Fedora :: Clamav Sending Spam - Invoked By Uid 509 (qscand == Clamd)
Mar 4, 2011
The mail server keeps getting locked up with tens of thousands of spam emails.So, i followed some instructions similar to this : [URL]I can clear the queue spams, easy, but after an hour or so the server is dead again.. not receiving emails and not sending out emails.
Code:
Received: (qmail 356 invoked by uid 509); 4 Mar 2011 21:39:10 +0800
Received: from 125.110.124.51 by host1.wemotor.com (envelope-from <oiazfkdvd@yahoo.com.tw>, uid 508) with qmail-scanner-1.25-st-qms
Received: from unknown (HELO 202.46.116.119) (125.110.124.51)
[code]....
View 3 Replies
ADVERTISEMENT
Apr 16, 2010
This started happening sometime yesterday afternoon on a server that's been trouble free for years.
My Ubuntu update is scheduled to run every month on the 5th, so this was roughly 10 days after that. So it seems to me it's not update related. The only thing I've done on the server lately is update a spamassassin rule which required an amavis restart. That was done earlier in the week.
I've already reviewed issues at [url] and all the conditions are correct for the more recent How to.
I can also confirm that, in fact, /var/run/clamav/clamd.ctl does not exist.
View 7 Replies
View Related
Apr 30, 2009
I just setup SpamAssassin and what not following this tutorial
[URL]
I am using CentOS 5.3. I was half way through that and got an email that had ***SPAM*** in the subject. Haven't received any more. First of all I want to know if spam will still get delivered, and just have a modified subject. Second, I want to know how to set it up so Spam goes to a user's spam mailbox (Virtual Users). And third of all, is it possible to disable spam filtering on a user basis, preferably using MySQL tables? Is it possible for users to mark a message as spam, and all further messages sent from that address will be sent to spam folder but only for that user?
EDIT: Yes spam is getting delivered with a modified header, on the server site, how can i deliver to spam folder? how to create IMAP virtual mailboxes on request without having to send an email to them first? Using virtual users with Courier Imap
View 3 Replies
View Related
Oct 16, 2010
I just saw that my network is slowed so I watches the /var/log/squid/access.log where I get this line continuously....
[Code]....
I thought that someone running any script so I disconnect all my LAN connection (simply removed the local lan cable) but I saw the connections is going on....so I watch the processes on proxy server but nothing suspicious....So I change my static IP and the spamming stops (I say it is spam b'coz the IP 203.188.197.10 is of yahoomail.com ) but I when I am putting my OLD ip back the connection starts again......I want to put back my old static IP b'coz I have configured it for many services. Is there any spyware on my machine or someone configured my IP?
View 3 Replies
View Related
Jul 3, 2011
We have a vpn that is accessible to anyone. We already block port 25, 587 and 465. But I am still receiving spam reports. I believe that the users of my vpn is infected by a virus or something that sends spam. Are there any other ways that spammer send spam mails without using the smtp ports?
My guess is that they are trying to send it by accessing a webmail. Have you heard of anything like that? how to block spam?
View 1 Replies
View Related
Nov 18, 2010
We have a spam in our network and we installed antivirus in all our systems and cleaned the virus from all pc's after that i had removed my ip from the database of blocked ip's but still my ip is blocked for sending spam i don't know from which pc the spam is going on the internet.
so i have a question that my proxy server is redhat linux and as a newbie i don't know the command's to find out which pc is creating large bandwidth to the internet. If you tell the command how to see which pc is sending spam then i will discard that pc. Also i want a strong firewall to stop spam activities.
View 6 Replies
View Related
Sep 29, 2010
All the emails I send from my linux server end up in the recipient's spam folder....Although I have tried many howtos etc and checked all blacklists... It doesn't work...
View 3 Replies
View Related
Mar 19, 2010
I have a server im trying to use with clamAV to scan it all and with cron job. it worked fine for few days, sending me emails with reports, i was happy. now i get ERR emails and when running manually i get the follwing message output: Script: clamav-cron v. 0.6 - Copyright 2009, Stefano Stagnaro Scanned: /
[Code]...
