Jerry
2018-09-26 11:56:50 UTC
I am running clamav version 0.100.1 on a FreeBSD 11.2 / amd64 machine. I
also have the clamav-milter installed. My problem is that even though I am
trying to whitelist some addresses, they get marked as Spam.
This is an example of one such address: ☀ Puritan's Pride <***@e.puritan.com>
I entered this into the white list file: From:***@e.puritan.com
I then restarted the milter. Unfortunately, the email is still marked as
Spam. I thought that clamav-milter would simply ignore the file.
X-Virus-Status: Infected (SecuriteInfo.com.Spam-4701.UNOFFICIAL)
X-Virus-Scanned: clamav-milter 0.100.1 at scorpio.seibercom.net
This is the output from "clamconf"
Checking configuration files in /usr/local/etc
Config file: clamd.conf
-----------------------
BlockMax disabled
PreludeEnable disabled
PreludeAnalyzerName disabled
LogFile = "/var/log/clamav/clamd.log"
LogFileUnlock disabled
LogFileMaxSize = "1048576"
LogTime disabled
LogClean disabled
LogSyslog disabled
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
LogRotate = "yes"
ExtendedDetectionInfo disabled
PidFile = "/var/run/clamav/clamd.pid"
TemporaryDirectory disabled
DatabaseDirectory = "/var/db/clamav"
OfficialDatabaseOnly disabled
LocalSocket = "/var/run/clamav/clamd.sock"
LocalSocketGroup disabled
LocalSocketMode disabled
FixStaleSocket = "yes"
TCPSocket disabled
TCPAddr disabled
MaxConnectionQueueLength = "200"
StreamMaxLength = "26214400"
StreamMinPort = "1024"
StreamMaxPort = "2048"
MaxThreads = "10"
ReadTimeout = "120"
CommandReadTimeout = "5"
SendBufTimeout = "500"
MaxQueue = "100"
IdleTimeout = "30"
ExcludePath disabled
MaxDirectoryRecursion = "15"
FollowDirectorySymlinks disabled
FollowFileSymlinks disabled
CrossFilesystems = "yes"
SelfCheck = "600"
DisableCache disabled
VirusEvent disabled
ExitOnOOM disabled
AllowAllMatchScan = "yes"
Foreground disabled
Debug disabled
LeaveTemporaryFiles disabled
User = "clamav"
Bytecode = "yes"
BytecodeSecurity = "TrustSigned"
BytecodeTimeout = "5000"
BytecodeUnsigned disabled
BytecodeMode = "Auto"
DetectPUA disabled
ExcludePUA disabled
IncludePUA disabled
AlgorithmicDetection = "yes"
ScanPE = "yes"
ScanELF = "yes"
DetectBrokenExecutables disabled
ScanMail = "yes"
ScanPartialMessages disabled
PhishingSignatures = "yes"
PhishingScanURLs = "yes"
PhishingAlwaysBlockCloak disabled
PhishingAlwaysBlockSSLMismatch disabled
PartitionIntersection disabled
HeuristicScanPrecedence disabled
StructuredDataDetection disabled
StructuredMinCreditCardCount = "3"
StructuredMinSSNCount = "3"
StructuredSSNFormatNormal = "yes"
StructuredSSNFormatStripped disabled
ScanHTML = "yes"
ScanOLE2 = "yes"
OLE2BlockMacros disabled
ScanPDF = "yes"
ScanSWF = "yes"
ScanXMLDOCS = "yes"
ScanHWP3 = "yes"
ScanArchive = "yes"
ArchiveBlockEncrypted disabled
