Hello,

                I have recently updated my 4 ClamAV private mirrors to version 0.103.0 to fix issues downloading the cvd files.

 

                However I am still having issues  I have the servers setup to use freshclam via a cron once per day.

 

                I am still getting 403 and 429 errors often from them one last got the update on 4-1,  one of 4-6, one on 4-7  and the final at 4-9.

 

                Each is located in a different geographic area.  I also know there are other groups at my company with installations of ClamAV that I have no control over how they are setup.

 

freshclam -v

Connecting via https://proxy.ext.ray.com

ClamAV update process started at Fri Apr  9 07:31:20 2021

Current working dir is /usr/local/share/clamav/

Querying current.cvd.clamav.nfet

WARNING: Can't query current.cvd.clamav.net

WARNING: Invalid DNS reply. Falling back to HTTP mode.

Current working dir is /usr/local/share/clamav/

check_for_new_database_version: Local copy of daily found: daily.cvd.

Reading CVD header (daily.cvd): Trying to retrieve CVD header from https://database.clamav.net/daily.cvd

Using proxy: https://proxy.ext.ray.com:80

* About to connect() to proxy proxy.ext.ray.com port 80 (#0)

*   Trying 199.46.182.5...

* Connected to proxy.ext.ray.com (199.46.182.5) port 80 (#0)

* Establish HTTP proxy tunnel to database.clamav.net:443

> CONNECT database.clamav.net:443 HTTP/1.1

Host: database.clamav.net:443

User-Agent: ClamAV/0.103.0 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)

Proxy-Connection: Keep-Alive

Connection: close

 

< HTTP/1.1 200 Connection established

< Date: Fri, 09 Apr 2021 12:31:20 GMT

< Proxy-Connection: Keep-Alive

< Via: 1.1 proxy.ext.ray.com

< 

* Proxy replied OK to CONNECT request

* Initializing NSS with certpath: sql:/etc/pki/nssdb

*   CAfile: /etc/pki/tls/certs/ca-bundle.crt

  CApath: none

* SSL connection using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

* Server certificate:

*       subject: CN=sni.cloudflaressl.com,O="Cloudflare, Inc.",L=San Francisco,ST=CA,C=US

*       start date: Aug 15 00:00:00 2020 GMT

*       expire date: Aug 15 12:00:00 2021 GMT

*       common name: sni.cloudflaressl.com

*       issuer: CN=Cloudflare Inc ECC CA-3,O="Cloudflare, Inc.",C=US

> GET /daily.cvd HTTP/1.1

Range: bytes=0-511

User-Agent: ClamAV/0.103.0 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)

Host: database.clamav.net

Accept: */*

If-Modified-Since: Wed, 31 Mar 2021 11:24:16 GMT

Connection: close

 

< HTTP/1.1 429 Too Many Requests       

 

Wayne Florence

IBM/VSO Unix Administrator

c(978)987-4632