thomas: server/kolabd/kolabd/templates clamd.conf.template.in, 1.4, 1.5 freshclam.conf.template.in, 1.2, 1.3
cvs at kolab.org
cvs at kolab.org
Thu Mar 26 17:17:17 CET 2009
Author: thomas
Update of /kolabrepository/server/kolabd/kolabd/templates
In directory doto:/tmp/cvs-serv6530/kolabd/kolabd/templates
Modified Files:
clamd.conf.template.in freshclam.conf.template.in
Log Message:
Update to clamav-0.95-20090323 (including templates)
The templates are not required, but include commented settings for
enabling new features.
Index: clamd.conf.template.in
===================================================================
RCS file: /kolabrepository/server/kolabd/kolabd/templates/clamd.conf.template.in,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- clamd.conf.template.in 17 Mar 2009 13:15:16 -0000 1.4
+++ clamd.conf.template.in 26 Mar 2009 16:17:15 -0000 1.5
@@ -72,15 +72,15 @@
# Default: hardcoded (depends on installation options)
DatabaseDirectory @clamav_datadir@
-# The daemon works in a local OR a network mode. Due to security reasons we
-# recommend the local mode.
+# The daemon can work in local mode, network mode or both.
+# Due to security reasons we recommend the local mode.
# Path to a local socket file the daemon will listen on.
# Default: disabled (must be specified by a user)
LocalSocket @clamav_socket@
# Remove stale socket after unclean shutdown.
-# Default: no
+# Default: yes
FixStaleSocket yes
# TCP port address.
@@ -104,8 +104,8 @@
# Close the connection when the data size limit is exceeded.
# The value should match your MTA's limit for a maximum attachment size.
-# Default: 10M
-#StreamMaxLength 20M
+# Default: 25M
+#StreamMaxLength 10M
# Limit port range.
# Default: 1024
@@ -126,6 +126,12 @@
# Default: 30
#IdleTimeout 60
+# Don't scan files and directories matching regex
+# This directive can be used multiple times
+# Default: scan all
+#ExcludePath ^/proc/
+#ExcludePath ^/sys/
+
# Maximum depth directories are scanned at.
# Default: 15
#MaxDirectoryRecursion 20
@@ -147,8 +153,7 @@
# Default: no
#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"
-# Run as another user (clamd must be started by root to make this option
-# working).
+# Run as another user (clamd must be started by root for this option to work)
# Default: don't drop privileges
User @clamav_rusr@
@@ -171,12 +176,31 @@
# Default: no
#LeaveTemporaryFiles yes
+# Detect Possibly Unwanted Applications.
+# Default: no
+#DetectPUA yes
+
+# Exclude a specific PUA category. This directive can be used multiple times.
+# See http://www.clamav.net/support/pua for the complete list of PUA
+# categories.
+# Default: Load all categories (if DetectPUA is activated)
+#ExcludePUA NetTool
+#ExcludePUA PWTool
+
+# Only include a specific PUA category. This directive can be used multiple
+# times.
+# Default: Load all categories (if DetectPUA is activated)
+#IncludePUA Spy
+#IncludePUA Scanner
+#IncludePUA RAT
+
# In some cases (eg. complex malware, exploits in graphic files, and others),
# ClamAV uses special algorithms to provide accurate detection. This option
# controls the algorithmic detection.
# Default: yes
#AlgorithmicDetection yes
+
##
## Executable files
##
@@ -210,9 +234,10 @@
#ScanOLE2 yes
# This option enables scanning within PDF files.
-# Default: no
+# Default: yes
#ScanPDF yes
+
##
## Mail files
##
@@ -227,42 +252,80 @@
# Default: no
#MailFollowURLs no
-# Recursion level limit for the mail scanner.
-# Default: 64
-#MailMaxRecursion 128
+# Scan RFC1341 messages split over many emails.
+# You will need to periodically clean up $TemporaryDirectory/clamav-partial directory.
+# WARNING: This option may open your system to a DoS attack.
+# Never use it on loaded servers.
+# Default: no
+#ScanPartialMessages yes
+
# With this option enabled ClamAV will try to detect phishing attempts by using
# signatures.
# Default: yes
#PhishingSignatures yes
-
-# Scan urls found in mails for phishing attempts.
