Would be recommended to upgrade to 3.7.

Ok i have mine installed and working but i have a problem here is a post from others i have posted on.


hello all i have a question i just ran my scanner on server like so cd / then clamscan -r to scann all not just root. WEll if finds 3 infected files. i went to the logs to see which fiels are infected and it was empty so i tried this to see if it would make me a log clamscan -r > /home/gride/clamv.log it made the file but it was empty still. is there another way i can go find which files are infected or another way of doing this to log?

Or anyother help on this would make my day. I must find these viruses.

If i run it and then run it again after the first one the 3 infected are still there i figured it would clean them


Thanks

Is it working for cpanel as well?

Is it working in cpanel too?

This is for Ensim 3.1 & 3.5, not cPanel. There is a separate howto for cPanel.

Is it me or are the links to dl the rpm's dead?

I'm having the exact same problem as zorka did. This was actually working great until we did a reboot last thursday and have not been getting ANY external mail since.

Here is my exact error message


How do I reinstall the perl-MIME_Parser RPM? is there a how to?

sorry if it is a dumb question.

here is the new working links

Ensim Pro 3.5.x
http://download.cheetaweb.com/mailscanner/...it-3.5.0.tar.gz

Ensim 3.1.x
http://download.cheetaweb.com/mailscanner/...t-0.2.72.tar.gz

... I recommand to everyone update there software after install..

last mailscanner version is 4.30.3 (follow the link here to upgrade to the 4.29 version... download the new file for 4.30.3 and use the same instructions...
http://forum.ev1servers.net/showthread.php...scanner+upgrade

last clamav is 0.70
http://forum.ev1servers.net/showthread.php...5027#post275027

last spamassassin is 2.63
http://forum.ev1servers.net/showthread.php...amassassin+2.63

those 3 changes catch more viruses and is way more wiser !

i've got this error !!!!!!!!!!!!!!
can someone tell we what's wrong ??

ClamAV update process started at Tue May 18 12:06:56 2004
Reading CVD header (main.cvd): OK
ERROR: Can't open new file ./clamav-7ea7c36e2b48e991 to write
open: Permission denied
ERROR: Can't download main.cvd from 200.68.106.39

i've got this error !!!!!!!!!!!!!!
can someone tell we what's wrong ??

ClamAV update process started at Tue May 18 12:06:56 2004
Reading CVD header (main.cvd): OK
ERROR: Can't open new file ./clamav-7ea7c36e2b48e991 to write
open: Permission denied
ERROR: Can't download main.cvd from 200.68.106.39

i've got this error !!!!!!!!!!!!!!
can someone tell we what's wrong ??

ClamAV update process started at Tue May 18 12:06:56 2004
Reading CVD header (main.cvd): OK
ERROR: Can't open new file ./clamav-7ea7c36e2b48e991 to write
open: Permission denied
ERROR: Can't download main.cvd from 200.68.106.39

hi mcnightmare does all the how''s to upgrade work on Ensim 3.5.x

I'll find out soon.

I'm going to try it on one of my hosting servers sometime this week.

I read in another post that as of Ensim 3.7, support for ClamAV and spam filtering is integrated into the system and accessible on the user-account level.

Can anyone comment on their experiences with this system?

I'm interested in comparing the AV/AS performance of the new Ensim product against the well-known gpan kit to add that functionality to Ensim 3.5 and below.

I'm having a hell of a time with MailScanner. First problem:

I restarted my rack and none of my domains receive email anymore.
So I restarted MailScanner, sendmail and that didn't do it.
I noticed that there's a MUCH newer version of MailScanner and SpamAssassin than I had installed so I tried to install them but now I'm getting this:

