Clamspam signature update script *Updated 8/2011*

Users tips and ideas

Moderators: FlorianB, Pascal, bourgeois, mentor

fredmdl
Posts: 2
Joined: Tue Oct 29, 2013 3:32 pm
How did you hear about Mailcleaner: Zimbra Forum

Re: Clamspam signature update script *Updated 8/2011*

Postby fredmdl » Wed Oct 30, 2013 5:02 pm

Hi,

I follow the Koma tip and work perfect.
Thak you guys for the post...
User avatar
toothycardus
Posts: 293
Joined: Fri Jul 13, 2012 11:51 am
How did you hear about Mailcleaner: Google
Location: United Kingdom

Re: Clamspam signature update script *Updated 8/2011*

Postby toothycardus » Thu Oct 31, 2013 3:18 pm

koma wrote:The old attachment is obsolete and did not work anymore:
there is the current version of the updater: http://sourceforge.net/projects/unofficial-sigs/
And here is my working configuration file:

Code: Select all

PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/clamav/bin"
export PATH
clam_user="clamav"
clam_group="clamav"
setmode="yes"
clam_dbs="/var/mailcleaner/spool/clamspam"
clamd_pid="/var/mailcleaner/run/clamav/clamspamd.pid"
reload_dbs="yes"
reload_opt="/usr/mailcleaner/etc/init.d/clamspamd restart"
clamd_socket="/var/mailcleaner/run/clamav/clamspamd.sock"
enable_random="yes"
min_sleep_time="60"    # Default minimum is 60 seconds (1 minute).
max_sleep_time="600"   # Default maximum is 600 seconds (10 minutes).
ss_dbs="
   blurl.ndb
   junk.ndb
   jurlbl.ndb
   phish.ndb
   rogue.hdb
   sanesecurity.ftm
   scam.ndb
   sigwhitelist.ign2
   spamattach.hdb
   spamimg.hdb
   winnow.attachments.hdb
   winnow_bad_cw.hdb
   winnow_extended_malware.hdb
   winnow_malware.hdb
   winnow_malware_links.ndb
   doppelstern.hdb
   bofhland_cracked_URL.ndb
   bofhland_malware_attach.hdb
   bofhland_malware_URL.ndb
   bofhland_phishing_URL.ndb
   crdfam.clamav.hdb
   phishtank.ndb
   porcupine.ndb
"
si_dbs="
   honeynet.hdb
   securiteinfo.hdb
   securiteinfobat.hdb
   securiteinfodos.hdb
   securiteinfoelf.hdb
   securiteinfohtml.hdb
   securiteinfooffice.hdb
   securiteinfopdf.hdb
   securiteinfosh.hdb
"
si_update_hours="4"   # Default is 4 hours (6 update checks daily).
mbl_dbs="
   mbl.ndb
"
mbl_update_hours="6"   # Default is 6 hours (4 downloads daily).
rsync_connect_timeout="15"
rsync_max_time="60"
curl_connect_timeout="15"
curl_max_time="90"
work_dir="/sanesecurity/cache"
ss_dir="$work_dir/ss-dbs"        # Sanesecurity sub-directory
si_dir="$work_dir/si-dbs"        # SecuriteInfo sub-directory
mbl_dir="$work_dir/mbl-dbs"      # MalwarePatrol sub-directory
config_dir="$work_dir/configs"   # Script configs sub-directory
gpg_dir="$work_dir/gpg-key"      # Sanesecurity GPG Key sub-directory
add_dir="$work_dir/add-dbs"      # User defined databases sub-directory
keep_db_backup="no"
curl_silence="no"      # Default is "no" to report curl statistics
rsync_silence="no"     # Default is "no" to report rsync statistics
gpg_silence="no"       # Default is "no" to report gpg signature status
comment_silence="no"   # Default is "no" to report script comments
enable_logging="no"
log_file_path="/var/log"
log_file_name="clamav-unofficial-sigs.log"
rsync_proxy=""
curl_proxy=""
user_configuration_complete="yes"




Cheers Koma didn't even realise mine had not been working correctly, all good now though :D
texnet-it
Posts: 2
Joined: Thu Oct 31, 2013 6:29 pm
How did you hear about Mailcleaner: google

Re: Clamspam signature update script *Updated 8/2011*

Postby texnet-it » Fri Nov 01, 2013 10:16 am

Hi,

I know this is an old post but I followed the instructions below but when i do the command ./clamav-unofficial-sigs.sh
I get the error Could not download Sanesecurity public GPG key

mkdir /sanesecurity /sanesecurity/cache
cd /tmp
wget http://sourceforge.net/projects/unofficial-sigs/
tar xvf clamav-unofficial-sigs.tar.gz
mv clamav-unofficial-sigs-3.7.1/* /sanesecurity/
chmod 755 /sanesecurity/clamav-unofficial-sigs.sh
cp /sanesecurity/clamav-unofficial-sigs.conf /etc/
nano /etc/clamav-unofficial-sigs.conf