-# (available in experimental builds only)
+# Scan URLs found in mails for phishing attempts using heuristics.
# Default: yes
#PhishingScanURLs yes
-# Use phishing detection only for domains listed in the .pdb database. It is
-# not recommended to have this option turned off, because scanning of all
-# domains may lead to many false positives!
-# (available in experimental builds only)
-# Default: yes
-#PhishingRestrictedScan yes
-
# Always block SSL mismatches in URLs, even if the URL isn't in the database.
# This can lead to false positives.
-# (available in experimental builds only)
#
# Default: no
#PhishingAlwaysBlockSSLMismatch no
# Always block cloaked URLs, even if URL isn't in database.
# This can lead to false positives.
-# (available in experimental builds only)
#
# Default: no
#PhishingAlwaysBlockCloak no
+# Allow heuristic match to take precedence.
+# When enabled, if a heuristic scan (such as phishingScan) detects
+# a possible virus/phish it will stop scan immediately. Recommended, saves CPU
+# scan-time.
+# When disabled, virus/phish detected by heuristic scans will be reported only at
+# the end of a scan. If an archive contains both a heuristically detected
+# virus/phish, and a real malware, the real malware will be reported
+#
+# Keep this disabled if you intend to handle "*.Heuristics.*" viruses
+# differently from "real" malware.
+# If a non-heuristically-detected virus (signature-based) is found first,
+# the scan is interrupted immediately, regardless of this config option.
+#
+# Default: no
+#HeuristicScanPrecedence yes
+
+##
+## Data Loss Prevention (DLP)
+##
+
+# Enable the DLP module
+# Default: No
+#StructuredDataDetection yes
+
+# This option sets the lowest number of Credit Card numbers found in a file
+# to generate a detect.
+# Default: 3
+#StructuredMinCreditCardCount 5
+
+# This option sets the lowest number of Social Security Numbers found
+# in a file to generate a detect.
+# Default: 3
+#StructuredMinSSNCount 5
+
+# With this option enabled the DLP module will search for valid
+# SSNs formatted as xxx-yy-zzzz
+# Default: yes
+#StructuredSSNFormatNormal yes
+
+# With this option enabled the DLP module will search for valid
+# SSNs formatted as xxxyyzzzz
+# Default: no
+#StructuredSSNFormatStripped yes
+
+
##
## HTML
##
@@ -280,50 +343,57 @@
# Default: yes
#ScanArchive yes
+# Use slower but memory efficient decompression algorithm.
+# only affects the bzip2 decompressor.
+# Default: no
+#ArchiveLimitMemoryUsage yes
+
+# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
+# Default: no
+#ArchiveBlockEncrypted no
+
+
+##
+## Limits
+##
+
# The options below protect your system against Denial of Service attacks
# using archive bombs.
-# Files in archives larger than this limit won't be scanned.
+# This option sets the maximum amount of data to be scanned for each input file.
+# Archives and other containers are recursively extracted and scanned up to this
+# value.
+# Value of 0 disables the limit
+# Note: disabling this limit or setting it too high may result in severe damage
+# to the system.
+# Default: 100M
+#MaxScanSize 150M
+
+# Files larger than this limit won't be scanned. Affects the input file itself
+# as well as files contained inside it (when the input file is an archive, a
+# document or some other kind of container).
# Value of 0 disables the limit.
-# Default: 10M
-#ArchiveMaxFileSize 15M
+# Note: disabling this limit or setting it too high may result in severe damage
+# to the system.
+# Default: 25M
+#MaxFileSize 30M
# Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR
# file, all files within it will also be scanned. This options specifies how
# deeply the process should be continued.
+# Note: disabling this limit or setting it too high may result in severe damage
+# to the system.
# Value of 0 disables the limit.
-# Default: 8
-#ArchiveMaxRecursion 10
-
-# Number of files to be scanned within an archive.
-# Value of 0 disables the limit.
