clamd running but doesn't block any virus emails

K

knoll

Verified User
Joined
Sep 26, 2005
Messages
138
Location
Belgium
hey,

clamd is running and listen on the port no errors
but he lets virus testing emails true

2014-03-16 12:26:33 1WP9D6-0005PM-Uq <= [email protected] H=spammy.outbound.your-site.com [205.233.73.28] P=esmtps X=TLSv1.1:DHE-RSA-AES256-SHA:256 S=2327 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 12:26:38 1WP9D7-0005PR-2f <= [email protected] U=mail P=spam-scanned S=2694 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 12:29:14 1WP9Fi-0005SD-8I <= [email protected] H=spammy.outbound.your-site.com [205.233.73.28] P=esmtps X=TLSv1.1:DHE-RSA-AES256-SHA:256 S=2327 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 12:29:14 1WP9Fi-0005SE-8S <= [email protected] H=spammy.outbound.your-site.com [205.233.73.28] P=esmtps X=TLSv1.1:DHE-RSA-AES256-SHA:256 S=2563 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 12:29:14 1WP9Fi-0005SF-FR <= [email protected] H=spammy.outbound.your-site.com [205.233.73.28] P=esmtps X=TLSv1.1:DHE-RSA-AES256-SHA:256 S=4554 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 12:29:19 1WP9Fi-0005SL-D5 <= [email protected] U=mail P=spam-scanned S=2694 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 12:29:19 1WP9Fi-0005SS-Dm <= [email protected] U=mail P=spam-scanned S=2930 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 12:29:24 1WP9Fi-0005Sa-Nm <= [email protected] U=mail P=spam-scanned S=4956 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 12:34:34 1WP9Ks-0005Xc-D3 <= [email protected] H=spammy.outbound.your-site.com [205.233.73.28] P=esmtps X=TLSv1.1:DHE-RSA-AES256-SHA:256 S=2324 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 12:34:35 1WP9Kt-0005Xi-1K <= [email protected] H=spammy.outbound.your-site.com [205.233.73.28] P=esmtps X=TLSv1.1:DHE-RSA-AES256-SHA:256 S=2561 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 12:34:35 1WP9Kt-0005Xj-40 <= [email protected] H=spammy.outbound.your-site.com [205.233.73.28] P=esmtps X=TLSv1.1:DHE-RSA-AES256-SHA:256 S=4552 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 12:34:40 1WP9Ks-0005Xo-IA <= [email protected] U=mail P=spam-scanned S=2691 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 12:34:40 1WP9Kt-0005Xw-5X <= [email protected] U=mail P=spam-scanned S=2928 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 12:34:45 1WP9Kt-0005Y4-C3 <= [email protected] U=mail P=spam-scanned S=4954 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 13:25:37 1WPA8G-0006O4-V7 <= [email protected] H=spammy.outbound.your-site.com [205.233.73.28] P=esmtps X=TLSv1.1:DHE-RSA-AES256-SHA:256 S=2357 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 13:25:37 1WPA8H-0006O5-9b <= [email protected] H=spammy.outbound.your-site.com [205.233.73.28] P=esmtps X=TLSv1.1:DHE-RSA-AES256-SHA:256 S=2590 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 13:25:37 1WPA8H-0006O6-Ga <= [email protected] H=spammy.outbound.your-site.com [205.233.73.28] P=esmtps X=TLSv1.1:DHE-RSA-AES256-SHA:256 S=4580 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 13:25:42 1WPA8H-0006OB-3v <= [email protected] U=mail P=spam-scanned S=2724 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 13:25:44 1WPA8H-0006OJ-Ek <= [email protected] U=mail P=spam-scanned S=2957 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 13:25:48 1WPA8H-0006OR-OS <= [email protected] U=mail P=spam-scanned S=4995 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 13:49:03 1WPAUx-00074X-KN <= [email protected] H=spammy.outbound.your-site.com [205.233.73.28] P=esmtps X=TLSv1.1:DHE-RSA-AES256-SHA:256 S=2251 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 13:49:04 1WPAUx-00074Y-U3 <= [email protected] H=spammy.outbound.your-site.com [205.233.73.28] P=esmtps X=TLSv1.1:DHE-RSA-AES256-SHA:256 S=2487 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 13:49:04 1WPAUy-00074Z-2N <= [email protected] H=spammy.outbound.your-site.com [205.233.73.28] P=esmtps X=TLSv1.1:DHE-RSA-AES256-SHA:256 S=4479 [email protected] T="EICAR anti-virus test file:" from <[email protected]> for [email protected]
2014-03-16 13:59:07 1WPAeh-0007GB-6v <= [email protected] H=d57e1c22.static.ziggozakelijk.nl (web01.jetron.com) [213.126.28.34] P=esmtp S=20177 [email protected] T="Email met TEST-virussen" from <[email protected]> for [email protected]


