thomas: server/kolabd/kolabd/templates clamd.conf.template.in, 1.1, 1.2 freshclam.conf.template.in, 1.1, 1.2

cvs at kolab.org cvs at kolab.org
Wed Feb 14 18:44:19 CET 2007


Author: thomas

Update of /kolabrepository/server/kolabd/kolabd/templates
In directory doto:/tmp/cvs-serv382/kolabd/kolabd/templates

Modified Files:
	clamd.conf.template.in freshclam.conf.template.in 
Log Message:
Added clamav 0.90 with new config templates, release-notes and obmtool.conf


Index: clamd.conf.template.in
===================================================================
RCS file: /kolabrepository/server/kolabd/kolabd/templates/clamd.conf.template.in,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- clamd.conf.template.in	13 Sep 2005 14:38:22 -0000	1.1
+++ clamd.conf.template.in	14 Feb 2007 17:44:17 -0000	1.2
@@ -25,10 +25,10 @@
 # copy the configuration file, change the LogFile variable, and run
 # the daemon with --config-file option).
 # This option disables log file locking.
-# Default: disabled
-#LogFileUnlock
+# Default: no
+#LogFileUnlock yes
 
-# Maximal size of the log file.
+# Maximum size of the log file.
 # Value of 0 disables the limit.
 # You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
 # and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size
@@ -37,17 +37,17 @@
 #LogFileMaxSize 2M
 
 # Log time with each message.
-# Default: disabled
-LogTime
+# Default: no
+LogTime yes
 
 # Also log clean files. Useful in debugging but drastically increases the
 # log size.
-# Default: disabled
-#LogClean
+# Default: no
+#LogClean yes
 
 # Use system logger (can work together with LogFile).
-# Default: disabled
-#LogSyslog
+# Default: no
+#LogSyslog yes
 
 # Specify the type of syslog messages - please refer to 'man syslog'
 # for facility names.
@@ -55,8 +55,8 @@
 #LogFacility LOG_MAIL
 
 # Enable verbose logging.
-# Default: disabled
-#LogVerbose
+# Default: no
+#LogVerbose yes
 
 # This option allows you to save a process identifier of the listening
 # daemon (main thread).
@@ -75,22 +75,22 @@
 # recommend the local mode.
 
 # Path to a local socket file the daemon will listen on.
-# Default: disabled
+# Default: disabled (must be specified by a user)
 LocalSocket @clamav_socket@
 
 # Remove stale socket after unclean shutdown.
-# Default: disabled
-FixStaleSocket
+# Default: no
+FixStaleSocket yes
 
 # TCP port address.
-# Default: disabled
+# Default: no
 #TCPSocket 3310
 
 # TCP address.
 # By default we bind to INADDR_ANY, probably not wise.
 # Enable the following to provide some degree of protection
 # from the outside world.
-# Default: disabled
+# Default: no
 #TCPAddr 127.0.0.1
 
 # Maximum length the queue of pending connections may grow to.
@@ -101,8 +101,8 @@
 # If you are using clamav-milter to balance load between remote clamd daemons
 # on firewall servers you may need to tune the options below.
 
-# Close the connection if this limit is exceeded.
-# The value should match your MTA's limit for a maximal attachment size.
+# Close the connection when the data size limit is exceeded.
+# The value should match your MTA's limit for a maximum attachment size.
 # Default: 10M
 #StreamMaxLength 20M
 
@@ -112,7 +112,7 @@
 # Default: 2048
 #StreamMaxPort 32000
 
-# Maximal number of threads running at the same time.
+# Maximum number of threads running at the same time.
 # Default: 10
 #MaxThreads 20
 
@@ -125,105 +125,146 @@
 # Default: 30
 #IdleTimeout 60
 
-# Maximal depth directories are scanned at.
+# Maximum depth directories are scanned at.
 # Default: 15
 #MaxDirectoryRecursion 20
 
