From: "Paul Smedley" Received: from [192.168.100.201] (HELO mail.2rosenthals.com) by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10) with ESMTPS id 8111004 for ecs-isp@2rosenthals.com; Thu, 12 Oct 2023 18:55:51 -0400 Received: from [192.168.200.201] (port=60708 helo=mail2.2rosenthals.com) by mail.2rosenthals.com with esmtp (Exim 4.96) (envelope-from ) id 1qr4ak-0002Hw-00 for ecs-isp@2rosenthals.com; Thu, 12 Oct 2023 18:55:42 -0400 Received: from cyan.elm.relay.mailchannels.net ([23.83.212.47]:23661) by mail2.2rosenthals.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1qr4aZ-0006MJ-1e for ecs-isp@2rosenthals.com; Thu, 12 Oct 2023 18:55:31 -0400 X-Sender-Id: perthwebhosting|x-authuser|paul@smedley.id.au Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 38D914C0C77; Thu, 12 Oct 2023 22:55:30 +0000 (UTC) Received: from colossiansvm.perthwebhosting.net.au (unknown [127.0.0.6]) (Authenticated sender: perthwebhosting) by relay.mailchannels.net (Postfix) with ESMTPA id 2CCE34C1220 for ; Thu, 12 Oct 2023 22:55:28 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1697151329; a=rsa-sha256; cv=none; b=RHtoeiMV9lt8sxzVi0ZV0bNxR5dzfvBIuzPU/Cbocycb3m+bYPOJ0Aqi6TOWb5deXY0h3N v39/JQse4nKYBX2AHvdBqoBgHlM4n6xNNFQeEZoTqC+EeO+ykv7TERWl5awj93ue7Q8ijB a4FtakJRdEP6uR2wPYnuafI7YbUcLfa0SQpXKip/iySbTCwLGINbErTPEuLtNLLkJLR8Az 6dCRm8o4so53+bjrDiDNkKHtukxMONMScZB4epiWzU5/fSbQ3mOXDSm4F97Gisaz3a3tfJ +B68+XHHAbjDjwsoEr8KFSKeTa2a/7M38bgtoMgT4Ua7ISzLkBqx4z4iBaZMIQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1697151329; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=z+Vsv+qRoQL+RXNYlqohUACv3DFIP9Bly8JoClCnnLc=; b=6gZq9cYopA7WmA+rMyv2YIBTao/4CudtdzXHv0YM3HBrVLH9kc7o+zoPcws+bECgyvPWgO lXieQPoRiPzHhO4ErG4Mf9Mw2z5HTVGb0KjCdLbh6Dp9so3AKHJ8R7v1eSq6ZbXIX/xkWV FvASJDMnuoxsEK4N1W0wox5Kt4P/e/iQ9h9b1Qf9BxtsFVjSBc6LX/j4dO/vPPLnACchhR XJcMtw9vfXCKrjkDyNS+kZ0CUSK/rA0ZcQktdJK1VNuY3lH4eL8kCGDPrcF98ZgyvS2p6l PZxQsXOfqn3dWEWy6DRFMLPYbWo5iPOBRUrBSZty5lHWq7GY7fD89f+6EmUQHw== ARC-Authentication-Results: i=1; rspamd-549cb46585-stmjm; auth=pass smtp.auth=perthwebhosting smtp.mailfrom=paul@smedley.id.au X-Sender-Id: perthwebhosting|x-authuser|paul@smedley.id.au X-MC-Relay: Neutral X-MC-Copy: stored-urls X-MailChannels-SenderId: perthwebhosting|x-authuser|paul@smedley.id.au X-MailChannels-Auth-Id: perthwebhosting X-Invention-Zesty: 5ec873a73dee59e7_1697151329832_810233884 X-MC-Loop-Signature: 1697151329832:3153792860 X-MC-Ingress-Time: 1697151329832 Received: from colossiansvm.perthwebhosting.net.au (colossiansvm.perthwebhosting.net.au [103.13.84.198]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.100.230.33 (trex/6.9.1); Thu, 12 Oct 2023 22:55:29 +0000 Received: from 218-215-61-148.sta.wbroadband.net.au ([218.215.61.148]:53472 helo=[192.168.1.159]) by colossiansvm.perthwebhosting.net.au with esmtpsa (TLS1.3) tls TLS_AES_128_GCM_SHA256 (Exim 4.96.1) (envelope-from ) id 1qr4aY-005V7p-1A for ecs-isp@2rosenthals.com; Fri, 13 Oct 2023 06:55:26 +0800 Content-Type: multipart/alternative; boundary="------------06t4C3xhutCsoV70qDhWJLWd" Message-ID: <0abb173f-92ec-4f56-a3d3-a5f142db20a6@smedley.id.au> Date: Fri, 13 Oct 2023 09:25:25 +1030 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [eCS-ISP] ClamAV To: eCS ISP Mailing List References: Content-Language: en-AU In-Reply-To: X-AuthUser: paul@smedley.id.au This is a multi-part message in MIME format. --------------06t4C3xhutCsoV70qDhWJLWd Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Hi Steven, On 12/10/23 06:37, Steven Levine wrote: > In, on 10/11/23 > at 06:45 PM, "Paul Smedley" said: > > There was no announcement - afair - I built it just for Max  and it > (apparently) worked  until clamav decided to stop generating updates > for  it. > Perhaps you pointed Massimo to it in a PM? IAC, once Massimo posted the > zip file it was easy to pull a copy. I already had a copy of 0.102.0 > pulled using the content of the exceptq report you posted. I  honestly don't remember any more :) >> I have no comments on clamscan from 0.102 -  given it can't refresh >> virus signatures  - I don't see the point of wasting any brain cycles on >> it. > Can't or won't. I'm not that familar with ClamAV. Both I think - at some point they claim to stop  supporting older version - perhaps there are differences  in the binary formats of the signatures? > FWIW, I spent some time with ClamAV here to see for myself how it fails. > > clamscan 0.103.6 using the 0.102.0 signatures seems to run without errors > here. Isn't it supposed to complain that the signatures are out of date > or is that just freshclam? I would have expected it to at least *warn* that the signatures are out of date. > Freshclam 0.103.6 fails with an SSL issue here. What .pem file is > freshclam looking for when it complains about: > > * error setting certificate verify locations: CAfile: > /etc/ssl/cacert.pem CApath: none > > If I create cacert.pem and make it read-only, the error changes to: > > ERROR: Download failed (77) ERROR: Message: Problem with the SSL CA > cert (path? access rights?) This will probably go away once I rebuild clamav 0.103.6 with rpm openssl. Build is running now. Cheers, Paul --------------06t4C3xhutCsoV70qDhWJLWd Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 8bit

