3
ClamAV CVE
Question asked by Tan - 2/17/2023 at 4:36 AM
Answered
Looks like either we disable the scanning or we require a patch for this soon?

11 Replies

Reply to Thread
0
JerseyConnect Team Replied
SM is using the 0.104 build of Clam, which is EoL and not getting patched as per https://blog.clamav.net/. So they'll have to switch to a newer Clam version, which ideally would be a LTS release. Plus with the SM beta being their focus, I don't expect they'll addresses this in the current SM build.

3
Churchweb Support Replied
A solution could be to install your own up-to-date version of ClamAV (such as the ClamAV 1.0.1 MSI) locally on the SmarterMail server, to use in place of SmarterMail’s built-in ClamAV:
  1. Copy SmarterMail’s existing clamd.conf and freshclam.conf configuration files to ClamAV’s installation folder (C:\Program Files (x86)\SmarterTools\SmarterMail\Service\Clam\etc to C:\Program Files\ClamAV)
  2. Update the configuration files as needed (mainly the database and log directories, and localhost port from 3310 to be able to verify your installation is being used)
  3. Install clamd and freshclam’s Windows Services through the terminal and set them to Automatically start in Services.
  4. In SmarterMail’s administrator area under Settings>Antivirus, change the port to the localhost port you chose above, and “ClamAV is on a remote server” (otherwise SmarterMail will use its own copy).
  5. Try sending an email with the EICAR test file, and check your ClamAV installation’s log for a line like this to verify all’s working as before, but with your own up-to-date copy of ClamAV (which can be heavily customized now too):
instream(127.0.0.1@XXXXX): Win.Test.EICAR_HDB-1 FOUND
1
George Rauscher Replied
Sorry…. 

Every year I pay a lot of money for the license. For over 10 years. Why is there no patch from Smartermail?

George 
George A. RauscherMember of the German Society for Criminology (Deutsche Gesellschaft für Kriminalistik e. V.)Member of "LEVA" Law Enforcement and Emergency Services Video Association, Inc.intelligent piXel GmbHExperts in forensic criminologyEnzianstr. 4a82319 Starnberg0800 - 999 8 99 88 (free*)Website: www.intelligent-pixel.comManaging Director: George A. RauscherAuthorized Representative: Dr. Louise MorgottTax Number: 143 / 150 / 31010HRB 207 679 / Munich Local Court
1
George Rauscher Replied
Smartertools is obliged to react quickly here. No, we are not even informed about this security gap here as customers. Is this the service we pay for every year?

George
George A. RauscherMember of the German Society for Criminology (Deutsche Gesellschaft für Kriminalistik e. V.)Member of "LEVA" Law Enforcement and Emergency Services Video Association, Inc.intelligent piXel GmbHExperts in forensic criminologyEnzianstr. 4a82319 Starnberg0800 - 999 8 99 88 (free*)Website: www.intelligent-pixel.comManaging Director: George A. RauscherAuthorized Representative: Dr. Louise MorgottTax Number: 143 / 150 / 31010HRB 207 679 / Munich Local Court
1
Heimir Eidskrem Replied
This needs to be addressed promptly.

3
Derek Curtis Replied
Employee Post Marked As Answer
If you haven't manually updated ClamAV, we just released a public Build that addresses this. You can find it here: https://www.smartertools.com/smartermail/downloads
Derek Curtis COO SmarterTools Inc. www.smartertools.com
0
George Rauscher Replied
Thank you very much, that helps.

George 
George A. RauscherMember of the German Society for Criminology (Deutsche Gesellschaft für Kriminalistik e. V.)Member of "LEVA" Law Enforcement and Emergency Services Video Association, Inc.intelligent piXel GmbHExperts in forensic criminologyEnzianstr. 4a82319 Starnberg0800 - 999 8 99 88 (free*)Website: www.intelligent-pixel.comManaging Director: George A. RauscherAuthorized Representative: Dr. Louise MorgottTax Number: 143 / 150 / 31010HRB 207 679 / Munich Local Court
1
echoDreamz Replied
If I was ST, I would just remove the build-in ClamAV from SM, its garbage, takes a ton of resources to be "okish". Leave remote ClamAV and users can setup their own remote (or local) installs of ClamAV if they want to use it.
3
kevind Replied
Question: Should we disable ClamAV in the settings until we can install the update later this week?

Thanks,
Kevin
4
Employee Replied
Employee Post
Hi Kevin, 

Yes. I would advise that you disable ClamAV in the Antivirus settings until the build with the ClamAV update has been applied. 

Public Build 8451 (from the SmarterTools Downloads page) is available now and can be installed on your production server. 

For those who are participating in the BETA with a test server, please note that a new BETA build will be available in the near future and will be announced on the BETA Welcome thread.
2
kevind Replied
Andrea, OK will do. Thanks for the prompt reply!

Reply to Thread