 # Follow directory symlinks.
-# Default: disabled
-#FollowDirectorySymlinks
+# Default: no
+#FollowDirectorySymlinks yes
 
 # Follow regular file symlinks.
-# Default: disabled
-#FollowFileSymlinks
+# Default: no
+#FollowFileSymlinks yes
 
-# Perform internal sanity check (database integrity and freshness).
+# Perform a database check.
 # Default: 1800 (30 min)
 #SelfCheck 600
 
 # Execute a command when virus is found. In the command string %v will
-# be replaced by a virus name.
-# Default: disabled
-#VirusEvent @bindir@/send_sms 123456789 "VIRUS ALERT: %v"
+# be replaced with the virus name.
+# Default: no
+#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"
 
-# Run as a selected user (clamd must be started by root).
-# Default: disabled
+# Run as another user (clamd must be started by root to make this option
+# working).
+# Default: don't drop privileges
 User @clamav_rusr@
 
 # Initialize supplementary group access (clamd must be started by root).
-# Default: disabled
-#AllowSupplementaryGroups
+# Default: no
+#AllowSupplementaryGroups no
 
 # Stop daemon when libclamav reports out of memory condition.
-#ExitOnOOM
+#ExitOnOOM yes
 
 # Don't fork into background.
-# Default: disabled
-#Foreground
+# Default: no
+#Foreground yes
 
 # Enable debug messages in libclamav.
-# Default: disabled
-#Debug
+# Default: no
+#Debug yes
 
 # Do not remove temporary files (for debug purposes).
-# Default: disabled
-#LeaveTemporaryFiles
-
+# Default: no
+#LeaveTemporaryFiles yes
 
-# By default clamd uses scan options recommended by libclamav. This option
-# disables recommended options and allows you to enable selected ones below.
-# DO NOT TOUCH IT unless you know what you are doing.
-# Default: disabled
-#DisableDefaultScanOptions
+# In some cases (eg. complex malware, exploits in graphic files, and others),
+# ClamAV uses special algorithms to provide accurate detection. This option
+# controls the algorithmic detection.
+# Default: yes
+#AlgorithmicDetection yes
 
 ##
 ## Executable files
 ##
 
 # PE stands for Portable Executable - it's an executable file format used
-# in all 32-bit versions of Windows operating systems. This option allows
+# in all 32 and 64-bit versions of Windows operating systems. This option allows
 # ClamAV to perform a deeper analysis of executable files and it's also
 # required for decompression of popular executable packers such as UPX, FSG,
 # and Petite.
-# Default: enabled
-#ScanPE
+# Default: yes
+#ScanPE yes
 
-# With this option clamav will try to detect broken executables and mark
-# them as Broken.Executable
-# Default: disabled
-#DetectBrokenExecutables
+# Executable and Linking Format is a standard format for UN*X executables.
+# This option allows you to control the scanning of ELF files.
+# Default: yes
+#ScanELF yes
+
+# With this option clamav will try to detect broken executables (both PE and
+# ELF) and mark them as Broken.Executable.
+# Default: no
+#DetectBrokenExecutables yes
 
 
 ##
 ## Documents
 ##
 
-# This option enables scanning of Microsoft Office document macros.
-# Default: enabled
-#ScanOLE2
+# This option enables scanning of OLE2 files, such as Microsoft Office
+# documents and .msi files.
+# Default: yes
+#ScanOLE2 yes
 
 ##
 ## Mail files
 ##
 
 # Enable internal e-mail scanner.
-# Default: enabled
-#ScanMail
+# Default: yes
+#ScanMail yes
 
 # If an email contains URLs ClamAV can download and scan them.
 # WARNING: This option may open your system to a DoS attack.
 #	   Never use it on loaded servers.
-# Default: disabled
-#MailFollowURLs
+# Default: no
+#MailFollowURLs no
+
+# Recursion level limit for the mail scanner.
+# Default: 64
+#MailMaxRecursion 128
+
+# With this option enabled ClamAV will try to detect phishing attempts by using
+# signatures.
+# Default: yes
+#PhishingSignatures yes
 
