summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--kolabd/kolabd/ChangeLog7
-rw-r--r--kolabd/kolabd/templates/clamd.conf.template.in182
-rw-r--r--kolabd/kolabd/templates/freshclam.conf.template.in51
-rw-r--r--release-notes.txt7
4 files changed, 190 insertions, 57 deletions
diff --git a/kolabd/kolabd/ChangeLog b/kolabd/kolabd/ChangeLog
index b9b5ad8..b81b3b6 100644
--- a/kolabd/kolabd/ChangeLog
+++ b/kolabd/kolabd/ChangeLog
@@ -1,3 +1,10 @@
+2009-04-06 Thomas Arendsen Hein <thomas@intevation.de>
+
+ * templates/clamd.conf.template.in,
+ templates/freshclam.conf.template.in:
+ Updated templates for clamav-0.95-20090323 for
+ kolab/issue3513 (Clamav - new upstream version 0.95)
+
2009-03-17 Mathieu Parent <math.parent@gmail.com>
* dist_conf/debian: Prepare kolabd for additional webclient
diff --git a/kolabd/kolabd/templates/clamd.conf.template.in b/kolabd/kolabd/templates/clamd.conf.template.in
index dfc6b7a..a530e65 100644
--- a/kolabd/kolabd/templates/clamd.conf.template.in
+++ b/kolabd/kolabd/templates/clamd.conf.template.in
@@ -71,15 +71,15 @@ PidFile @clamav_pidfile@
# Default: hardcoded (depends on installation options)
DatabaseDirectory @clamav_datadir@
-# The daemon works in a local OR a network mode. Due to security reasons we
-# recommend the local mode.
+# The daemon can work in local mode, network mode or both.
+# Due to security reasons we recommend the local mode.
# Path to a local socket file the daemon will listen on.
# Default: disabled (must be specified by a user)
LocalSocket @clamav_socket@
# Remove stale socket after unclean shutdown.
-# Default: no
+# Default: yes
FixStaleSocket yes
# TCP port address.
@@ -103,8 +103,8 @@ FixStaleSocket yes
# Close the connection when the data size limit is exceeded.
# The value should match your MTA's limit for a maximum attachment size.
-# Default: 10M
-#StreamMaxLength 20M
+# Default: 25M
+#StreamMaxLength 10M
# Limit port range.
# Default: 1024
@@ -125,6 +125,12 @@ FixStaleSocket yes
# Default: 30
#IdleTimeout 60
+# Don't scan files and directories matching regex
+# This directive can be used multiple times
+# Default: scan all
+#ExcludePath ^/proc/
+#ExcludePath ^/sys/
+
# Maximum depth directories are scanned at.
# Default: 15
#MaxDirectoryRecursion 20
@@ -146,8 +152,7 @@ FixStaleSocket yes
# Default: no
#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"
-# Run as another user (clamd must be started by root to make this option
-# working).
+# Run as another user (clamd must be started by root for this option to work)
# Default: don't drop privileges
User @clamav_rusr@
@@ -170,12 +175,31 @@ User @clamav_rusr@
# Default: no
#LeaveTemporaryFiles yes
+# Detect Possibly Unwanted Applications.
+# Default: no
+#DetectPUA yes
+
+# Exclude a specific PUA category. This directive can be used multiple times.
+# See http://www.clamav.net/support/pua for the complete list of PUA
+# categories.
+# Default: Load all categories (if DetectPUA is activated)
+#ExcludePUA NetTool
+#ExcludePUA PWTool
+
+# Only include a specific PUA category. This directive can be used multiple
+# times.
+# Default: Load all categories (if DetectPUA is activated)
+#IncludePUA Spy
+#IncludePUA Scanner
+#IncludePUA RAT
+
# In some cases (eg. complex malware, exploits in graphic files, and others),
# ClamAV uses special algorithms to provide accurate detection. This option
# controls the algorithmic detection.
# Default: yes
#AlgorithmicDetection yes
+
##
## Executable files
##
@@ -209,9 +233,10 @@ User @clamav_rusr@
#ScanOLE2 yes
# This option enables scanning within PDF files.
-# Default: no
+# Default: yes
#ScanPDF yes
+
##
## Mail files
##
@@ -226,42 +251,80 @@ User @clamav_rusr@
# Default: no
#MailFollowURLs no
-# Recursion level limit for the mail scanner.
-# Default: 64
-#MailMaxRecursion 128
+# Scan RFC1341 messages split over many emails.
+# You will need to periodically clean up $TemporaryDirectory/clamav-partial directory.
+# WARNING: This option may open your system to a DoS attack.
+# Never use it on loaded servers.