ForceToDisk disabled
MaxScanSize = "104857600"
MaxFileSize = "26214400"
MaxRecursion = "16"
MaxFiles = "10000"
MaxEmbeddedPE = "10485760"
MaxHTMLNormalize = "10485760"
MaxHTMLNoTags = "2097152"
MaxScriptNormalize = "5242880"
MaxZipTypeRcg = "1048576"
MaxPartitions = "50"
MaxIconsPE = "100"
MaxRecHWP3 = "16"
PCREMatchLimit = "100000"
PCRERecMatchLimit = "5000"
PCREMaxFileSize = "26214400"
ScanOnAccess disabled
OnAccessMountPath disabled
OnAccessIncludePath disabled
OnAccessExcludePath disabled
OnAccessExcludeRootUID disabled
OnAccessExcludeUID disabled
OnAccessMaxFileSize = "5242880"
OnAccessDisableDDD disabled
OnAccessPrevention disabled
OnAccessExtraScanning disabled
DevACOnly disabled
DevACDepth disabled
DevPerformance disabled
DevLiblog disabled
DisableCertCheck disabled
Config file: freshclam.conf
---------------------------
LogFileMaxSize = "2097152"
LogTime disabled
LogSyslog disabled
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
LogRotate = "yes"
PidFile = "/var/run/clamav/freshclam.pid"
DatabaseDirectory = "/var/db/clamav"
Foreground disabled
Debug disabled
UpdateLogFile = "/var/log/clamav/freshclam.log"
DatabaseOwner = "clamav"
Checks = "24"
DNSDatabaseInfo = "current.cvd.clamav.net"
DatabaseMirror = "db.US.clamav.net", "database.clamav.net"
PrivateMirror disabled
MaxAttempts = "3"
ScriptedUpdates = "yes"
TestDatabases = "yes"
CompressLocalDatabase disabled
ExtraDatabase disabled
DatabaseCustomURL disabled
HTTPProxyServer disabled
HTTPProxyPort disabled
HTTPProxyUsername disabled
HTTPProxyPassword disabled
HTTPUserAgent disabled
NotifyClamd = "/usr/local/etc/clamd.conf"
OnUpdateExecute disabled
OnErrorExecute disabled
OnOutdatedExecute disabled
LocalIPAddress disabled
ConnectTimeout = "30"
ReceiveTimeout = "30"
SafeBrowsing = "yes"
Bytecode = "yes"
Config file: clamav-milter.conf
-------------------------------
LogFile = "/var/log/clamav/clamav-milter.log"
LogFileUnlock disabled
LogFileMaxSize = "2097152"
LogTime = "yes"
LogSyslog disabled
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
LogRotate = "yes"
PidFile = "/var/run/clamav/clamav-milter.pid"
TemporaryDirectory disabled
FixStaleSocket = "yes"
MaxThreads = "10"
ReadTimeout = "120"
Foreground disabled
User = "clamav"
MaxFileSize = "26214400"
ClamdSocket = "unix:/var/run/clamav/clamd.sock"
MilterSocket = "/var/run/clamav/clmilter.sock"
MilterSocketGroup disabled
MilterSocketMode disabled
LocalNet = "192.168.0.101/32", "192.168.0.192/32"
OnClean = "Accept"
OnInfected = "Accept"
OnFail = "Defer"
RejectMsg disabled
AddHeader = "Add"
ReportHostname disabled
VirusAction disabled
Chroot disabled
Whitelist = "/usr/local/etc/whitelisted_addresses.txt"
SkipAuthenticated = "file:/usr/local/etc/clamav_exclusions.txt"
LogInfected = "basic"
