[clamav-users] SpoofedDomain FOUND
Reindl Harald
h.reindl at thelounge.net
Thu Feb 16 13:03:12 UTC 2017
Am 16.02.2017 um 14:00 schrieb Mark Allan:
>
>> On 16 Feb 2017, at 12:48 pm, Reindl Harald <h.reindl at thelounge.net> wrote:
>>
>> Am 16.02.2017 um 13:39 schrieb ellanios82:
>>> On 02/16/17 02:59, Al Varnell wrote:
>>>> I'm afraid it's going to be more trouble than it's worth. You will
>>>> need to turn debugging on when you scan that mailbox which will
>>>> produce a huge amount of output, but includes details about exactly
>>>> what was found. You would then need to search that mailbox in
>>>> Thunderbird for the offending URL and decide whether you need the
>>>> message or it can be deleted. A SpoofedDomain finding is not
>>>> necessarily an attempt to misdirect you. It's a technique sometimes
>>>> used to give a message clarity.
>>>
>>> thanks Al : am trying debug to find specific message causing probs :
>>>
>>> have adjusted /etc/clamd.conf to :
>>>
>>> # Enable debug messages in libclamav.
>>> # Default: no
>>> # Feb 16, 2017
>>> Debug yes
>>>
>>> But , how to collect info into Log-File :
>>>
>>> this does not work for me :
>>>
>>> clamscan --debug
>>> /home/user/.thunderbird/9i9wirek.default/Mail/pop.gmail.com/bus>>clamdeb.txt
>>>
>>> - What please is correct syntax ?
>>
>> unix basics :-)
>> stdout versus stderr
>>
>> https://en.wikipedia.org/wiki/Standard_streams <https://en.wikipedia.org/wiki/Standard_streams>
>> https://en.wikipedia.org/wiki/Standard_streams#Standard_output_.28stdout.29 <https://en.wikipedia.org/wiki/Standard_streams#Standard_output_.28stdout.29>
>> https://en.wikipedia.org/wiki/Standard_streams#Standard_error_.28stderr.29 <https://en.wikipedia.org/wiki/Standard_streams#Standard_error_.28stderr.29>
>
> A more helpful answer (which is quicker to type than digging out URLs) is simply to add 2>&1 to the end of your command, to redirect stderr to stdout.
>
> clamscan --debug /home/user/.thunderbird/9i9wirek.default/Mail/pop.gmail.com/bus <http://pop.gmail.com/bus> >> clamdeb.txt 2>&1
i wonder how it is more helpful when somebody blindly does copy&paste
without understand what he is doing and so get conditioned to that with
any random stuff found on some webpage
give a man a fish and you feed him for a day; teach a man to fish and
you feed him for a lifetime
More information about the clamav-users
mailing list