Advise please

Dave Filchak submit at zuka.net
Mon Jan 11 16:54:24 GMT 2010


Ignore my last email around the socket. My bad ... typo :-(  Damn these 
fingers!!

Dave

On 11/01/2010 11:39 AM, Dave Filchak wrote:
> Jules,
>
> Basically, what I have done is remove all references to clam* from 
> /usr/loca/bin and sbin. I already had the latest clamd installed under 
> /usr/bin and /usr/sbin. Updated the references under 
> virus.scanners.conf to point to the clamd installation under /usr/sbin 
> and mad sure the /etc/clamd.conf and MailScanner.conf socket directory 
> entries were both set to /tmp/ However, when I run MailScanner --lint, 
> it says:
>
>
> =========================================================================== 
>
> Filename Checks: Windows/DOS Executable (1 eicar.com)
> Other Checks: Found 1 problems
> Virus and Content Scanning: Starting
> Cannot find Socket (/tmp/clamd.socket) Exiting! at 
> /usr/lib/MailScanner/MailScanner/SweepViruses.pm line 3689
>
> The socket file is indeed in /tmp so why can't it find it? Also, 
> confused about the previous entry:
>
> MailScanner.conf says "Virus Scanners = clamd"
> Found these virus scanners installed: clamavmodule
>
> Shouldn't the second line say clamd as well?
>
> Dave
>
> On 11/01/2010 7:00 AM, Jules Field wrote:
>> Find every directory and file under /usr/local whose name mentions 
>> "clam" in it anywhere, and delete it.
>> Then install the clamd and related RPMs from packages.sw.be and make 
>> sure your /etc/clamd.conf contains the same socket location as your 
>> MailScanner.conf file does, or else they won't talk to each other. 
>> Also change your virus.scanners.conf to point to the new location and 
>> not /usr/local or whatever it says now.
>>
>> "MailScanner --lint" will show you if your setup is basically 
>> correct, it should find some viruses in its test message and complete 
>> without any errors.
>>
>> Jules
>>
>> On 10/01/2010 20:17, Dave Filchak wrote:
>>> I have come to realize that I have two versions of clamscan and two 
>>> versions of freshclam installed on my machine. This after getting 
>>> the "Your ClamAV Installation is OUTDATED". As well, have duplicate 
>>> libraries, two versions of clamd etc. I would like advise as to how 
>>> to clean this up and get it down to only one of each. I am using 
>>> clamd for scanning.
>>>
>>> I would prefer to use rpms for this but am not adverse to compiling 
>>> things. I am only one taking care of the servers and have lots of 
>>> other things on the go so quick and efficient is always good. Below 
>>> are the specs. I know the OS is old and needs to be updated. All are 
>>> scheduled to be replaced this year but may be later in the year so 
>>> would like to get things in the proper place, not duplicated and 
>>> easy to update until I have a new machine and a chance to deal with it.
>>>
>>> Had another fellow doing this before but now is just myself. All 
>>> help is very much appreciated.
>>>
>>> Let me know if any more info is required.
>>>
>>> Cheers,
>>>
>>> Dave
>>>
>>> whereis clamav
>>> clamav: /usr/include/clamav.h
>>>
>>> whereis clamd
>>> clamd: /usr/sbin/clamd /etc/clamd.conf /usr/local/sbin/clamd 
>>> /usr/local/etc/clamd.conf /usr/share/man/man8/clamd.8.gz
>>>
>>> whereis freshclam
>>> freshclam: /usr/bin/freshclam /etc/freshclam.conf 
>>> /usr/local/bin/freshclam /usr/local/etc/freshclam.conf 
>>> /usr/share/man/man1/freshclam.1.gz
>>>
>>> whereis clamscan
>>> clamscan: /usr/bin/clamscan /usr/local/bin/clamscan 
>>> /usr/share/man/man1/clamscan.1.gz
>>>
>>> ldd /usr/bin/freshclam
>>>         libclamav.so.6 => /usr/lib64/libclamav.so.6 
>>> (0x0000002a95568000)
>>>         libz.so.1 => /usr/local/lib/libz.so.1 (0x0000002a9573c000)
