clamav (under amavis) not filtering out viruses!

Dino Edwards dino.edwards at mydirectmail.net
Thu Oct 15 15:27:24 CEST 2020


I would make a backup of the /var/clamav directory first and then I would delete the stale databases and then ensure clamav starts up and see if it's complaining about anything.


-----Original Message-----
From: amavis-users <amavis-users-bounces+dino.edwards=mydirectmail.net at amavis.org> On Behalf Of Nikolaos Milas
Sent: Thursday, October 15, 2020 9:20 AM
To: amavis-users at amavis.org
Subject: Re: clamav (under amavis) not filtering out viruses!

On 15/10/2020 3:48 μ.μ., Dino Edwards wrote:

> https://github.com/extremeshok/clamav-unofficial-sigs
>
> This has worked wonderfully for us.


Sounds great.

Should I first remove the stale databases installed by the legacy scamp script?

If so, is it sufficient to delete the undesired / stale databases from the db directory?

In this case I would delete everything below main.cld in the listing below:

======================================================================================
# ls -lt /var/clamav/
total 777108
drwxr-xr-x 6 clamav clamav      4096 Oct 15 12:14 tmp
-rw-rw-r-- 1 clamav clamav    181612 Oct 15 12:10 blurl.ndb
-rw-rw-r-- 1 clamav clamav    186688 Oct 15 12:10 jurlbla.ndb
-rw-rw-r-- 1 clamav clamav   2643313 Oct 15 12:10 jurlbl.ndb
-rw-rw-r-- 1 clamav clamav    372935 Oct 15 12:10 rogue.hdb
-rw-rw-r-- 1 clamav clamav   2005796 Oct 15 12:00 phishtank.ndb
-rw-rw-r-- 1 clamav clamav    639043 Oct 15 12:00 porcupine.ndb
-rw-rw-r-- 1 clamav clamav    226541 Oct 15 11:11 foxhole_filename.cdb
-rw------- 1 clamav clamav      3692 Oct 15 04:02 mirrors.dat
-rw-r--r-- 1 clamav clamav 346183680 Oct 15 04:02 daily.cld
-rw-rw-r-- 1 clamav clamav   1925105 Oct 14 17:09 scam.ndb
-rw-rw-r-- 1 clamav clamav   7502124 Oct 14 13:10 junk.ndb
-rw-rw-r-- 1 clamav clamav       260 Oct 12 11:13 sigwhitelist.ign2
-rw-rw-r-- 1 clamav clamav   4137409 Sep 28 18:10 phish.ndb
srw-r--r-- 1 clamav clamav         0 Sep 18 00:49 clmilter.socket
-rw-rw-r-- 1 clamav clamav     51865 Sep 11 13:09 foxhole_generic.cdb
-rw-rw-r-- 1 clamav clamav     19115 Feb 12  2020 spamimg.hdb
-rw-rw-r-- 1 clamav clamav     14709 Nov 26  2019 winnow_malware_links.ndb
-rw-r--r-- 1 clamav clamav 307403264 Nov 26  2019 main.cld
-rw-rw-r-- 1 clamav clamav      3448 Oct 27  2019 bofhland_cracked_URL.ndb
-rw-rw-r-- 1 clamav clamav      9676 Oct 27  2019 bofhland_phishing_URL.ndb
-rw-rw-r-- 1 clamav clamav       610 Oct 27  2019 bofhland_malware_URL.ndb
-rw-rw-r-- 1 clamav clamav    245189 Oct  3  2019 lott.ndb
-rw-r--r-- 1 clamav clamav   1458176 Sep 20  2019 bytecode.cld
-rw-rw-r-- 1 clamav clamav       115 Aug 15  2019 spear.ndb
-rw-rw-r-- 1 clamav clamav       115 Nov 27  2018 spearl.ndb
-rw-rw-r-- 1 clamav clamav   5379419 Nov 14  2018 scamnailer.ndb
-rw-rw-r-- 1 clamav clamav      6577 Nov 13  2018 winnow_phish_complete_url.ndb
-rw-rw-r-- 1 clamav clamav     14825 Jul 16  2018 winnow.attachments.hdb
-rw-rw-r-- 1 clamav clamav     18189 Mar  5  2018 winnow_malware.hdb
-rw-rw-r-- 1 clamav clamav     16271 Feb 26  2018 winnow_extended_malware.hdb
-rw-rw-r-- 1 clamav clamav      1391 Apr 28  2017 spamattach.hdb
-rw-rw-r-- 1 clamav clamav     11098 Oct 18  2016 sanesecurity.ftm
-rw-rw-r-- 1 clamav clamav       556 Oct  6  2016 spam.ldb
-rw-rw-r-- 1 clamav clamav        82 Jul 13  2016 crdfam.clamav.hdb
-rw-rw-r-- 1 clamav clamav        66 Jul 21  2015 winnow_bad_cw.hdb
-rw-rw-r-- 1 clamav clamav  27900334 Apr 22  2015 securiteinfohtml.hdb
-rw-rw-r-- 1 clamav clamav  86032796 Apr 22  2015 securiteinfo.hdb
-rw-rw-r-- 1 clamav clamav     51819 Feb 25  2015 securiteinfopdf.hdb
-rw-rw-r-- 1 clamav clamav     75040 Jan 21  2014 securiteinfoelf.hdb
-rw-rw-r-- 1 clamav clamav    391274 Nov 28  2013 securiteinfodos.hdb
-rw-rw-r-- 1 clamav clamav       159 Sep 19  2013 winnow_extended_malware_links.ndb
-rw-rw-r-- 1 clamav clamav        65 Jul 25  2013 doppelstern.hdb
-rw-rw-r-- 1 clamav clamav       185 Jul 25  2013 doppelstern.ndb
-rw-rw-r-- 1 clamav clamav    264154 Jan 15  2013 securiteinfooffice.hdb
-rw-rw-r-- 1 clamav clamav       660 Oct  2  2012 winnow.complex.patterns.ldb
-rw-rw-r-- 1 clamav clamav     29520 Aug 21  2012 securiteinfosh.hdb
-rw-rw-r-- 1 clamav clamav    200405 Aug 21  2012 securiteinfobat.hdb
-rw-rw-r-- 1 clamav clamav     22549 Feb 15  2012 honeynet.hdb ======================================================================================

Please clarify!

Thanks,
Nick



More information about the amavis-users mailing list