 
+# Scan urls found in mails for phishing attempts.
+# (available in experimental builds only) 
+# Default: yes
+#PhishingScanURLs yes
+
+# Use phishing detection only for domains listed in the .pdb database. It is
+# not recommended to have this option turned off, because scanning of all
+# domains may lead to many false positives!
+# (available in experimental builds only)
+# Default: yes
+#PhishingRestrictedScan yes
+
+# Always block SSL mismatches in URLs, even if the URL isn't in the database.
+# This can lead to false positives.
+# (available in experimental builds only)
+#
+# Default: no
+#PhishingAlwaysBlockSSLMismatch no
+
+# Always block cloaked URLs, even if URL isn't in database.
+# This can lead to false positives.
+# (available in experimental builds only)
+#
+# Default: no
+#PhishingAlwaysBlockCloak no
+
 ##
 ## HTML
 ##
 
 # Perform HTML normalisation and decryption of MS Script Encoder code.
-# Default: enabled
-#ScanHTML
+# Default: yes
+#ScanHTML yes
 
 
 ##
@@ -231,15 +272,8 @@
 ##
 
 # ClamAV can scan within archives and compressed files.
-# Default: enabled
-#ScanArchive
-
-# Due to license issues libclamav does not support RAR 3.0 archives (only the
-# old 2.0 format is supported). Because some users report stability problems
-# with unrarlib it's disabled by default and you must uncomment the directive
-# below to enable RAR 2.0 support.
-# Default: disabled
-#ScanRAR
+# Default: yes
+#ScanArchive yes
 
 # The options below protect your system against Denial of Service attacks
 # using archive bombs.
@@ -251,10 +285,10 @@
 
 # Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR
 # file, all files within it will also be scanned. This options specifies how
-# deep the process should be continued.
+# deeply the process should be continued.
 # Value of 0 disables the limit.
-# Default: 8 
-#ArchiveMaxRecursion 9
+# Default: 8
+#ArchiveMaxRecursion 10
 
 # Number of files to be scanned within an archive.
 # Value of 0 disables the limit.
@@ -269,18 +303,22 @@
 
 # Use slower but memory efficient decompression algorithm.
 # only affects the bzip2 decompressor.
-# Default: disabled
-#ArchiveLimitMemoryUsage
+# Default: no
+#ArchiveLimitMemoryUsage yes
 
 # Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
-# Default: disabled
-#ArchiveBlockEncrypted
+# Default: no
+#ArchiveBlockEncrypted no
 
 # Mark archives as viruses (e.g. RAR.ExceededFileSize, Zip.ExceededFilesLimit)
 # if ArchiveMaxFiles, ArchiveMaxFileSize, or ArchiveMaxRecursion limit is
 # reached.
-# Default: disabled
-#ArchiveBlockMax
+# Default: no
+#ArchiveBlockMax no
+
+# Enable support for Sensory Networks' NodalCore hardware accelerator.
+# Default: no
+#NodalCoreAcceleration yes
 
 
 ##
@@ -290,16 +328,16 @@
 ##
 
 # Enable Clamuko. Dazuko (/dev/dazuko) must be configured and running.
-# Default: disabled
-#ClamukoScanOnAccess
+# Default: no
+#ClamukoScanOnAccess yes
 
 # Set access mask for Clamuko.
-# Default: disabled
-#ClamukoScanOnOpen
-#ClamukoScanOnClose
-#ClamukoScanOnExec
+# Default: no
+#ClamukoScanOnOpen yes
+#ClamukoScanOnClose yes
+#ClamukoScanOnExec yes
 
-# Set the include paths (all files in them will be scanned). You can have
+# Set the include paths (all files inside them will be scanned). You can have
 # multiple ClamukoIncludePath directives but each directory must be added
 # in a seperate line.
 # Default: disabled
@@ -308,7 +346,7 @@
 
 # Set the exclude paths. All subdirectories are also excluded.
 # Default: disabled
-#ClamukoExcludePath /home/guru
+#ClamukoExcludePath /home/bofh
 