View 3 Replies
View Related
May 31, 2011
I am semi new to UBUNTU worked a bit with it in the passed on vps and that. but i am currentaly tring to make a module for *Zpanel* i am making an anti virus module and am going to be using clamav. up to now everything has been going smoothly but i have hit massive problem.
I am tring to do this:
Code:
And i get this in return
Code:
Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming.
The following information may resolve the situation:
The following packages have unmet dependencies.
I dont get any install. and the information i have collect from people say that and install should not be stopped becuase of an depend
So as any one who is semi new would do i then tried installing the depend
Code:
And i get this in return
Code:
E: Package 'phpapi-20060613+lfs' has no installation candidate
So it look like problem after problem
Does any one know why i can not install php5-clamavlib
I have UBUNTU 11.04 desktop (with zpanel installed on it)
*zpanel an open source web hosting panel for windows and NOW LINUX (zpanel has just been release on UBUNTU ONLY ).
View 1 Replies
View Related
Aug 25, 2009
I currently have the following email server set up:
Postfix with mysql backend
Dovecot
clamav
spamassassin
amavisd
And it all works great. However I would like it for amavisd to forward all the marked spam into a folder on each user account, but I cannot figure this out.
View 5 Replies
View Related
Sep 23, 2010
I have two servers complaining about ClamAV being outdated:
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.96.1 Recommended version: 0.96.3
Doing an aptitude update says I don't have to upgrade anything. Why is this? Must ClamAV be updated manually?
View 7 Replies
View Related
Apr 15, 2010
I try to start clamd service since I found "PROCS CRITICAL: 0 processes with command name 'clamd'" from nagios. so I check at its log file at "tail /home/clamav/logs/clamd.log" it said that log file exceeding maximum limit so I try to rotate log by
pico /root/123/etc/logrotate.d/clamd
/home/clamav/logs/clamd.log {
rotate 12
[code]...
View 2 Replies
View Related
Apr 7, 2010
Clamd on my CentOS latest stable box takes an age to start.s in, well over half an hour.Two clamd processes get started, each of which has a VIRT of about 220m. Load average goes through the roof, values from 6-8+.The server is a bit weedy (190MB RAM, processor I forgot), but I didn't have these problems before. They seemed to arise after running freshclam to update definitions.
View 1 Replies
View Related
Oct 16, 2009
I'm running FC10, with the sendmail that was part of it in Feb 09. Anyway, Up till now I've been using the user client to do spam filtering, But I'd like to start catching the spam at the sendmail level. What are my options today? I tried searching the forums and found a bunch of threads from 2001-2006, but I figured many of the ideas are now longer vaild.
View 2 Replies
View Related
May 3, 2010
I set up the spam wizard in Kontact/Kmail yesterday. I told it to put all the spam in the "Spam" folder. Seems the default is "Trash". Well, now it sticks everything in the "Trash" folder. Everything including standard e-mails that should go into the inbox. I've tried a few things. The program seems to be hung up somehow. Is there a way to go into a terminal and do some repairs?
View 5 Replies
View Related
Jan 8, 2011
I can install clamav from SBo no problem, but the version is outdated. I downloaded the newer source code from clamav's site, edited the slackbuild to reflect the new version number, and rebuilt the package. But I get this following error when building.
Config files are installed in the proper places (except the file /etc/clamd.conf.rej referred to below which doesn't exist). But the binaries clamd and freshclam aren't installed anywhere.
Code:
make[2]: Leaving directory `/tmp/SBo/clamav-0.96.5/test'
Making all in clamdtop
make[2]: Entering directory `/tmp/SBo/clamav-0.96.5/clamdtop'
CC optparser.o
[Code]....
View 2 Replies
View Related
Aug 30, 2009
I have installed CLAMAV in Fedora 11 and when I try to update it says update failed I have tried to find a reason why but unfortunately I am lost. Sony VAIO VGN TXHP1 laptop Fedora 11 Gnome i1568 Wireless connection seems fine.