+# Default: no
+#ScanPartialMessages yes
+
# With this option enabled ClamAV will try to detect phishing attempts by using
# signatures.
# Default: yes
#PhishingSignatures yes
-
-# Scan urls found in mails for phishing attempts.
-# (available in experimental builds only)
+# Scan URLs found in mails for phishing attempts using heuristics.
# Default: yes
#PhishingScanURLs yes
-# Use phishing detection only for domains listed in the .pdb database. It is
-# not recommended to have this option turned off, because scanning of all
-# domains may lead to many false positives!
-# (available in experimental builds only)
-# Default: yes
-#PhishingRestrictedScan yes
-
# Always block SSL mismatches in URLs, even if the URL isn't in the database.
# This can lead to false positives.
-# (available in experimental builds only)
#
# Default: no
#PhishingAlwaysBlockSSLMismatch no
# Always block cloaked URLs, even if URL isn't in database.
# This can lead to false positives.
-# (available in experimental builds only)
#
# Default: no
#PhishingAlwaysBlockCloak no
+# Allow heuristic match to take precedence.
+# When enabled, if a heuristic scan (such as phishingScan) detects
+# a possible virus/phish it will stop scan immediately. Recommended, saves CPU
+# scan-time.
+# When disabled, virus/phish detected by heuristic scans will be reported only at
+# the end of a scan. If an archive contains both a heuristically detected
+# virus/phish, and a real malware, the real malware will be reported
+#
+# Keep this disabled if you intend to handle "*.Heuristics.*" viruses
+# differently from "real" malware.
+# If a non-heuristically-detected virus (signature-based) is found first,
+# the scan is interrupted immediately, regardless of this config option.
+#
+# Default: no
+#HeuristicScanPrecedence yes
+
+##
+## Data Loss Prevention (DLP)
+##
+
+# Enable the DLP module
+# Default: No
+#StructuredDataDetection yes
+
+# This option sets the lowest number of Credit Card numbers found in a file
+# to generate a detect.
+# Default: 3
+#StructuredMinCreditCardCount 5
+
+# This option sets the lowest number of Social Security Numbers found
+# in a file to generate a detect.
+# Default: 3
+#StructuredMinSSNCount 5
+
+# With this option enabled the DLP module will search for valid
+# SSNs formatted as xxx-yy-zzzz
+# Default: yes
+#StructuredSSNFormatNormal yes
+
+# With this option enabled the DLP module will search for valid
+# SSNs formatted as xxxyyzzzz
+# Default: no
+#StructuredSSNFormatStripped yes
+
+
##
## HTML
##
@@ -279,50 +342,57 @@ User @clamav_rusr@
# Default: yes
#ScanArchive yes
+# Use slower but memory efficient decompression algorithm.
+# only affects the bzip2 decompressor.
+# Default: no
+#ArchiveLimitMemoryUsage yes
+
+# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
+# Default: no
+#ArchiveBlockEncrypted no
+
+
+##
+## Limits
+##
+
# The options below protect your system against Denial of Service attacks
# using archive bombs.
-# Files in archives larger than this limit won't be scanned.
+# This option sets the maximum amount of data to be scanned for each input file.
+# Archives and other containers are recursively extracted and scanned up to this
+# value.
+# Value of 0 disables the limit
+# Note: disabling this limit or setting it too high may result in severe damage
+# to the system.
+# Default: 100M
+#MaxScanSize 150M
+
+# Files larger than this limit won't be scanned. Affects the input file itself
+# as well as files contained inside it (when the input file is an archive, a
+# document or some other kind of container).
# Value of 0 disables the limit.
-# Default: 10M
-#ArchiveMaxFileSize 15M
+# Note: disabling this limit or setting it too high may result in severe damage
+# to the system.
+# Default: 25M
+#MaxFileSize 30M
# Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR
# file, all files within it will also be scanned. This options specifies how
# deeply the process should be continued.
+# Note: disabling this limit or setting it too high may result in severe damage
+# to the system.
# Value of 0 disables the limit.
-# Default: 8
-#ArchiveMaxRecursion 10
+# Default: 16
+#MaxRecursion 10
-# Number of files to be scanned within an archive.
+# Number of files to be scanned within an archive, a document, or any other
+# container file.
# Value of 0 disables the limit.
-# Default: 1000
-#ArchiveMaxFiles 1500
-
-# If a file in an archive is compressed more than ArchiveMaxCompressionRatio
-# times it will be marked as a virus (Oversized.ArchiveType, e.g. Oversized.Zip)
-# Value of 0 disables the limit.
-# Default: 250
-#ArchiveMaxCompressionRatio 300
-
-# Use slower but memory efficient decompression algorithm.
-# only affects the bzip2 decompressor.