LogClean disabled
SupportMultipleRecipients = "yes"
Software settings
-----------------
Version: 0.100.1
Optional features supported: MEMPOOL IPv6 BIGSTACK AUTOIT_EA06 BZIP2 LIBXML2 PCRE JSON RAR
Database information
--------------------
Database directory: /var/db/clamav
[3rd Party] EK_Zeus.yar: 28 sigs
[3rd Party] foxhole_mail.cdb: 23 sigs
[3rd Party] securiteinfopdf.hdb: 3367 sigs
[3rd Party] foxhole_generic.cdb: 211 sigs
[3rd Party] EK_Crimepack.yar: 49 sigs
[3rd Party] CVE-2010-1297.yar: 15 sigs
[3rd Party] spearl.ndb: 150 sigs
[3rd Party] foxhole_all.cdb: 145 sigs
[3rd Party] spamimg.hdb: 184 sigs
daily.cld: version 24983, sigs: 2100133, built on Tue Sep 25 22:39:15 2018
[3rd Party] spear.ndb: 15009 sigs
[3rd Party] spamattach.hdb: 14 sigs
[3rd Party] winnow.attachments.hdb: 182 sigs
[3rd Party] Maldoc_Hidden_PE_file.yar: 23 sigs
[3rd Party] malware.expert.hdb: 388 sigs
[3rd Party] winnow.complex.patterns.ldb: 3 sigs
[3rd Party] porcupine.ndb: 4012 sigs
[3rd Party] winnow_phish_complete.ndb: 9320 sigs
[3rd Party] phishtank.ndb: 27161 sigs
[3rd Party] scam.ndb: 12501 sigs
[3rd Party] EK_ZeroAcces.yar: 211 sigs
[3rd Party] foxhole_js.ndb: 4 sigs
[3rd Party] securiteinfohtml.hdb: 54089 sigs
[3rd Party] MiscreantPunch099-INFO-Low.ldb: 21 sigs
[3rd Party] jurlbl.ndb: 17854 sigs
[3rd Party] lott.ndb: 2335 sigs
[3rd Party] rfxn.hdb: 12674 sigs
[3rd Party] EK_Fragus.yar: 210 sigs
main.cvd: version 58, sigs: 4566249, built on Wed Jun 7 17:38:10 2017
[3rd Party] winnow_spam_complete.ndb: 931 sigs
[3rd Party] phish.ndb: 27425 sigs
[3rd Party] winnow_malware_links.ndb: 4623 sigs
[3rd Party] CVE-2013-0074.yar: 17 sigs
[3rd Party] sanesecurity.ftm: 170 sigs
[3rd Party] securiteinfoold.hdb: 2213713 sigs
[3rd Party] jurlbla.ndb: 1682 sigs
[3rd Party] CVE-2010-0887.yar: 21 sigs
[3rd Party] foxhole_filename.cdb: 1971 sigs
[3rd Party] EK_Blackhole.yar: 453 sigs
[3rd Party] EK_Phoenix.yar: 483 sigs
[3rd Party] spam_marketing.ndb: 23032 sigs
[3rd Party] securiteinfoandroid.hdb: 99086 sigs
[3rd Party] bofhland_malware_attach.hdb: 1835 sigs
[3rd Party] Sanesecurity_spam.yara: 46 sigs
[3rd Party] winnow_extended_malware_links.ndb: 1 sig
bytecode.cvd: version 327, sigs: 91, built on Wed Aug 8 20:43:48 2018
[3rd Party] winnow_malware.hdb: 293 sigs
[3rd Party] CVE-2015-5119.yar: 22 sigs
[3rd Party] malwarepatrol.ndb: 0 sig
[3rd Party] EK_BleedingLife.yar: 112 sigs
[3rd Party] foxhole_js.cdb: 48 sigs
[3rd Party] malware.expert.ndb: 855 sigs
[3rd Party] winnow_extended_malware.hdb: 245 sigs
[3rd Party] spam.ldb: 2 sigs
[3rd Party] porcupine.hsb: 873 sigs
[3rd Party] maldoc_somerules.yar: 283 sigs
[3rd Party] securiteinfo.hdb: 1377783 sigs
[3rd Party] rfxn.ndb: 2034 sigs
[3rd Party] foxhole_all.ndb: 101 sigs
[3rd Party] EK_Eleonore.yar: 165 sigs
[3rd Party] scamnailer.ndb: 50995 sigs
[3rd Party] shelter.ldb: 15 sigs
[3rd Party] blurl.ndb: 108974 sigs
[3rd Party] CVE-2013-0422.yar: 21 sigs
[3rd Party] javascript.ndb: 44092 sigs
[3rd Party] securiteinfoascii.hdb: 98180 sigs
[3rd Party] rogue.hdb: 6761 sigs
[3rd Party] malwarehash.hsb: 771 sigs
[3rd Party] malware.expert.ldb: 142 sigs
[3rd Party] MiscreantPunch099-Low.ldb: 1208 sigs
[3rd Party] EK_Angler.yar: 283 sigs
[3rd Party] Javascript_exploit_and_obfuscation.yar: 59 sigs
safebrowsing.cld: version 47916, sigs: 2840247, built on Wed Sep 26 00:56:14 2018
[3rd Party] bofhland_cracked_URL.ndb: 24 sigs
[3rd Party] Sanesecurity_sigtest.yara: 54 sigs
[3rd Party] badmacro.ndb: 501 sigs
[3rd Party] bofhland_phishing_URL.ndb: 186 sigs
[3rd Party] winnow_bad_cw.hdb: 1 sig
[3rd Party] bofhland_malware_URL.ndb: 60 sigs
[3rd Party] CVE-2010-0805.yar: 14 sigs
[3rd Party] hackingteam.hsb: 435 sigs
[3rd Party] EK_Sakura.yar: 62 sigs
[3rd Party] crypto.yar: 1 sig
[3rd Party] malware.expert.fp: 42 sigs
[3rd Party] EK_Zerox88.yar: 55 sigs
Total number of signatures: 13738144
Platform information
--------------------
uname: FreeBSD 11.2-RELEASE-p3 FreeBSD 11.2-RELEASE-p3 #0: Thu Sep 6 07:14:16 UTC 2018 roo amd64
OS: freebsd11.2, ARCH: amd64, CPU: amd64
zlib version: 1.2.11 (1.2.11), compile flags: a9
platform id: 0x03235c5c0800000000040201
Build information
-----------------
Clang: 4.2.1 Compatible FreeBSD Clang 6.0.0 (tags/RELEASE_600/final 326565) (4.2.1)
CPPFLAGS: -I/usr/local/include
CFLAGS: -O2 -pipe -march=core2 -fstack-protector -fno-strict-aliasing -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
CXXFLAGS: -O2 -pipe -march=core2 -fstack-protector -fno-strict-aliasing
LDFLAGS: -lthr -L/usr/local/lib -Wl,-rpath,/usr/local/lib -fstack-protector
Configure: '--libdir=/usr/local/lib' '--with-dbdir=/var/db/clamav' '--with-zlib=/usr' '--disable-clamuko' '--disable-clamav' '--enable-bigstack' '--enable-readdir_r' '--enable-gethostbyname_r' '--disable-dependency-tracking' '--disable-zlib-vcheck' '--enable-clamdtop' '--enable-xml' '--disable-experimental' '--without-iconv' '--enable-ipv6' '--with-libjson' '--enable-milter' '--with-pcre' '--disable-check' '--enable-unrar' '--with-sendmail=/usr/sbin/sendmail' '--prefix=/usr/local' '--localstatedir=/var' '--mandir=/usr/local/man' '--disable-silent-rules' '--infodir=/usr/local/info/' '--build=amd64-portbld-freebsd11.2' 'build_alias=amd64-portbld-freebsd11.2' 'CC=cc' 'CFLAGS=-O2 -pipe -march=core2 -fstack-protector -fno-strict-aliasing ' 'LDFLAGS= -lthr -L/usr/local/lib -Wl,-rpath,/usr/local/lib -fstack-protector ' 'LIBS=' 'CPPFLAGS=-I/usr/local/include' 'CPP=cpp'
sizeof(void*) = 8
Engine flevel: 92, dconf: 92
If some one could tell me what I am doing incorrectly, I would appreciate it.
--
Jerry
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#
also have the clamav-milter installed. My problem is that even though I am
trying to whitelist some addresses, they get marked as Spam.
This is an example of one such address: ☀ Puritan's Pride <***@e.puritan.com>
I entered this into the white list file: From:***@e.puritan.com
I then restarted the milter. Unfortunately, the email is still marked as
Spam. I thought that clamav-milter would simply ignore the file.
X-Virus-Status: Infected (SecuriteInfo.com.Spam-4701.UNOFFICIAL)
X-Virus-Scanned: clamav-milter 0.100.1 at scorpio.seibercom.net
This is the output from "clamconf"
Checking configuration files in /usr/local/etc
Config file: clamd.conf
-----------------------
BlockMax disabled
PreludeEnable disabled
PreludeAnalyzerName disabled
LogFile = "/var/log/clamav/clamd.log"
LogFileUnlock disabled
LogFileMaxSize = "1048576"
LogTime disabled
LogClean disabled
LogSyslog disabled
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
LogRotate = "yes"
ExtendedDetectionInfo disabled
PidFile = "/var/run/clamav/clamd.pid"
TemporaryDirectory disabled
DatabaseDirectory = "/var/db/clamav"
OfficialDatabaseOnly disabled
LocalSocket = "/var/run/clamav/clamd.sock"
LocalSocketGroup disabled
LocalSocketMode disabled
FixStaleSocket = "yes"
TCPSocket disabled
TCPAddr disabled
MaxConnectionQueueLength = "200"
StreamMaxLength = "26214400"
StreamMinPort = "1024"
StreamMaxPort = "2048"
MaxThreads = "10"
ReadTimeout = "120"
CommandReadTimeout = "5"
SendBufTimeout = "500"
MaxQueue = "100"
IdleTimeout = "30"
ExcludePath disabled
MaxDirectoryRecursion = "15"
FollowDirectorySymlinks disabled
FollowFileSymlinks disabled
CrossFilesystems = "yes"
SelfCheck = "600"
DisableCache disabled
VirusEvent disabled
ExitOnOOM disabled
AllowAllMatchScan = "yes"
Foreground disabled
Debug disabled
LeaveTemporaryFiles disabled
User = "clamav"
Bytecode = "yes"
BytecodeSecurity = "TrustSigned"
BytecodeTimeout = "5000"
BytecodeUnsigned disabled
BytecodeMode = "Auto"
DetectPUA disabled
ExcludePUA disabled
IncludePUA disabled
AlgorithmicDetection = "yes"
ScanPE = "yes"
ScanELF = "yes"
DetectBrokenExecutables disabled
ScanMail = "yes"
ScanPartialMessages disabled
PhishingSignatures = "yes"
PhishingScanURLs = "yes"
PhishingAlwaysBlockCloak disabled
PhishingAlwaysBlockSSLMismatch disabled
PartitionIntersection disabled
HeuristicScanPrecedence disabled
StructuredDataDetection disabled
StructuredMinCreditCardCount = "3"
StructuredMinSSNCount = "3"
StructuredSSNFormatNormal = "yes"
StructuredSSNFormatStripped disabled
ScanHTML = "yes"
ScanOLE2 = "yes"
OLE2BlockMacros disabled
ScanPDF = "yes"
ScanSWF = "yes"
ScanXMLDOCS = "yes"
ScanHWP3 = "yes"
ScanArchive = "yes"
ArchiveBlockEncrypted disabled
ForceToDisk disabled
MaxScanSize = "104857600"
MaxFileSize = "26214400"
MaxRecursion = "16"
MaxFiles = "10000"
MaxEmbeddedPE = "10485760"
MaxHTMLNormalize = "10485760"
MaxHTMLNoTags = "2097152"
MaxScriptNormalize = "5242880"
MaxZipTypeRcg = "1048576"
MaxPartitions = "50"
MaxIconsPE = "100"
MaxRecHWP3 = "16"
PCREMatchLimit = "100000"
PCRERecMatchLimit = "5000"
PCREMaxFileSize = "26214400"
ScanOnAccess disabled
OnAccessMountPath disabled
OnAccessIncludePath disabled
OnAccessExcludePath disabled
OnAccessExcludeRootUID disabled
OnAccessExcludeUID disabled
OnAccessMaxFileSize = "5242880"
OnAccessDisableDDD disabled
OnAccessPrevention disabled
OnAccessExtraScanning disabled
DevACOnly disabled
DevACDepth disabled
DevPerformance disabled
DevLiblog disabled
DisableCertCheck disabled
Config file: freshclam.conf
---------------------------
LogFileMaxSize = "2097152"
LogTime disabled
LogSyslog disabled
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
LogRotate = "yes"
PidFile = "/var/run/clamav/freshclam.pid"
DatabaseDirectory = "/var/db/clamav"
Foreground disabled
Debug disabled
UpdateLogFile = "/var/log/clamav/freshclam.log"
DatabaseOwner = "clamav"
Checks = "24"
DNSDatabaseInfo = "current.cvd.clamav.net"
DatabaseMirror = "db.US.clamav.net", "database.clamav.net"
PrivateMirror disabled
MaxAttempts = "3"
ScriptedUpdates = "yes"
TestDatabases = "yes"
CompressLocalDatabase disabled
ExtraDatabase disabled
DatabaseCustomURL disabled
HTTPProxyServer disabled
HTTPProxyPort disabled
HTTPProxyUsername disabled
HTTPProxyPassword disabled
HTTPUserAgent disabled
NotifyClamd = "/usr/local/etc/clamd.conf"
OnUpdateExecute disabled
OnErrorExecute disabled
OnOutdatedExecute disabled
LocalIPAddress disabled
ConnectTimeout = "30"
ReceiveTimeout = "30"
SafeBrowsing = "yes"
Bytecode = "yes"
Config file: clamav-milter.conf
-------------------------------
LogFile = "/var/log/clamav/clamav-milter.log"
LogFileUnlock disabled
LogFileMaxSize = "2097152"
LogTime = "yes"
LogSyslog disabled
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
LogRotate = "yes"
PidFile = "/var/run/clamav/clamav-milter.pid"
TemporaryDirectory disabled
FixStaleSocket = "yes"
MaxThreads = "10"
ReadTimeout = "120"
Foreground disabled
User = "clamav"
MaxFileSize = "26214400"
ClamdSocket = "unix:/var/run/clamav/clamd.sock"
MilterSocket = "/var/run/clamav/clmilter.sock"
MilterSocketGroup disabled
MilterSocketMode disabled
LocalNet = "192.168.0.101/32", "192.168.0.192/32"
OnClean = "Accept"
OnInfected = "Accept"
OnFail = "Defer"
RejectMsg disabled
AddHeader = "Add"
ReportHostname disabled
VirusAction disabled
Chroot disabled
Whitelist = "/usr/local/etc/whitelisted_addresses.txt"
SkipAuthenticated = "file:/usr/local/etc/clamav_exclusions.txt"
LogInfected = "basic"
LogClean disabled
SupportMultipleRecipients = "yes"
Software settings
-----------------
Version: 0.100.1
Optional features supported: MEMPOOL IPv6 BIGSTACK AUTOIT_EA06 BZIP2 LIBXML2 PCRE JSON RAR
Database information
--------------------
Database directory: /var/db/clamav
[3rd Party] EK_Zeus.yar: 28 sigs
[3rd Party] foxhole_mail.cdb: 23 sigs
[3rd Party] securiteinfopdf.hdb: 3367 sigs
[3rd Party] foxhole_generic.cdb: 211 sigs
[3rd Party] EK_Crimepack.yar: 49 sigs
[3rd Party] CVE-2010-1297.yar: 15 sigs
[3rd Party] spearl.ndb: 150 sigs
[3rd Party] foxhole_all.cdb: 145 sigs
[3rd Party] spamimg.hdb: 184 sigs
daily.cld: version 24983, sigs: 2100133, built on Tue Sep 25 22:39:15 2018
[3rd Party] spear.ndb: 15009 sigs
[3rd Party] spamattach.hdb: 14 sigs
[3rd Party] winnow.attachments.hdb: 182 sigs
[3rd Party] Maldoc_Hidden_PE_file.yar: 23 sigs
[3rd Party] malware.expert.hdb: 388 sigs
[3rd Party] winnow.complex.patterns.ldb: 3 sigs
[3rd Party] porcupine.ndb: 4012 sigs
[3rd Party] winnow_phish_complete.ndb: 9320 sigs
[3rd Party] phishtank.ndb: 27161 sigs
[3rd Party] scam.ndb: 12501 sigs
[3rd Party] EK_ZeroAcces.yar: 211 sigs
[3rd Party] foxhole_js.ndb: 4 sigs
[3rd Party] securiteinfohtml.hdb: 54089 sigs
[3rd Party] MiscreantPunch099-INFO-Low.ldb: 21 sigs
[3rd Party] jurlbl.ndb: 17854 sigs
[3rd Party] lott.ndb: 2335 sigs
[3rd Party] rfxn.hdb: 12674 sigs
[3rd Party] EK_Fragus.yar: 210 sigs
main.cvd: version 58, sigs: 4566249, built on Wed Jun 7 17:38:10 2017
[3rd Party] winnow_spam_complete.ndb: 931 sigs
[3rd Party] phish.ndb: 27425 sigs
[3rd Party] winnow_malware_links.ndb: 4623 sigs
[3rd Party] CVE-2013-0074.yar: 17 sigs
[3rd Party] sanesecurity.ftm: 170 sigs
[3rd Party] securiteinfoold.hdb: 2213713 sigs
[3rd Party] jurlbla.ndb: 1682 sigs
[3rd Party] CVE-2010-0887.yar: 21 sigs
[3rd Party] foxhole_filename.cdb: 1971 sigs
[3rd Party] EK_Blackhole.yar: 453 sigs
[3rd Party] EK_Phoenix.yar: 483 sigs
[3rd Party] spam_marketing.ndb: 23032 sigs
[3rd Party] securiteinfoandroid.hdb: 99086 sigs
[3rd Party] bofhland_malware_attach.hdb: 1835 sigs
[3rd Party] Sanesecurity_spam.yara: 46 sigs
[3rd Party] winnow_extended_malware_links.ndb: 1 sig
bytecode.cvd: version 327, sigs: 91, built on Wed Aug 8 20:43:48 2018
[3rd Party] winnow_malware.hdb: 293 sigs
[3rd Party] CVE-2015-5119.yar: 22 sigs
[3rd Party] malwarepatrol.ndb: 0 sig
[3rd Party] EK_BleedingLife.yar: 112 sigs
[3rd Party] foxhole_js.cdb: 48 sigs
[3rd Party] malware.expert.ndb: 855 sigs
[3rd Party] winnow_extended_malware.hdb: 245 sigs
[3rd Party] spam.ldb: 2 sigs
[3rd Party] porcupine.hsb: 873 sigs
[3rd Party] maldoc_somerules.yar: 283 sigs
[3rd Party] securiteinfo.hdb: 1377783 sigs
[3rd Party] rfxn.ndb: 2034 sigs
[3rd Party] foxhole_all.ndb: 101 sigs
[3rd Party] EK_Eleonore.yar: 165 sigs
[3rd Party] scamnailer.ndb: 50995 sigs
[3rd Party] shelter.ldb: 15 sigs