Change the following lines to suit

PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/clamav/bin"
clam_dbs="/var/mailcleaner/spool/clamspam"
clamd_pid="/var/mailcleaner/run/clamav/clamd.pid"
user_configuration_complete="yes"

Save Changes

cd /sanesecurity
./clamav-unofficial-sigs.sh
bshackelford
Posts: 6
Joined: Thu Oct 17, 2013 3:30 pm
How did you hear about Mailcleaner: Web Search

Re: Clamspam signature update script *Updated 8/2011*

Postby bshackelford » Fri Nov 15, 2013 1:56 pm

To fix the error in the download of the GPG Signature, simply install curl:

Code: Select all

apt-get install curl
anael.savioz
Posts: 3
Joined: Thu Jan 26, 2012 4:18 pm
How did you hear about Mailcleaner: spam ?

Re: Clamspam signature update script *Updated 8/2011*

Postby anael.savioz » Sat Jan 04, 2014 11:02 am

Thanks koma, your config is running fine !
Amack
Posts: 1
Joined: Thu Sep 24, 2015 9:52 am
How did you hear about Mailcleaner: Google

Re: Clamspam signature update script *Updated 8/2011*

Postby Amack » Fri Sep 25, 2015 4:03 pm

I am sorry to necro an old post but i am very new to linux and these forums how do load the provided config by koma
Admiral
Posts: 9
Joined: Sun May 31, 2015 1:48 am
How did you hear about Mailcleaner: friend

Re: Clamspam signature update script *Updated 8/2011*

Postby Admiral » Sat Dec 12, 2015 12:50 am

I followed all of the instructions but i get :

Clamscan reports SecuriteInfo securiteinfosh.hdb database integrity tested BAD - SKIPPING
rsync: link_stat "/sanesecurity/cache/si-dbs/securiteinfosh.hdb" failed: No such file or directory (2)
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1060) [sender=3.0.7]


:(
Admiral
Posts: 9
Joined: Sun May 31, 2015 1:48 am
How did you hear about Mailcleaner: friend

Re: Clamspam signature update script *Updated 8/2011*

Postby Admiral » Fri Jan 08, 2016 12:06 pm

Help would be appriciated :)
vid99
Posts: 3
Joined: Thu Jan 07, 2016 9:30 pm
How did you hear about Mailcleaner: http://www.happymac.info/cms/knowledge-base/102-ma

Re: Clamspam signature update script *Updated 8/2011*

Postby vid99 » Sat Jan 09, 2016 9:04 am

I was getting the same error on a brand new setup. Did lots of searching/reading...

Clamscan reports SecuriteInfo securiteinfosh.hdb database integrity tested BAD - SKIPPING
rsync: link_stat "/sanesecurity/cache/si-dbs/securiteinfosh.hdb" failed: No such file or directory (2)
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1060) [sender=3.0.7]


Looks like there was a change a few months ago and some of those dbs are no longer used. See some links:

http://lists.clamav.net/pipermail/clama ... 01459.html
http://lists.clamav.net/pipermail/clama ... 01452.html

So commenting out those lines like this, made the errors go away:

si_dbs=""
#honeynet.hdb
#securiteinfo.hdb
#securiteinfobat.hdb
#securiteinfodos.hdb
#securiteinfoelf.hdb
#securiteinfohtml.hdb
#securiteinfooffice.hdb
#securiteinfopdf.hdb
#securiteinfosh.hdb
#"
#si_update_hours="4" # Default is 4 hours (6 update checks daily).
#mbl_dbs="
#mbl.ndb
#"


I see that there is a new script posted as well and Bill Landry's is crossed out:
http://sanesecurity.com/usage/linux-scripts/

I may give the new script a try over the next week, wonder if anyone else has tried it...
charlesd
Posts: 23
Joined: Thu Jan 23, 2014 8:39 pm
How did you hear about Mailcleaner: recommended on a random forum post

Re: Clamspam signature update script *Updated 8/2011*

Postby charlesd » Wed Jan 20, 2016 6:49 pm

I'm using the updated script. In order to get clamscan to validate the downloaded databases, you need to add the following to your clamav-unofficial-sigs.conf :

Code: Select all

PATH=$PATH:/opt/clamav/bin


Otherwise the clamscan binary can't be found and the script will interpret it as failing to validate the updates.

Return to “Tips”

Who is online

Users browsing this forum: No registered users and 1 guest