Advise please

Dave Filchak submit at zuka.net
Mon Jan 11 16:39:55 GMT 2010 

Jules,

Basically, what I have done is remove all references to clam* from 
/usr/loca/bin and sbin. I already had the latest clamd installed under 
/usr/bin and /usr/sbin. Updated the references under virus.scanners.conf 
to point to the clamd installation under /usr/sbin and mad sure the 
/etc/clamd.conf and MailScanner.conf socket directory entries were both 
set to /tmp/ However, when I run MailScanner --lint, it says:


===========================================================================
Filename Checks: Windows/DOS Executable (1 eicar.com)
Other Checks: Found 1 problems
Virus and Content Scanning: Starting
Cannot find Socket (/tmp/clamd.socket) Exiting! at 
/usr/lib/MailScanner/MailScanner/SweepViruses.pm line 3689

The socket file is indeed in /tmp so why can't it find it? Also, 
confused about the previous entry:

MailScanner.conf says "Virus Scanners = clamd"
Found these virus scanners installed: clamavmodule

Shouldn't the second line say clamd as well?

Dave

On 11/01/2010 7:00 AM, Jules Field wrote:
> Find every directory and file under /usr/local whose name mentions 
> "clam" in it anywhere, and delete it.
> Then install the clamd and related RPMs from packages.sw.be and make 
> sure your /etc/clamd.conf contains the same socket location as your 
> MailScanner.conf file does, or else they won't talk to each other. 
> Also change your virus.scanners.conf to point to the new location and 
> not /usr/local or whatever it says now.
>
> "MailScanner --lint" will show you if your setup is basically correct, 
> it should find some viruses in its test message and complete without 
> any errors.
>
> Jules
>
> On 10/01/2010 20:17, Dave Filchak wrote:
>> I have come to realize that I have two versions of clamscan and two 
>> versions of freshclam installed on my machine. This after getting the 
>> "Your ClamAV Installation is OUTDATED". As well, have duplicate 
>> libraries, two versions of clamd etc. I would like advise as to how 
>> to clean this up and get it down to only one of each. I am using 
>> clamd for scanning.
>>
>> I would prefer to use rpms for this but am not adverse to compiling 
>> things. I am only one taking care of the servers and have lots of 
>> other things on the go so quick and efficient is always good. Below 
>> are the specs. I know the OS is old and needs to be updated. All are 
>> scheduled to be replaced this year but may be later in the year so 
>> would like to get things in the proper place, not duplicated and easy 
>> to update until I have a new machine and a chance to deal with it.
>>
>> Had another fellow doing this before but now is just myself. All help 
>> is very much appreciated.
>>
>> Let me know if any more info is required.
>>
>> Cheers,
>>
>> Dave
>>
>> whereis clamav
>> clamav: /usr/include/clamav.h
>>
>> whereis clamd
>> clamd: /usr/sbin/clamd /etc/clamd.conf /usr/local/sbin/clamd 
>> /usr/local/etc/clamd.conf /usr/share/man/man8/clamd.8.gz
>>
>> whereis freshclam
>> freshclam: /usr/bin/freshclam /etc/freshclam.conf 
>> /usr/local/bin/freshclam /usr/local/etc/freshclam.conf 
>> /usr/share/man/man1/freshclam.1.gz
>>
>> whereis clamscan
>> clamscan: /usr/bin/clamscan /usr/local/bin/clamscan 
>> /usr/share/man/man1/clamscan.1.gz
>>
>> ldd /usr/bin/freshclam
>>         libclamav.so.6 => /usr/lib64/libclamav.so.6 (0x0000002a95568000)
>>         libz.so.1 => /usr/local/lib/libz.so.1 (0x0000002a9573c000)
>>         libresolv.so.2 => /lib64/libresolv.so.2 (0x0000003c30300000)