>>>         libresolv.so.2 => /lib64/libresolv.so.2 (0x0000003c30300000)
>>>         libpthread.so.0 => /lib64/tls/libpthread.so.0 
>>> (0x0000003c2f500000)
>>>         libc.so.6 => /lib64/tls/libc.so.6 (0x0000003c2ec00000)
>>>         libbz2.so.1 => /usr/lib64/libbz2.so.1 (0x0000003c36a00000)
>>>         libdl.so.2 => /lib64/libdl.so.2 (0x0000003c2ef00000)
>>>         /lib64/ld-linux-x86-64.so.2 (0x0000003c2ea00000)
>>>
>>> ldd /usr/local/bin/freshclam
>>>         libclamav.so.4 => /usr/local/lib/libclamav.so.4 
>>> (0x0000002a95568000)
>>>         libz.so.1 => /usr/local/lib/libz.so.1 (0x0000002a95704000)
>>>         libresolv.so.2 => /lib64/libresolv.so.2 (0x0000003c30300000)
>>>         libpthread.so.0 => /lib64/tls/libpthread.so.0 
>>> (0x0000003c2f500000)
>>>         libc.so.6 => /lib64/tls/libc.so.6 (0x0000003c2ec00000)
>>>         libgmp.so.3 => /usr/lib64/libgmp.so.3 (0x0000003c30900000)
>>>         libclamunrar_iface.so.4 => 
>>> /usr/local/lib/libclamunrar_iface.so.4 (0x0000002a9581b000)
>>>         libbz2.so.1 => /usr/lib64/libbz2.so.1 (0x0000003c36a00000)
>>>         /lib64/ld-linux-x86-64.so.2 (0x0000003c2ea00000)
>>>         libclamunrar.so.4 => /usr/local/lib/libclamunrar.so.4 
>>> (0x0000002a9591e000)
>>>
>>> MailScanner -V
>>> Running on
>>> Linux  2.6.9-34.ELsmp #1 SMP Thu Mar 9 06:23:23 GMT 2006 x86_64 
>>> x86_64 x86_64 GNU/Linux
>>> This is CentOS release 4.3 (Final)
>>> This is Perl version 5.008005 (5.8.5)
>>>
>>> This is MailScanner version 4.78.17
>>> Module versions are:
>>> 1.00    AnyDBM_File
>>> 1.20    Archive::Zip
>>> 0.23    bignum
>>> 1.03    Carp
>>> 2.005   Compress::Zlib
>>> 1.119   Convert::BinHex
>>> 0.17    Convert::TNEF
>>> 2.121   Data::Dumper
>>> 2.27    Date::Parse
>>> 1.00    DirHandle
>>> 1.05    Fcntl
>>> 2.73    File::Basename
>>> 2.08    File::Copy
>>> 2.01    FileHandle
>>> 1.06    File::Path
>>> 0.20    File::Temp
>>> 0.78    Filesys::Df
>>> 1.35    HTML::Entities
>>> 3.56    HTML::Parser
>>> 2.37    HTML::TokeParser
>>> 1.23    IO
>>> 1.14    IO::File
>>> 1.13    IO::Pipe
>>> 2.04    Mail::Header
>>> 1.89    Math::BigInt
>>> 0.22    Math::BigRat
>>> 3.05    MIME::Base64
>>> 5.427   MIME::Decoder
>>> 5.427   MIME::Decoder::UU
>>> 5.427   MIME::Head
>>> 5.427   MIME::Parser
>>> 3.03    MIME::QuotedPrint
>>> 5.427   MIME::Tools
>>> 0.13    Net::CIDR
>>> 1.25    Net::IP
>>> 0.16    OLE::Storage_Lite
>>> 1.04    Pod::Escapes
>>> 3.05    Pod::Simple
>>> 1.08    POSIX
>>> 1.19    Scalar::Util
>>> 1.77    Socket
>>> 2.16    Storable
>>> 1.4     Sys::Hostname::Long
>>> 0.27    Sys::Syslog
>>> 1.26    Test::Pod
>>> 0.6     Test::Simple
>>> 1.68    Time::HiRes
>>> 1.02    Time::localtime
>>>
>>> Optional module versions are:
>>> 1.32    Archive::Tar
>>> 0.23    bignum
>>> 1.82    Business::ISBN
>>> 1.10    Business::ISBN::Data
>>> 1.08    Data::Dump
>>> 1.814   DB_File
>>> 1.25    DBD::SQLite
>>> 1.607   DBI
>>> 1.10    Digest
>>> 1.01    Digest::HMAC
>>> 2.36    Digest::MD5
>>> 2.11    Digest::SHA1
>>> 1.00    Encode::Detect
>>> 0.17008 Error
>>> 0.19    ExtUtils::CBuilder
>>> 2.18    ExtUtils::ParseXS
>>> 2.38    Getopt::Long
>>> 0.44    Inline
>>> 1.08    IO::String
>>> 1.04    IO::Zlib
>>> 2.21    IP::Country
>>> 0.22    Mail::ClamAV
>>> 3.002005        Mail::SpamAssassin
>>> v2.004  Mail::SPF
>>> 1.999001        Mail::SPF::Query
>>> 0.2808  Module::Build
>>> 0.20    Net::CIDR::Lite
>>> 0.65    Net::DNS
>>> 0.002.2 Net::DNS::Resolver::Programmable
>>> 0.31    Net::LDAP
>>>  4.004  NetAddr::IP
>>> 1.94    Parse::RecDescent
>>> missing SAVI
>>> 2.52    Test::Harness
>>> 0.95    Test::Manifest
>>> 1.98    Text::Balanced
>>> 1.35    URI
>>> 0.7203  version
>>> 0.65    YAML
>>>
>>
>> Jules
>>


More information about the MailScanner mailing list