:06:11 3,938,904)

 Exception C0000005 - Access Violation

etc. etc..

So even scanning the mails with the old clamv signatures dated 7/2011 and the sanesecur.
signatures updated, that it's still better than nothing, do not work anymore.





Now let's talk about the 0.103.6 freshclam build by Paul.
clamav-0.103.6-os2-20220724.zip


As first i'm only trying freshclam to see if it correctly download updated signatures

version:  ClamAV 0.103.6/26074/Mon Feb  8 13:20:40 2021

it start downloading updates, but at a certain point it fails with this message:

WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.103.6 Recommended version: 0.103.10
WARNING: Stderr output from database load : realloc_problem: Not enough memory [...] X:\USR\LOCAL\CLAMAV\BIN\FRESHCLAM.EXE
ERROR: Database load killed by signal 9
ERROR: Database test FAILED.
ERROR: Unexpected error when attempting to update daily: Test failed
ERROR: Database update process failed: Test failed
ERROR: Update failed.


Executable:
24/07/22  1:28      3.056.116    124 a---  freshclam.exe


It produces no eQ trap, no entries in populog.os2, just display this
"realloc_problem: Not enough memory" and quit, it also delete the
temporary signatures files and only this files is let in the dest. dir:

freshclam.dat       61 10/10/23 11:37a



I hope to forget anything, i've also updated the ticket on mantis.

thanks a lot


massimo
Isriviti: Feed, Riassunto, Indice.
Disiscriviti
Scrivi a ListMaster