>>         libpthread.so.0 => /lib64/tls/libpthread.so.0 
>> (0x0000003c2f500000)
>>         libc.so.6 => /lib64/tls/libc.so.6 (0x0000003c2ec00000)
>>         libbz2.so.1 => /usr/lib64/libbz2.so.1 (0x0000003c36a00000)
>>         libdl.so.2 => /lib64/libdl.so.2 (0x0000003c2ef00000)
>>         /lib64/ld-linux-x86-64.so.2 (0x0000003c2ea00000)
>>
>> ldd /usr/local/bin/freshclam
>>         libclamav.so.4 => /usr/local/lib/libclamav.so.4 
>> (0x0000002a95568000)
>>         libz.so.1 => /usr/local/lib/libz.so.1 (0x0000002a95704000)
>>         libresolv.so.2 => /lib64/libresolv.so.2 (0x0000003c30300000)
>>         libpthread.so.0 => /lib64/tls/libpthread.so.0 
>> (0x0000003c2f500000)
>>         libc.so.6 => /lib64/tls/libc.so.6 (0x0000003c2ec00000)
>>         libgmp.so.3 => /usr/lib64/libgmp.so.3 (0x0000003c30900000)
>>         libclamunrar_iface.so.4 => 
>> /usr/local/lib/libclamunrar_iface.so.4 (0x0000002a9581b000)
>>         libbz2.so.1 => /usr/lib64/libbz2.so.1 (0x0000003c36a00000)
>>         /lib64/ld-linux-x86-64.so.2 (0x0000003c2ea00000)
>>         libclamunrar.so.4 => /usr/local/lib/libclamunrar.so.4 
>> (0x0000002a9591e000)
>>
>> MailScanner -V
>> Running on
>> Linux  2.6.9-34.ELsmp #1 SMP Thu Mar 9 06:23:23 GMT 2006 x86_64 
>> x86_64 x86_64 GNU/Linux
>> This is CentOS release 4.3 (Final)
>> This is Perl version 5.008005 (5.8.5)
>>
>> This is MailScanner version 4.78.17
>> Module versions are:
>> 1.00    AnyDBM_File
>> 1.20    Archive::Zip
>> 0.23    bignum
>> 1.03    Carp
>> 2.005   Compress::Zlib
>> 1.119   Convert::BinHex
>> 0.17    Convert::TNEF
>> 2.121   Data::Dumper
>> 2.27    Date::Parse
>> 1.00    DirHandle
>> 1.05    Fcntl
>> 2.73    File::Basename
>> 2.08    File::Copy
>> 2.01    FileHandle
>> 1.06    File::Path
>> 0.20    File::Temp
>> 0.78    Filesys::Df
>> 1.35    HTML::Entities
>> 3.56    HTML::Parser
>> 2.37    HTML::TokeParser
>> 1.23    IO
>> 1.14    IO::File
>> 1.13    IO::Pipe
>> 2.04    Mail::Header
>> 1.89    Math::BigInt
>> 0.22    Math::BigRat
>> 3.05    MIME::Base64
>> 5.427   MIME::Decoder
>> 5.427   MIME::Decoder::UU
>> 5.427   MIME::Head
>> 5.427   MIME::Parser
>> 3.03    MIME::QuotedPrint
>> 5.427   MIME::Tools
>> 0.13    Net::CIDR
>> 1.25    Net::IP
>> 0.16    OLE::Storage_Lite
>> 1.04    Pod::Escapes
>> 3.05    Pod::Simple
>> 1.08    POSIX
>> 1.19    Scalar::Util
>> 1.77    Socket
>> 2.16    Storable
>> 1.4     Sys::Hostname::Long
>> 0.27    Sys::Syslog
>> 1.26    Test::Pod
>> 0.6     Test::Simple
>> 1.68    Time::HiRes
>> 1.02    Time::localtime
>>
>> Optional module versions are:
>> 1.32    Archive::Tar
>> 0.23    bignum
>> 1.82    Business::ISBN
>> 1.10    Business::ISBN::Data
>> 1.08    Data::Dump
>> 1.814   DB_File
>> 1.25    DBD::SQLite
>> 1.607   DBI
>> 1.10    Digest
>> 1.01    Digest::HMAC
>> 2.36    Digest::MD5
>> 2.11    Digest::SHA1
>> 1.00    Encode::Detect
>> 0.17008 Error
>> 0.19    ExtUtils::CBuilder
>> 2.18    ExtUtils::ParseXS
>> 2.38    Getopt::Long
>> 0.44    Inline
>> 1.08    IO::String
>> 1.04    IO::Zlib
>> 2.21    IP::Country
>> 0.22    Mail::ClamAV
>> 3.002005        Mail::SpamAssassin
>> v2.004  Mail::SPF
>> 1.999001        Mail::SPF::Query
>> 0.2808  Module::Build
>> 0.20    Net::CIDR::Lite
>> 0.65    Net::DNS
>> 0.002.2 Net::DNS::Resolver::Programmable
>> 0.31    Net::LDAP
>>  4.004  NetAddr::IP
>> 1.94    Parse::RecDescent
>> missing SAVI
>> 2.52    Test::Harness
>> 0.95    Test::Manifest
>> 1.98    Text::Balanced
>> 1.35    URI
>> 0.7203  version
>> 0.65    YAML
>>
>
> Jules
>

More information about the MailScanner mailing list