View 8 Replies
View Related
May 26, 2010
I am trying to upgrade my clam AV to latest 0.9.6.1. Last times I just uploaded to the server and used RPM command and it was installing. Now I cant find RPM for this ver. So I guess I need to prepare one.
I used the guide here:
Packaging software with RPM, Part 1: Building and distributing packages
by IBM
Changing all wget -> clamav
But when run this I got:
# rpmbuild -v -bb --clean clamav.spec
Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.74542
+ umask 022
+ cd /home/myclamav/BUILD
+ cd /home/myclamav/BUILD
+ rm -rf clamav-0.96.1
+ /bin/gzip -dc /home/myclamav/SOURCES/clamav-0.96.1.tar.gz
+ tar -xf -
+ STATUS=0
+ '[' 0 -ne 0 ']'
+ cd clamav-0.96.1
++ /usr/bin/id -u
+ '[' 0 = 0 ']'
+ /bin/chown -Rhf root .
++ /usr/bin/id -u
+ '[' 0 = 0 ']'
+ /bin/chgrp -Rhf root .
+ /bin/chmod -Rf a+rX,u+w,g-w,o-w .
+ $'
'
: command not found542: line 35:
error: Bad exit status from /var/tmp/rpm-tmp.74542 (%prep)
RPM build errors:
Bad exit status from /var/tmp/rpm-tmp.74542 (%prep)
Is there a better way to create RPMs? or Where do I get RPM for this version? I couldn't find it through their site.
View 3 Replies
View Related
May 4, 2011
Suse 11.3 KDE 32bit Following instructions in software.opensuse.org: Search Results I installed LibreOffice using the 1-click Install method. It will not start and produces no error when invoked from the console. Now here's the strangest part. If I left click on an .ods file produced by LibreOffice on another computer (on which it worked) KDE tries to extract it using ark even though file properties identifies it as an "ODS spreadsheet".
View 5 Replies
View Related
Jan 15, 2011
I have a problem with my 10.10 32bit installation. The shut down window repeated appears within a few seconds of use, and this is not user-invoked. The shut down screen just pops up within a few seconds after logging in. It even occurs at the login screen. Once it appears, it'll repeatedly close & reopen. I tried using 10.04 bit (which I normally use on my other computers), and have the same results. This is a new computer that I just bought
Intel Atom 330 (1.6GHz, dual-core), full specs in the link [URL] with a 4GB stick of RAM
[URL]
I've already ran a memory test, and it's totally ok.Here's a video clip of what I am experiencing on my screen.
[URL]
View 9 Replies
View Related
May 10, 2010
Want know the location of the Clamd service database, and also know the extension of these database fies.
View 2 Replies
View Related
May 21, 2010
I have an issue with postfix and my server.One account (mine) is not considered as spam by no one. But all the other users are treated as spam by yahoo, and hotmail. And I can't understand why.Here are the header from one user who sent an email to my yahoo account (treated as spam):
Code:
From userNAme Sat May 22 01:52:27 2010
X-Apparently-To: me@yahoo.ca via 98.136.183.25; Fri, 21 May 2010 14:52:55 -0700
[code]...
View 5 Replies
View Related
Mar 25, 2011
i was using mandriva before and fedora is new i have installed clamav antivirus but clamav won update i must change clamd.d and maybe freshlam.conf but how do i that under mandriva clamav-freshclam does the job but here it is different
View 8 Replies
View Related
Jul 5, 2011
I get constantly this error, how can disable clamav in SElinux, or there is maybe a rule for it?
SELinux is preventing the clamscan from using potentially mislabeled files (./clamav-366ce73c2b6ad30d9e062d
SELinux is preventing the clamscan from using potentially mislabeled files (/tmp/clamav.577/clamav-9c353ad9c85b
View 1 Replies
View Related
May 31, 2011
Possible Duplicate: Leave bash script running on remote terminal while not logged in? I run a program, say ./a.out 10 from the shell prompt. Assume that there's a while(1) inside the program being run. Now if I try to close the shell, it warns me that it'll kill my running program too! So, how to kill the shell and still let my program continue running in the background?