# service MailScanner start
Can't open /etc/MailScanner/MailScanner.conf: No such file or directory.
/etc/init.d/MailScanner: [: =: unary operator expected
Starting MailScanner daemons:
incoming : /etc/init.d/MailScanner: [: =: unary operator expected
/etc/init.d/MailScanner: [: =: unary operator expected
/etc/init.d/MailScanner: [: =: unary operator expected
/etc/init.d/MailScanner: [: =: unary operator expected
[FAILED]
Invalid MTA in /etc/sysconfig/MailScanner
outgoing : /etc/init.d/MailScanner: [: =: unary operator expected
/etc/init.d/MailScanner: [: =: unary operator expected
/etc/init.d/MailScanner: [: =: unary operator expected
/etc/init.d/MailScanner: [: =: unary operator expected
[FAILED]
Invalid MTA in /etc/sysconfig/MailScanner
MailScanner: Can't locate MailScanner/Config.pm in @INC (@INC contains: /usr/lib/MailScanner /usr/lib/perl5/5.6.0/i386-linux /usr/lib/perl5/5.6.0 /usr/lib/perl5/site_perl/5.6.0/i386-linux /usr/lib/perl5/site_perl/5.6.0 /usr/lib/perl5/site_perl . /usr/lib/MailScanner) at /usr/sbin/MailScanner line 42.
BEGIN failed--compilation aborted at /usr/sbin/MailScanner line 42.
[ OK ]

Does anyone know how to do this one?
I read some conflicting stories still if you upgrade to 0.70

Please help as the virus databases are not there anymore.

R

Does anyone know how to do this one?
I read some conflicting stories still if you upgrade to 0.70

Please help as the virus databases are not there anymore.

R

OOPS browser got stuck!!!

R

Here is what I did to upgrade clamav to 0.75.1 and seems to be working fine ! Use it at your own risk.

1. First, make a backup of the files "/etc/init.d/clamd", "/etc/cron.daily/clamav" and "/etc/clamav.conf" which will be used later.

2. Remove all of gpans rpms

#rpm -e clamav clamav-database clamav-static clamav-libs clamav-devel

3. Create the "clamav" user and group.

#groupadd clamav
#useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav

4. Get the source files and install it:

#cd /tmp
#wget http://unc.dl.sourceforge.net/sourceforge/...v-0.75.1.tar.gz
#tar -xvzf clamav-0.75.1.tar.gz
#cd clamav-0.75.1
#./configure --prefix=/usr --sysconfdir=/etc
#make
#make check
#make install

5. Copy the "etc/clamav.conf" file to "/etc/clamav.conf" if not present already.

#cp etc/clamav.conf /etc/clamav.conf

6. Merge the old backed up configuration to the new one manually.

7. Note the placement of the log file, pid file, database directory and local socket file. In mine the log is located as "/var/log/clamd.log", pid file is located as "/var/run/clamd/clamd.pid", the database in "/usr/share/clamav" directory and local socket as "/tmp/clamd".

8. Create the "/var/run/clamd" directory and change owner permissions.

#mkdir /var/run/clamd
#chown clamav /var/run/clamd

9. Next create the "/var/log/clamav.log" file and change owner and file permissions.

#touch /var/log/clamav.log
#chown clamav /var/log/clamav.log
#chmod 600 /var/log/clamav.log

10. Put the "/etc/init.d/clamd" and "/etc/cron.daily/clamav" files in place.
Note: I had to edit the "/etc/init.d/clamd" file to reflect the right location of the clamd.pid file. With the current MailScanner it is not necessary to do a daily cron, because MailScanner automatically checks for freshclam every hour. Check your "/var/log/maillog" for this.

11. Run clamd daemon.
Note: You may need to remove the old clamd socket if it still exists, `rm /tmp/clamd`.

#service clamd restart

12. Update your virus database

#/usr/bin/freshclam -l /var/log/clamav.log --daemon-notify

13. Check your logs "/var/log/clamav.log" and "/var/log/clamd.log" for any errors and the status of clamd.

14. Edit the MailScanner's "/usr/lib/MailScanner/clamav-autoupdate" file to reflect the correct location of "freshclam" and "log" file.

