thomas: server/kolabd/kolabd/templates clamd.conf.template.in, 1.4, 1.5 freshclam.conf.template.in, 1.2, 1.3

cvs at kolab.org cvs at kolab.org
Thu Mar 26 17:17:17 CET 2009


Author: thomas

Update of /kolabrepository/server/kolabd/kolabd/templates
In directory doto:/tmp/cvs-serv6530/kolabd/kolabd/templates

Modified Files:
	clamd.conf.template.in freshclam.conf.template.in 
Log Message:
Update to clamav-0.95-20090323 (including templates)

The templates are not required, but include commented settings for
enabling new features.


Index: clamd.conf.template.in
===================================================================
RCS file: /kolabrepository/server/kolabd/kolabd/templates/clamd.conf.template.in,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- clamd.conf.template.in	17 Mar 2009 13:15:16 -0000	1.4
+++ clamd.conf.template.in	26 Mar 2009 16:17:15 -0000	1.5
@@ -72,15 +72,15 @@
 # Default: hardcoded (depends on installation options)
 DatabaseDirectory @clamav_datadir@
 
-# The daemon works in a local OR a network mode. Due to security reasons we
-# recommend the local mode.
+# The daemon can work in local mode, network mode or both. 
+# Due to security reasons we recommend the local mode.
 
 # Path to a local socket file the daemon will listen on.
 # Default: disabled (must be specified by a user)
 LocalSocket @clamav_socket@
 
 # Remove stale socket after unclean shutdown.
-# Default: no
+# Default: yes
 FixStaleSocket yes
 
 # TCP port address.
@@ -104,8 +104,8 @@
 
 # Close the connection when the data size limit is exceeded.
 # The value should match your MTA's limit for a maximum attachment size.
-# Default: 10M
-#StreamMaxLength 20M
+# Default: 25M
+#StreamMaxLength 10M
 
 # Limit port range.
 # Default: 1024
@@ -126,6 +126,12 @@
 # Default: 30
 #IdleTimeout 60
 
+# Don't scan files and directories matching regex
+# This directive can be used multiple times
+# Default: scan all
+#ExcludePath ^/proc/
+#ExcludePath ^/sys/
+
 # Maximum depth directories are scanned at.
 # Default: 15
 #MaxDirectoryRecursion 20
@@ -147,8 +153,7 @@
 # Default: no
 #VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"
 
-# Run as another user (clamd must be started by root to make this option
-# working).
+# Run as another user (clamd must be started by root for this option to work)
 # Default: don't drop privileges
 User @clamav_rusr@
 
@@ -171,12 +176,31 @@
 # Default: no
 #LeaveTemporaryFiles yes
 
+# Detect Possibly Unwanted Applications.
+# Default: no
+#DetectPUA yes
+
+# Exclude a specific PUA category. This directive can be used multiple times.
+# See http://www.clamav.net/support/pua for the complete list of PUA
+# categories.
+# Default: Load all categories (if DetectPUA is activated)
+#ExcludePUA NetTool
+#ExcludePUA PWTool
+
+# Only include a specific PUA category. This directive can be used multiple
+# times.
+# Default: Load all categories (if DetectPUA is activated)
+#IncludePUA Spy
+#IncludePUA Scanner
+#IncludePUA RAT
+
 # In some cases (eg. complex malware, exploits in graphic files, and others),
 # ClamAV uses special algorithms to provide accurate detection. This option
 # controls the algorithmic detection.
 # Default: yes
 #AlgorithmicDetection yes
 
+
 ##
 ## Executable files
 ##
@@ -210,9 +234,10 @@
 #ScanOLE2 yes
 
 # This option enables scanning within PDF files.
-# Default: no
+# Default: yes
 #ScanPDF yes
 
+
 ##
 ## Mail files
 ##
@@ -227,42 +252,80 @@
 # Default: no
 #MailFollowURLs no
 
-# Recursion level limit for the mail scanner.
-# Default: 64
-#MailMaxRecursion 128
+# Scan RFC1341 messages split over many emails.
+# You will need to periodically clean up $TemporaryDirectory/clamav-partial directory.
+# WARNING: This option may open your system to a DoS attack.
+#	   Never use it on loaded servers.
+# Default: no
+#ScanPartialMessages yes
+
 
 # With this option enabled ClamAV will try to detect phishing attempts by using
 # signatures.
 # Default: yes
 #PhishingSignatures yes
 
-
-# Scan urls found in mails for phishing attempts.
-# (available in experimental builds only) 
+# Scan URLs found in mails for phishing attempts using heuristics.
 # Default: yes
 #PhishingScanURLs yes
 
-# Use phishing detection only for domains listed in the .pdb database. It is
-# not recommended to have this option turned off, because scanning of all
-# domains may lead to many false positives!
-# (available in experimental builds only)
-# Default: yes
-#PhishingRestrictedScan yes
-
 # Always block SSL mismatches in URLs, even if the URL isn't in the database.
 # This can lead to false positives.
-# (available in experimental builds only)
 #
 # Default: no
 #PhishingAlwaysBlockSSLMismatch no
 
 # Always block cloaked URLs, even if URL isn't in database.
 # This can lead to false positives.
-# (available in experimental builds only)
 #
 # Default: no
 #PhishingAlwaysBlockCloak no
 
+# Allow heuristic match to take precedence.
+# When enabled, if a heuristic scan (such as phishingScan) detects
+# a possible virus/phish it will stop scan immediately. Recommended, saves CPU
+# scan-time.
+# When disabled, virus/phish detected by heuristic scans will be reported only at
+# the end of a scan. If an archive contains both a heuristically detected
+# virus/phish, and a real malware, the real malware will be reported
+#
+# Keep this disabled if you intend to handle "*.Heuristics.*" viruses 
+# differently from "real" malware.
+# If a non-heuristically-detected virus (signature-based) is found first, 
+# the scan is interrupted immediately, regardless of this config option.
+#
+# Default: no
+#HeuristicScanPrecedence yes
+
+##
+## Data Loss Prevention (DLP)
+##
+
+# Enable the DLP module
+# Default: No
+#StructuredDataDetection yes
+
+# This option sets the lowest number of Credit Card numbers found in a file
+# to generate a detect.
+# Default: 3
+#StructuredMinCreditCardCount 5
+
+# This option sets the lowest number of Social Security Numbers found
+# in a file to generate a detect.
+# Default: 3
+#StructuredMinSSNCount 5
+
+# With this option enabled the DLP module will search for valid
+# SSNs formatted as xxx-yy-zzzz
+# Default: yes
+#StructuredSSNFormatNormal yes
+
+# With this option enabled the DLP module will search for valid
+# SSNs formatted as xxxyyzzzz
+# Default: no
+#StructuredSSNFormatStripped yes
+
+
 ##
 ## HTML
 ##
@@ -280,50 +343,57 @@
 # Default: yes
 #ScanArchive yes
 
+# Use slower but memory efficient decompression algorithm.
+# only affects the bzip2 decompressor.
+# Default: no
+#ArchiveLimitMemoryUsage yes
+
+# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
+# Default: no
+#ArchiveBlockEncrypted no
+
+
+##
+## Limits
+##
+
 # The options below protect your system against Denial of Service attacks
 # using archive bombs.
 
-# Files in archives larger than this limit won't be scanned.
+# This option sets the maximum amount of data to be scanned for each input file.
+# Archives and other containers are recursively extracted and scanned up to this
+# value.
+# Value of 0 disables the limit
+# Note: disabling this limit or setting it too high may result in severe damage
+# to the system.
+# Default: 100M
+#MaxScanSize 150M
+
+# Files larger than this limit won't be scanned. Affects the input file itself
+# as well as files contained inside it (when the input file is an archive, a
+# document or some other kind of container).
 # Value of 0 disables the limit.
-# Default: 10M
-#ArchiveMaxFileSize 15M
+# Note: disabling this limit or setting it too high may result in severe damage
+# to the system.
+# Default: 25M
+#MaxFileSize 30M
 
 # Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR
 # file, all files within it will also be scanned. This options specifies how
 # deeply the process should be continued.
+# Note: disabling this limit or setting it too high may result in severe damage
+# to the system.
 # Value of 0 disables the limit.
-# Default: 8
-#ArchiveMaxRecursion 10
-
-# Number of files to be scanned within an archive.
-# Value of 0 disables the limit.
-# Default: 1000
-#ArchiveMaxFiles 1500
+# Default: 16
+#MaxRecursion 10
 
-# If a file in an archive is compressed more than ArchiveMaxCompressionRatio
-# times it will be marked as a virus (Oversized.ArchiveType, e.g. Oversized.Zip)
+# Number of files to be scanned within an archive, a document, or any other
+# container file.
 # Value of 0 disables the limit.
-# Default: 250
-#ArchiveMaxCompressionRatio 300
-
-# Use slower but memory efficient decompression algorithm.
-# only affects the bzip2 decompressor.
-# Default: no
-#ArchiveLimitMemoryUsage yes
-
-# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
-# Default: no
-#ArchiveBlockEncrypted no
-
-# Mark archives as viruses (e.g. RAR.ExceededFileSize, Zip.ExceededFilesLimit)
-# if ArchiveMaxFiles, ArchiveMaxFileSize, or ArchiveMaxRecursion limit is
-# reached.
-# Default: no
-#ArchiveBlockMax no
-
-# Enable support for Sensory Networks' NodalCore hardware accelerator.
-# Default: no
-#NodalCoreAcceleration yes
+# Note: disabling this limit or setting it too high may result in severe damage
+# to the system.
+# Default: 10000
+#MaxFiles 15000
 
 
 ##

Index: freshclam.conf.template.in
===================================================================
RCS file: /kolabrepository/server/kolabd/kolabd/templates/freshclam.conf.template.in,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- freshclam.conf.template.in	14 Feb 2007 17:44:17 -0000	1.2
+++ freshclam.conf.template.in	26 Mar 2009 16:17:15 -0000	1.3
@@ -23,6 +23,18 @@
 # Default: disabled
 UpdateLogFile @freshclam_logfile@
 
+# Maximum size of the log file.
+# Value of 0 disables the limit.
+# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
+# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes).
+# in bytes just don't use modifiers.
+# Default: 1M
+#LogFileMaxSize 2M
+
+# Log time with each message.
+# Default: no
+#LogTime yes
+
 # Enable verbose logging.
 # Default: no
 #LogVerbose yes
@@ -73,8 +85,15 @@
 
 # With this option you can control scripted updates. It's highly recommended
 # to keep it enabled.
+# Default: yes
 #ScriptedUpdates yes
 
+# By default freshclam will keep the local databases (.cld) uncompressed to
+# make their handling faster. With this option you can enable the compression;
+# the change will take effect with the next database update.
+# Default: no
+#CompressLocalDatabase no
+
 # Number of database checks per day.
 # Default: 12 (every two hours)
 #Checks 24
@@ -129,3 +148,35 @@
 # Timeout in seconds when reading from database server.
 # Default: 30
 #ReceiveTimeout 60
+
+# When enabled freshclam will submit statistics to the ClamAV Project about
+# the latest virus detections in your environment. The ClamAV maintainers
+# will then use this data to determine what types of malware are the most
+# detected in the field and in what geographic area they are.
+# This feature requires LogTime and LogFile to be enabled in clamd.conf.
+# Default: no
+#SubmitDetectionStats /path/to/clamd.conf
+
+# Country of origin of malware/detection statistics (for statistical
+# purposes only). The statistics collector at ClamAV.net will look up
+# your IP address to determine the geographical origin of the malware
+# reported by your installation. If this installation is mainly used to
+# scan data which comes from a different location, please enable this
+# option and enter a two-letter code (see http://www.iana.org/domains/root/db/)
+# of the country of origin.
+# Default: disabled
+#DetectionStatsCountry country-code
+
+# This option enables support for Google Safe Browsing. When activated for
+# the first time, freshclam will download a new database file (safebrowsing.cvd)
+# which will be automatically loaded by clamd and clamscan during the next
+# reload, provided that the heuristic phishing detection is turned on. This
+# database includes information about websites that may be phishing sites or
+# possible sources of malware. When using this option, it's mandatory to run
+# freshclam at least every 30 minutes.
+# Freshclam uses the ClamAV's mirror infrastructure to distribute the
+# database and its updates but all the contents are provided under Google's
+# terms of use. See http://code.google.com/support/bin/answer.py?answer=70015
+# and http://safebrowsing.clamav.net for more information.
+# Default: disabled
+#SafeBrowsing yes





More information about the commits mailing list