Hi Steven,

On 12/10/23 06:37, Steven Levine wrote:
In <list-8103121@2rosenthals.com>, on 10/11/23
   at 06:45 PM, "Paul Smedley" <ecs-isp@2rosenthals.com> said:

There was no announcement - afair - I built it just for Max  and it 
(apparently) worked  until clamav decided to stop generating updates 
for  it.

Perhaps you pointed Massimo to it in a PM?  IAC, once Massimo posted the
zip file it was easy to pull a copy.  I already had a copy of 0.102.0
pulled using the content of the exceptq report you posted.

I  honestly don't remember any more :)

I have no comments on clamscan from 0.102 -  given it can't refresh 
virus signatures  - I don't see the point of wasting any brain cycles on
it.

Can't or won't.  I'm not that familar with ClamAV.

Both I think - at some point they claim to stop  supporting older version - perhaps there are differences  in the binary formats of the signatures?

FWIW, I spent some time with ClamAV here to see for myself how it fails.

clamscan 0.103.6 using the 0.102.0 signatures seems to run without errors
here.  Isn't it supposed to complain that the signatures are out of date
or is that just freshclam?
I would have expected it to at least *warn* that the signatures are out of date. 
Freshclam 0.103.6 fails with an SSL issue here.  What .pem file is
freshclam looking for when it complains about:

  * error setting certificate verify locations:  CAfile:
/etc/ssl/cacert.pem CApath: none

If I create cacert.pem and make it read-only, the error changes to:

  ERROR: Download failed (77) ERROR:  Message: Problem with the SSL CA
cert (path? access rights?)

This will probably go away once I rebuild clamav 0.103.6 with rpm openssl.

Build is running now.

Cheers,

Paul

--------------06t4C3xhutCsoV70qDhWJLWd--