-# Default: 1000
-#ArchiveMaxFiles 1500
+# Default: 16
+#MaxRecursion 10
-# If a file in an archive is compressed more than ArchiveMaxCompressionRatio
-# times it will be marked as a virus (Oversized.ArchiveType, e.g. Oversized.Zip)
+# Number of files to be scanned within an archive, a document, or any other
+# container file.
# Value of 0 disables the limit.
-# Default: 250
-#ArchiveMaxCompressionRatio 300
-
-# Use slower but memory efficient decompression algorithm.
-# only affects the bzip2 decompressor.
-# Default: no
-#ArchiveLimitMemoryUsage yes
-
-# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
-# Default: no
-#ArchiveBlockEncrypted no
-
-# Mark archives as viruses (e.g. RAR.ExceededFileSize, Zip.ExceededFilesLimit)
-# if ArchiveMaxFiles, ArchiveMaxFileSize, or ArchiveMaxRecursion limit is
-# reached.
-# Default: no
-#ArchiveBlockMax no
-
-# Enable support for Sensory Networks' NodalCore hardware accelerator.
-# Default: no
-#NodalCoreAcceleration yes
+# Note: disabling this limit or setting it too high may result in severe damage
+# to the system.
+# Default: 10000
+#MaxFiles 15000
##
Index: freshclam.conf.template.in
===================================================================
RCS file: /kolabrepository/server/kolabd/kolabd/templates/freshclam.conf.template.in,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- freshclam.conf.template.in 14 Feb 2007 17:44:17 -0000 1.2
+++ freshclam.conf.template.in 26 Mar 2009 16:17:15 -0000 1.3
@@ -23,6 +23,18 @@
# Default: disabled
UpdateLogFile @freshclam_logfile@
+# Maximum size of the log file.
+# Value of 0 disables the limit.
+# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
+# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes).
+# in bytes just don't use modifiers.
+# Default: 1M
+#LogFileMaxSize 2M
+
+# Log time with each message.
+# Default: no
+#LogTime yes
+
# Enable verbose logging.
# Default: no
#LogVerbose yes
@@ -73,8 +85,15 @@
# With this option you can control scripted updates. It's highly recommended
# to keep it enabled.
+# Default: yes
#ScriptedUpdates yes
+# By default freshclam will keep the local databases (.cld) uncompressed to
+# make their handling faster. With this option you can enable the compression;
+# the change will take effect with the next database update.
+# Default: no
+#CompressLocalDatabase no
+
# Number of database checks per day.
# Default: 12 (every two hours)
#Checks 24
@@ -129,3 +148,35 @@
# Timeout in seconds when reading from database server.
# Default: 30
#ReceiveTimeout 60
+
+# When enabled freshclam will submit statistics to the ClamAV Project about
+# the latest virus detections in your environment. The ClamAV maintainers
+# will then use this data to determine what types of malware are the most
+# detected in the field and in what geographic area they are.
+# This feature requires LogTime and LogFile to be enabled in clamd.conf.
+# Default: no
+#SubmitDetectionStats /path/to/clamd.conf
+
+# Country of origin of malware/detection statistics (for statistical
+# purposes only). The statistics collector at ClamAV.net will look up
+# your IP address to determine the geographical origin of the malware
+# reported by your installation. If this installation is mainly used to
+# scan data which comes from a different location, please enable this
+# option and enter a two-letter code (see http://www.iana.org/domains/root/db/)
+# of the country of origin.
+# Default: disabled
+#DetectionStatsCountry country-code
+
+# This option enables support for Google Safe Browsing. When activated for
+# the first time, freshclam will download a new database file (safebrowsing.cvd)
+# which will be automatically loaded by clamd and clamscan during the next
+# reload, provided that the heuristic phishing detection is turned on. This
+# database includes information about websites that may be phishing sites or
+# possible sources of malware. When using this option, it's mandatory to run
+# freshclam at least every 30 minutes.
+# Freshclam uses the ClamAV's mirror infrastructure to distribute the
+# database and its updates but all the contents are provided under Google's
+# terms of use. See http://code.google.com/support/bin/answer.py?answer=70015
+# and http://safebrowsing.clamav.net for more information.
+# Default: disabled
+#SafeBrowsing yes
More information about the commits
mailing list