Mailing List CGatePro@mail.stalker.com Message #106221
From: Bill Cole <cgp-2015@billmail.scconsult.com>
Subject: Re: clam av auto update.
Date: Sun, 16 Oct 2016 19:50:35 -0400
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>
X-Mailer: MailMate (1.9.5r5263)
On 16 Oct 2016, at 19:16, Bob wrote:

Looking through my logs, I see the following...  I cant really tell if its updating or not.

19:10:48.280 5 EXTFILTER(CGPClamAV) inp(041): * Trying db.US.clamav.net, Max retries: 3
19:10:48.280 5 EXTFILTER(CGPClamAV) inp(059): * ClamAV update process started at Sun Oct 16 19:10:48 2016
19:10:48.296 5 EXTFILTER(CGPClamAV) inp(048): * WARNING: Your ClamAV installation is OUTDATED!
19:10:48.296 5 EXTFILTER(CGPClamAV) inp(060): * WARNING: Local version: 0.98.4 Recommended version: 0.99.2

That's the ClamAV software version. You need to update that yourself.

19:10:48.296 5 EXTFILTER(CGPClamAV) inp(053): * DON'T PANIC! Read http://www.clamav.net/support/faq
19:10:48.296 5 EXTFILTER(CGPClamAV) inp(088): * main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)

That's the core stable baseline set of signatures.

19:10:51.852 5 EXTFILTER(CGPClamAV) inp(054): * Retrieving http://db.US.clamav.net/daily-22377.cdiff

That's the 'freshclam' program trying to download a daily changeset of new/removed/modified signatures

[irrelevant lines snipped]

19:11:21.898 5 EXTFILTER(CGPClamAV) inp(070): * Can't connect to port 80 of host db.US.clamav.net (IP: 64.6.100.177)
19:11:21.898 5 EXTFILTER(CGPClamAV) inp(047): * Trying host db.US.clamav.net (64.22.33.90)...

Fairly common: db.US.clamav.net resolves to many different addresses, and sometimes the first one tried is down (e.g. getting into synch, perhaps) so the 'freshclam' program tries another one.

19:11:22.148 5 EXTFILTER(CGPClamAV) inp(121): 517 ADDHEADER "X-CGP-ClamAV-Result: CLEAN\eX-VirusScanner: Niversoft's CGPClamav Helper v1.18.4a (ClamAV engine v0.98.4)"
19:11:22.148 4 EXTFILTER(CGPClamAV) [2740514] ADDHEADER(X-CGP-ClamAV-Result: CLEAN\r\nX-VirusScanner: Niversoft's CGPClamav Helper v1.18.4) completed

Irrelevant because those record the helper telling CGP to add a CLEAN header to a message and CGP actually doing it. Independent of the updating process.

Since you are due to update the ClamAV software (over a year overdue, actually...) you should do that, hen run the newly-installed version of freshclam to make sure the signature database gets updated. It may have been updated automatically successfully, but the log lines you included don't show that succeeding.
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster