Discussion:
sanesecurity installation for qmailtoaster 64 bit qt version
(too old to reply)
Rajesh M.
2014-10-01 01:53:00 UTC
Permalink
Eric S

just to keep you updated i moved around 2000 users on last sunday and things are normal.

only the ripmime issue took place which i have reported to you by a seperate post.

on a side note, is the corrected version of simscan package released ?

rajesh

----- Original Message -----
From: Eric Shubert [mailto:***@shubes.net]
To: qmailtoaster-***@qmailtoaster.com
Sent: Sun, 21 Sep 2014 19:30:22 -0700
Subject: [qmailtoaster] Re: sanesecurity installation for qmailtoaster 64 bit qt version
eric
i studied the files over the weekend and found that basically what is being done by qtp-install-sanesecurity is download the sanesecurity database files in the specific locations according to the config file.
i created a folder called /opt/qmailtoaster-plus, create bin and other directories as per the old qtp structure and, copied the qtp-install-sanesecurity here and ran it.
but it did not work
on further checks i noted that the clam paths were different
in the 32 bit (qtp) installation the path is
/usr/share/clamav
there is no directory called /var/lib/clamav created
in the 64 bit (qt) it is
/var/lib/clamav
there is no directory called /usr/share/clamav created
That's likely why I didn't bring the qtp-install-sanesecurity script
across, because it'd need some work. /var/lib/ is the "correct" place
for these files in my mind. They're not static software files, so they
don't belong in any /usr subdirectory in my mind. I think any rational
sysadmin would agree with this.
however i use sanesecurity only for the foxhole_all.cdb files files because the other databases give false positives many a time.
The only FPs I've seen from these lists is statements from banking or
financial institutions of some sort, which doesn't surprise me. Rather
than discontinue their use, my solution has been to add the IPs for
these senders (AmEx for example) to the tcp.smtp file, so emails from
those servers are not scanned at all. I think this is a reasonable and
practical solution.
so i simply downloaded the foxhole_all.cdb file in the
/var/lib/clamav and clam is picking this up correctly
Is this file updated at all then automatically, or do you simply update
it manually when you deem it necessary?

I'm not adverse, in fact I'd like to have any easy way to select these
alternative files for scanning. Can you think of a nice way that might
be implemented? Perhaps a script that lists and lets you select which
ones to include? That'd be nice, I think.
on a side note
# /var/qmail/bin/simscanmk -g
gives the following error
LibClamAV Error: cl_cvdhead: Can't open file /usr/share/clamav/main.cvd
LibClamAV Error: cl_cvdhead: Can't open file /usr/share/clamav/daily.cvd
simscan versions cdb file built. /var/qmail/control/simversions.cdb
obviously this is because the clam path is different.
I missed that when I moved those files. Thanks. I'll see about updating
the source and releasing a new simscan package soon. Should be an easy fix.
futher if possible pl let me know the command to stop and start spamassassin
# service spamd
shows the options. Just like most other 'normal' services. :)

Thanks Rajesh!
--
-Eric 'shubes'
----- Original Message -----
Sent: Sat, 20 Sep 2014 07:28:58 -0700
Subject: [qmailtoaster] Re: sanesecurity installation for qmailtoaster 64 bit qt version
hi eric
i have qmailtoaster up and running correctly including the patches to
chkuser. thanks a lot for your guidance
i need to install sanesecurity along with clam. i used to use
qmailtoaster plus earlier
how do i do this with the new 64 bit version
rajesh
That's a good question. I didn't bring that script across to the
qmailtoaster-util package because I was toying with the idea of
including it in the clamav.qt package. I haven't gotten around to doing
that yet though.
I expect that the qtp-install-sanesecurity script will work ok with the
clamav.qt package, although I haven't inspected it closely nor installed
it on COS6 yet.
You're welcome to give it a shot. Please let us know how it goes if you do.
Thanks.
Any progress with this Rajesh? I'm thinking about having a look at this
(I'm missing sanesecurity on my server). I should probably finish up the
next release of qmail first though.
---------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-***@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-***@qmailtoaster.com
Loading...