 # Don't scan files larger than ClamukoMaxFileSize
 # Value of 0 disables the limit.

Index: freshclam.conf.template.in
===================================================================
RCS file: /kolabrepository/server/kolabd/kolabd/templates/freshclam.conf.template.in,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- freshclam.conf.template.in	13 Sep 2005 14:38:22 -0000	1.1
+++ freshclam.conf.template.in	14 Feb 2007 17:44:17 -0000	1.2
@@ -8,7 +8,6 @@
 ##
 ## Example config file for freshclam
 ## Please read the freshclam.conf(5) manual before editing this file.
-## This file may be optionally merged with clamd.conf.
 ##
 
 
@@ -25,12 +24,12 @@
 UpdateLogFile @freshclam_logfile@
 
 # Enable verbose logging.
-# Default: disabled
-#LogVerbose
+# Default: no
+#LogVerbose yes
 
 # Use system logger (can work together with UpdateLogFile).
-# Default: disabled
-#LogSyslog
+# Default: no
+#LogSyslog yes
 
 # Specify the type of syslog messages - please refer to 'man syslog'
 # for facility names.
@@ -47,18 +46,19 @@
 #DatabaseOwner clamav
 
 # Initialize supplementary group access (freshclam must be started by root).
-# Default: disabled
-#AllowSupplementaryGroups
+# Default: no
+#AllowSupplementaryGroups yes
 
 # Use DNS to verify virus database version. Freshclam uses DNS TXT records
 # to verify database and software versions. With this directive you can change
 # the database verification domain.
-# Default: enabled, pointing to current.cvd.clamav.net
+# WARNING: Do not touch it unless you're configuring freshclam to use your
+# own database verification domain.
+# Default: current.cvd.clamav.net
 #DNSDatabaseInfo current.cvd.clamav.net
 
 # Uncomment the following line and replace XY with your country
 # code. See http://www.iana.org/cctld/cctld-whois.htm for the full list.
-# Default: There is no default, which results in an error when running freshclam
 #DatabaseMirror db.XY.clamav.net
 
 # database.clamav.net is a round-robin record which points to our most 
@@ -71,6 +71,10 @@
 # Default: 3 (per mirror)
 #MaxAttempts 5
 
+# With this option you can control scripted updates. It's highly recommended
+# to keep it enabled.
+#ScriptedUpdates yes
+
 # Number of database checks per day.
 # Default: 12 (every two hours)
 #Checks 24
@@ -82,16 +86,19 @@
 #HTTPProxyUsername myusername
 #HTTPProxyPassword mypass
 
+# If your servers are behind a firewall/proxy which applies User-Agent
+# filtering you can use this option to force the use of a different
+# User-Agent header.
+# Default: clamav/version_number
+#HTTPUserAgent SomeUserAgentIdString
+
 # Use aaa.bbb.ccc.ddd as client address for downloading databases. Useful for
 # multi-homed systems.
 # Default: Use OS'es default outgoing IP address.
 #LocalIPAddress aaa.bbb.ccc.ddd
 
 # Send the RELOAD command to clamd.
-# Default: disabled
-#NotifyClamd @clamav_confdir@/clamd.conf
-# By default it uses the hardcoded configuration file but you can force an
-# another one.
+# Default: no
 NotifyClamd @clamav_confdir@/clamd.conf
 
 # Run command after successful database update.
@@ -102,10 +109,23 @@
 # Default: disabled
 #OnErrorExecute command
 
-# Don't fork into background.
+# Run command when freshclam reports outdated version.
+# In the command string %v will be replaced by the new version number.
 # Default: disabled
-#Foreground
+#OnOutdatedExecute command
+
+# Don't fork into background.
+# Default: no
+#Foreground yes
 
 # Enable debug messages in libclamav.
-# Default: disabled
-#Debug
+# Default: no
+#Debug yes
+
+# Timeout in seconds when connecting to database server.
+# Default: 30
+#ConnectTimeout 60
+
+# Timeout in seconds when reading from database server.
+# Default: 30
+#ReceiveTimeout 60





More information about the commits mailing list