Change: $ClamUpdateCommand = "/usr/local/bin/freshclam";
to: $ClamUpdateCommand = "/usr/bin/freshclam";

Change: $LogFile = "/tmp/ClamAV.update.log";
To: $LogFile = "/var/log/clamav.log";

15. Restart MailScanner.

#service MailScanner restart

I have put this together from what I recall and going through my history... so if I have missed out anything please feel free to correct it.

Thanks sushil2000

I can confirm that the above does seem to work - I'm getting my database updated again.

As for what happens at 4.02 am - ask me tomorrow .........

I had forgotten to mention the step 14 above and have edited my post to include:

Relevant lines in my clamav-autoupdate file:

============================

$PackageDir = shift || "/usr/local";

$LogFile = "/tmp/ClamAV.update.log";

$ClamUpdateCommand = "$PackageDir/bin/freshclam";

$LockFile = "/tmp/ClamAVBusy.lock";

=============================

So I presume change

$PackageDir = shift || "/usr/local";

to

$PackageDir = shift || "/usr";

Although a tail -f /var/log/clamav.log gives me:

ClamAV update process started at Wed Sep 8 04:15:00 2004
main.cvd is up to date (version: 26, sigs: 22925, f-level: 2, builder: tomek)
daily.cvd is up to date (version: 481, sigs: 1028, f-level: 2, builder: tomek)

That date/time would be correct for last cron.daily request. So does this mean the freshclam is ok as it stands without editing??

Thanks

With the current MailScanner it is not necessary to do a daily cron, because MailScanner automatically checks for freshclam every hour. Check your "/var/log/maillog" for this.

May want to edit: $LogFile = "/tmp/ClamAV.update.log";
To: $LogFile = "/var/log/clamav.log";

Maxdown,
can you please show what you did with the part number 6 ?

Thanks R

For safety's sake, rather than simply merging via command line using sdiff, I just opened two sessions and opened both versions of the files to see them side by side.

I made sure that the values from the older backed up file were entered into the relevant matching strings in the new file - any new variable strings on the new file I left alone or edited accordingly.

Sloppy .... but it worked ...

From the FAQ at http://www.sng.ecs.soton.ac.uk/mailscanner...e/cache/38.html you don't even need to configure "clamav.conf" file since MailScanner doesn't use the clamd daemon.

I must have messed up something.

I cannot see where the clamd.pid is.

Also where do I edit the
/etc/init.d/clamd to reflect the clamd.pid location
in step 10?


Thanks
R


Edit:
I received this

ERROR: Problem with internal logger.
ERROR: Can't open /var/log/clam-update.log in append mode.

What can I do?
Apparently the mail is being scanned correctly but clamd deamon cannot start.
Can you advise?

R

MailScanner does not require the clamd daemon to be running. Reference the link above.

Set the ownership of the log file to "clamav", `chown clamav /var/log/clam-update.log`.

Hi every one.

I have email that has had its attachment removed from a customer. How do I get the attachment and allow it to be sent to the customer?

Thank you for your help.

Brett

If you're running on cPanel, you can follow my instructions:
http://forums.cpanel.net/showthread.php?p=...0607#post130607

HI,

No i am running Ensim

Brett

Anybody knows what the following error means ? "savemail panic"

Losing ./qfi9EB4VlC031079: savemail panic: 1 Time(s)
Losing ./qfi9EBLSHf004315: savemail panic: 1 Time(s)
Losing ./qfi9EJusge008694: savemail panic: 1 Time(s)
Losing ./qfi9EFQXjf018347: savemail panic: 1 Time(s)
Losing ./qfi9EEmS1H005752: savemail panic: 1 Time(s)
Losing ./qfi9E6Ydel008279: savemail panic: 1 Time(s)
Losing ./qfi9EBWQb3007428: savemail panic: 1 Time(s)
Losing ./qfi9EIkG25018548: savemail panic: 1 Time(s)

Means you removed the postmaster alias, probably --- very bad idea.

How can I update to this version (0.80) if I do not have a rpm installation?
Can I do
up2date -u clamav
now?


R

does this group of RPMs work on an plain redhat 9 installation?