-# Default: no
-#ArchiveLimitMemoryUsage yes
-
-# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
-# Default: no
-#ArchiveBlockEncrypted no
-
-# Mark archives as viruses (e.g. RAR.ExceededFileSize, Zip.ExceededFilesLimit)
-# if ArchiveMaxFiles, ArchiveMaxFileSize, or ArchiveMaxRecursion limit is
-# reached.
-# Default: no
-#ArchiveBlockMax no
-
-# Enable support for Sensory Networks' NodalCore hardware accelerator.
-# Default: no
-#NodalCoreAcceleration yes
+# Note: disabling this limit or setting it too high may result in severe damage
+# to the system.
+# Default: 10000
+#MaxFiles 15000
##
diff --git a/kolabd/kolabd/templates/freshclam.conf.template.in b/kolabd/kolabd/templates/freshclam.conf.template.in
index 72ee160..da3e584 100644
--- a/kolabd/kolabd/templates/freshclam.conf.template.in
+++ b/kolabd/kolabd/templates/freshclam.conf.template.in
@@ -23,6 +23,18 @@ DatabaseDirectory @clamav_datadir@
# Default: disabled
UpdateLogFile @freshclam_logfile@
+# Maximum size of the log file.
+# Value of 0 disables the limit.
+# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
+# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes).
+# in bytes just don't use modifiers.
+# Default: 1M
+#LogFileMaxSize 2M
+
+# Log time with each message.
+# Default: no
+#LogTime yes
+
# Enable verbose logging.
# Default: no
#LogVerbose yes
@@ -73,8 +85,15 @@ DatabaseMirror database.clamav.net
# With this option you can control scripted updates. It's highly recommended
# to keep it enabled.
+# Default: yes
#ScriptedUpdates yes
+# By default freshclam will keep the local databases (.cld) uncompressed to
+# make their handling faster. With this option you can enable the compression;
+# the change will take effect with the next database update.
+# Default: no
+#CompressLocalDatabase no
+
# Number of database checks per day.
# Default: 12 (every two hours)
#Checks 24
@@ -129,3 +148,35 @@ NotifyClamd @clamav_confdir@/clamd.conf
# Timeout in seconds when reading from database server.
# Default: 30
#ReceiveTimeout 60
+
+# When enabled freshclam will submit statistics to the ClamAV Project about
+# the latest virus detections in your environment. The ClamAV maintainers
+# will then use this data to determine what types of malware are the most
+# detected in the field and in what geographic area they are.
+# This feature requires LogTime and LogFile to be enabled in clamd.conf.
+# Default: no
+#SubmitDetectionStats /path/to/clamd.conf
+
+# Country of origin of malware/detection statistics (for statistical
+# purposes only). The statistics collector at ClamAV.net will look up
+# your IP address to determine the geographical origin of the malware
+# reported by your installation. If this installation is mainly used to
+# scan data which comes from a different location, please enable this
+# option and enter a two-letter code (see http://www.iana.org/domains/root/db/)
+# of the country of origin.
+# Default: disabled
+#DetectionStatsCountry country-code
+
+# This option enables support for Google Safe Browsing. When activated for
+# the first time, freshclam will download a new database file (safebrowsing.cvd)
+# which will be automatically loaded by clamd and clamscan during the next
+# reload, provided that the heuristic phishing detection is turned on. This
+# database includes information about websites that may be phishing sites or
+# possible sources of malware. When using this option, it's mandatory to run
+# freshclam at least every 30 minutes.
+# Freshclam uses the ClamAV's mirror infrastructure to distribute the
+# database and its updates but all the contents are provided under Google's
+# terms of use. See http://code.google.com/support/bin/answer.py?answer=70015
+# and http://safebrowsing.clamav.net for more information.
+# Default: disabled
+#SafeBrowsing yes
diff --git a/release-notes.txt b/release-notes.txt
index 8e82e81..692d9f6 100644
--- a/release-notes.txt
+++ b/release-notes.txt
@@ -45,6 +45,10 @@ Differences between Kolab 2.1 and 2.2:
Changes between 2.2.1-rc-1 and 2.2.1:
+ - clamav-0.95-20090323
+
+ kolab/issue3513 (Clamav - new upstream version 0.95)
+
- imapd-2.3.13-20081020_kolab2
kolab/issue2535 (group:distributionlist@example.com doesn't work
@@ -54,12 +58,13 @@ Changes between 2.2.1-rc-1 and 2.2.1:
kolab/issue3130 (Perl Error on Upgrade)
- - kolabd-2.2.1-20090331
+ - kolabd-2.2.1-20090406
kolab/issue3096 (Address book aliases shouldn't redirect outgoing
mails)
kolab/issue3420 (web client prefs and hooks should be
configurable via templates)
+ kolab/issue3513 (Clamav - new upstream version 0.95)
- Kolab_Filter-0.1.4-20090401