I tried exec ./a.out 10 but the shell is still there. Another alternative is to simply double click my executable but then how will I pass command line parameters?
View 2 Replies
View Related
Dec 26, 2010
I have problem starting clamd. It's unable to execute setgroups()
/etc/group , /etc/password files are world readable
Here is output after starting clamd:
sudo clamd
ERROR: setgroups() failed.
Here is strace clamd output:
...
open("/etc/passwd", O_RDONLY|0x80000 /* O_??? */) = 3
fcntl64(3, F_GETFD) = 0x1 (flags FD_CLOEXEC)
_llseek(3, 0, [0], SEEK_CUR) = 0
fstat64(3, {st_mode=S_IFREG|0644, st_size=1616, ...}) = 0
mmap2(NULL, 1616, PROT_READ, MAP_SHARED, 3, 0) = 0xb7f6d000
_llseek(3, 1616, [1616], SEEK_SET) = 0
munmap(0xb7f6d000, 1616) = 0
close(3) = 0
setgroups32(1, [120]) = -1 EPERM (Operation not permitted)
write(2, "ERROR: setgroups() failed.
", 27ERROR: setgroups() failed.) = 27
exit_group(1) = ?
Process 29002 detached
ls -al /etc/group:
-rw-r--r-- 1 root root 1013 2010-03-19 11:38 /etc/group
ls -al /etc/passwd:
-rw-r--r-- 1 root root 1616 2010-03-05 12:39 /etc/passwd
/etc/passwd:
clamav:x:108:120::/var/lib/clamav:/bin/false
/etc/group:
clamav:x:120:
View 2 Replies
View Related
May 30, 2011
extract.ksh use this scripts topic_file_publish.sh but extract.ksh resides in /data/apps/pnbos/scripts
but topic_file_publish.sh in below directory/data/apps/pnbgstk/publication >
ls topic_file_publish.sh topic_file_publish.sh fraespappp8:/data/apps > type topic_file_publish.sh topic_file_publish.sh is hashed (/data/apps/pnbgstk/publication/topic_file_publish.sh)
How it is done?
since topic_file_publish.sh is being directly referenced in the code with absolute path.
View 2 Replies
View Related
Feb 13, 2009
I wish to install a new libc.so and have compiled the latest glibc (2.9.90) with the latest gcc (4.3.3) and the latest binutils (2.19, compiled with gcc 4.3.3). Compilation succeeded without errors, although not before I did some non- obvious things (e.g., I had to put '-march=i686' into my CFLAGS to avoid getting undefined symbol errors from the linker). 'Make check' also produced errors, a number of which I averted by doing non-obvious things (e.g., I had to copy iconvdata/gconv-modules and libio/tst-*.input from the source
directory to the build directory, and I had to export into the environment TIMEOUTFACTOR=2; the glibc documentation gave me no clue that I had to do any of those things). Now I am running into an error with rt/tst-cputimer that I do not know how to avert. I have run 'make check' 3 times; here are the 3 results. From rt/tst-cputimer1.out:
And from rt/tst-cputimer2.out:
Before running the 3rd 'make check', I increased TIMEOUTFACTOR
(to 3). It made no difference. From rt/tst-cputimer3.out:
I don't want to install the new libc.so until I can get all the tests to succeed, or, failing that, until I understand the significance of the error, and can intelligently dismiss it.
View 2 Replies
View Related
Sep 4, 2009
I have been trying to update the gui version 4.10 and the antivirus engine 0.95.1 but to no avail.
View 9 Replies
View Related
Nov 27, 2009
I'm replacing my trusty old F5 firewall/mail server with a new(er) F11 box. Using yum, I have these packages installed:
[Code].....
View 2 Replies
View Related