[3rd Party] blurl.ndb: 108974 sigs
[3rd Party] CVE-2013-0422.yar: 21 sigs
[3rd Party] javascript.ndb: 44092 sigs
[3rd Party] securiteinfoascii.hdb: 98180 sigs
[3rd Party] rogue.hdb: 6761 sigs
[3rd Party] malwarehash.hsb: 771 sigs
[3rd Party] malware.expert.ldb: 142 sigs
[3rd Party] MiscreantPunch099-Low.ldb: 1208 sigs
[3rd Party] EK_Angler.yar: 283 sigs
[3rd Party] Javascript_exploit_and_obfuscation.yar: 59 sigs
safebrowsing.cld: version 47916, sigs: 2840247, built on Wed Sep 26 00:56:14 2018
[3rd Party] bofhland_cracked_URL.ndb: 24 sigs
[3rd Party] Sanesecurity_sigtest.yara: 54 sigs
[3rd Party] badmacro.ndb: 501 sigs
[3rd Party] bofhland_phishing_URL.ndb: 186 sigs
[3rd Party] winnow_bad_cw.hdb: 1 sig
[3rd Party] bofhland_malware_URL.ndb: 60 sigs
[3rd Party] CVE-2010-0805.yar: 14 sigs
[3rd Party] hackingteam.hsb: 435 sigs
[3rd Party] EK_Sakura.yar: 62 sigs
[3rd Party] crypto.yar: 1 sig
[3rd Party] malware.expert.fp: 42 sigs
[3rd Party] EK_Zerox88.yar: 55 sigs
Total number of signatures: 13738144
Platform information
--------------------
uname: FreeBSD 11.2-RELEASE-p3 FreeBSD 11.2-RELEASE-p3 #0: Thu Sep 6 07:14:16 UTC 2018 roo amd64
OS: freebsd11.2, ARCH: amd64, CPU: amd64
zlib version: 1.2.11 (1.2.11), compile flags: a9
platform id: 0x03235c5c0800000000040201
Build information
-----------------
Clang: 4.2.1 Compatible FreeBSD Clang 6.0.0 (tags/RELEASE_600/final 326565) (4.2.1)
CPPFLAGS: -I/usr/local/include
CFLAGS: -O2 -pipe -march=core2 -fstack-protector -fno-strict-aliasing -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
CXXFLAGS: -O2 -pipe -march=core2 -fstack-protector -fno-strict-aliasing
LDFLAGS: -lthr -L/usr/local/lib -Wl,-rpath,/usr/local/lib -fstack-protector
Configure: '--libdir=/usr/local/lib' '--with-dbdir=/var/db/clamav' '--with-zlib=/usr' '--disable-clamuko' '--disable-clamav' '--enable-bigstack' '--enable-readdir_r' '--enable-gethostbyname_r' '--disable-dependency-tracking' '--disable-zlib-vcheck' '--enable-clamdtop' '--enable-xml' '--disable-experimental' '--without-iconv' '--enable-ipv6' '--with-libjson' '--enable-milter' '--with-pcre' '--disable-check' '--enable-unrar' '--with-sendmail=/usr/sbin/sendmail' '--prefix=/usr/local' '--localstatedir=/var' '--mandir=/usr/local/man' '--disable-silent-rules' '--infodir=/usr/local/info/' '--build=amd64-portbld-freebsd11.2' 'build_alias=amd64-portbld-freebsd11.2' 'CC=cc' 'CFLAGS=-O2 -pipe -march=core2 -fstack-protector -fno-strict-aliasing ' 'LDFLAGS= -lthr -L/usr/local/lib -Wl,-rpath,/usr/local/lib -fstack-protector ' 'LIBS=' 'CPPFLAGS=-I/usr/local/include' 'CPP=cpp'
sizeof(void*) = 8
Engine flevel: 92, dconf: 92
If some one could tell me what I am doing incorrectly, I would appreciate it.
--
Jerry
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#