I'm wondering before messing something up considering the pre and post-install script may try to modify things that don't exist on a non-ensim box

regards

Hi,

I have this email been coming to me about 1,000 times a day with the subject: Merry Christmas.

I want Spamassasin to delete/block all email that have this subject, does Spamassasin have the ability to do this? Thanks

Paul

SpamAssassin doesn't no. All SpamAssassin is for is to score an email as to how likely it is spam.

If you want to block email, then you can install MailScanner and an anti-virus app, as this thread described (or use my installer scripts) which will trap viruses for you which you can have deleted.

If it's just a particular email you want blocking, then you can use cPanel Filters.

Hi I have a problem with MailScanner. Everything was ok but I had to remove MailScanner (rpm -e mailscanner) and reinstall it again. Now at the end of installation I have an error:


------------------------------------------------------------------------------------
Preparing... ########################################### [100%]
1:mailscanner ########################################### [100%]
Configuring Clam Antivirus Integration
Configuring SpamAssassin Integration

To activate MailScanner run the following commands:

service sendmail stop
chkconfig sendmail off
chkconfig --level 2345 MailScanner on
service MailScanner start

service MailScanner does not support chkconfig
FAILURE:
Please do the following:
1. Consult /var/log/appliance/setup.err for the description and /var/log/appliance/setup.log for the detail.
2. Try to address the problem.
3. Run the setup script again.
error: %trigger(webppliance-mailscanner-4.0.2-6.rhel) scriptlet failed, exit status 1
------------------------------------------------------------------------------------


and just can't even start, restart or stop Mailscanner couse:


service MailScanner restart
Cannot open config file restart, No such file or directory at /usr/lib/MailScanner/MailScanner/Config.pm line 577.


in var/log/appliance/setup.err


[Fri Jan 21 00:57:10 CET 2005] [failure] mailscanner Creating symlink to Ensim Sys V Init script

and in var/log/appliance/setup.log


Failed to execute: "/sbin/chkconfig --add MailScanner".
[Fri Jan 21 01:06:09 CET 2005] [warning] mailscanner previous backup of /etc/rc.d/init.d/MailScanner found. backup not performed
[Fri Jan 21 01:06:09 CET 2005] [success] mailscanner Backing up MailScanner Sys V init script
[Fri Jan 21 01:06:09 CET 2005] [success] mailscanner Creating symlink to Ensim Sys V Init script
[Fri Jan 21 01:06:09 CET 2005] [success] mailscanner Creating symlink to Ensim Sys V Init script
[Fri Jan 21 01:06:09 CET 2005] [success] mailscanner triggerin action completes



Can someone help with it?

BADI

Gpan, I'm in the same boat, wanting to make sure a 3.5 to 3.7 and on up upgrade works well.. When I rpm -e all of the .rpm files that came with the package, I get not installed message yet, I see MailScanner all over the system and it's been working well for me for months..

But I REALLY want to get it off there now...

Am I doing something wrong or what??

Shortzz

Can you post the comamdn you are using? You're not supposed to rpm -e the filenames, rather rpm -e the package names. Usually this is the filenames without the .rpm at the end (or similar)

Thanks Doobla, figgerd that out eventually. Man tht thing has more stuff attached to it than I'd thought!

I finally got them all out but I am now suffering the fate of the little bugger 3.2.6 mkinitrd not being compatible with my 2.4.20-20.7 Kernel and the upgrade. Works fine all by its lonesome but I'm hanging on it and ran out of ability to both stay awake at the keyboard and out of solitude.. my lady just got back from a week away and I had to make a couple trip out to the airport for her and her mom (same place, different flights)

I'll tackle it again in the morning. I've got all the other little niggles out of the way, wuz about to give up but it's all spelled out on the Ensim help file, just have to read it real slow when I've had enough sleep to remember the last word I read by the time I'm finished with the next word in line

You're right though, it's a bugger and can cause a lot of grief!!

Shortzz

Hey... I have the same problem to start MailScaner... And can´t get an answer; Did you fix it find / find an answer to the problem??
Any help will be really apreciated.
thank you.