clamav log:
Sun Mar 16 13:13:31 2014 -> +++ Started at Sun Mar 16 13:13:31 2014
Sun Mar 16 13:13:31 2014 -> clamd daemon 0.98.1 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Sun Mar 16 13:13:31 2014 -> Running as user clamav (UID 491, GID 491)
Sun Mar 16 13:13:31 2014 -> Log file size limited to 20971520 bytes.
Sun Mar 16 13:13:31 2014 -> Reading databases from /usr/share/clamav
Sun Mar 16 13:13:31 2014 -> Not loading PUA signatures.
Sun Mar 16 13:13:31 2014 -> Bytecode: Security mode set to "TrustSigned".
Sun Mar 16 13:13:35 2014 -> Loaded 3243279 signatures.
Sun Mar 16 13:13:35 2014 -> TCP: Bound to address 127.0.0.1 on port 3310
Sun Mar 16 13:13:35 2014 -> TCP: Setting connection queue length to 200
Sun Mar 16 13:13:35 2014 -> LOCAL: Unix socket file /tmp/clamd.socket
Sun Mar 16 13:13:35 2014 -> LOCAL: Setting connection queue length to 200
Sun Mar 16 13:13:35 2014 -> Limits: Global size limit set to 104857600 bytes.
Sun Mar 16 13:13:35 2014 -> Limits: File size limit set to 26214400 bytes.
Sun Mar 16 13:13:35 2014 -> Limits: Recursion level limit set to 16.
Sun Mar 16 13:13:35 2014 -> Limits: Files limit set to 10000.
Sun Mar 16 13:13:35 2014 -> Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Sun Mar 16 13:13:35 2014 -> Limits: MaxHTMLNormalize limit set to 10485760 bytes.
Sun Mar 16 13:13:35 2014 -> Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Sun Mar 16 13:13:35 2014 -> Limits: MaxScriptNormalize limit set to 5242880 bytes.
Sun Mar 16 13:13:35 2014 -> Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Sun Mar 16 13:13:35 2014 -> Archive support enabled.
Sun Mar 16 13:13:35 2014 -> Algorithmic detection enabled.
Sun Mar 16 13:13:35 2014 -> Portable Executable support enabled.
Sun Mar 16 13:13:35 2014 -> ELF support enabled.
Sun Mar 16 13:13:35 2014 -> Mail files support enabled.
Sun Mar 16 13:13:35 2014 -> OLE2 support enabled.
Sun Mar 16 13:13:35 2014 -> PDF support enabled.
Sun Mar 16 13:13:35 2014 -> SWF support enabled.
Sun Mar 16 13:13:35 2014 -> HTML support enabled.
Sun Mar 16 13:13:35 2014 -> Self checking every 600 seconds.
Sun Mar 16 13:23:35 2014 -> No stats for Database check - forcing reload
Sun Mar 16 13:23:36 2014 -> Reading databases from /usr/share/clamav
Sun Mar 16 13:23:41 2014 -> Database correctly reloaded (3243279 signatures)
Sun Mar 16 13:43:31 2014 -> SelfCheck: Database status OK.
Sun Mar 16 13:53:31 2014 -> SelfCheck: Database status OK.
Sun Mar 16 14:03:32 2014 -> SelfCheck: Database status OK.
[root@kim clamav]#

thanks on advance
greets alex
 
You must log in or register to reply here.
Back
Top