ClamAV Update Problems
 

I have Clamav running on my Postfix server. I was given this server by a previous administrator so I have knowledge of how it was configured and or setup but I checked the logs and it appears the "freshclam" is unable to update "clamav" for some reason. I would assume with the IP's it was set to query for updates are old and no longer operational or I need to adjust something in the config however I have no clue how to operate clamav and it appears to be doing the job fine with outdated definitions so I don't want to risk changing something and rendering this entire email server useless.

Here are my logs:

Apr 14 04:03:10 mail freshclam[5915]: ClamAV update process started at Mon Apr 14 04:03:10 2008
Apr 14 04:03:15 mail freshclam[5915]: Your ClamAV installation is OUTDATED!
Apr 14 04:03:15 mail freshclam[5915]: Local version: 0.90.3 Recommended version: 0.92.1
Apr 14 04:03:15 mail freshclam[5915]: DON'T PANIC! Read http://www.clamav.net/support/faq
Apr 14 04:03:15 mail freshclam[5915]: main.inc is up to date (version: 46, sigs: 231834, f-level: 26, builder: sven)
Apr 14 04:03:21 mail freshclam[5915]: getfile: daily-6700.cdiff not found on remote server (IP: 64.142.100.50)
Apr 14 04:03:21 mail freshclam[5915]: getpatch: Can't download daily-6700.cdiff from db.us.clamav.net
Apr 14 04:03:26 mail freshclam[5915]: getfile: daily-6700.cdiff not found on remote server (IP: 194.47.250.218)
Apr 14 04:03:26 mail freshclam[5915]: getpatch: Can't download daily-6700.cdiff from db.us.clamav.net
Apr 14 04:03:31 mail freshclam[5915]: getfile: daily-6700.cdiff not found on remote server (IP: 194.47.250.218)
Apr 14 04:03:31 mail freshclam[5915]: getpatch: Can't download daily-6700.cdiff from db.us.clamav.net
Apr 14 04:03:31 mail freshclam[5915]: Incremental update failed, trying to download daily.cvd
Apr 14 04:03:38 mail freshclam[5915]: Downloading daily.cvd [100%]
Apr 14 04:03:38 mail freshclam[5915]: daily.inc updated (version: 6755, sigs: 23628, f-level: 26, builder: ccordes)
Apr 14 04:03:38 mail freshclam[5915]: Your ClamAV installation is OUTDATED!
Apr 14 04:03:38 mail freshclam[5915]: Current functionality level = 16, recommended = 26
Apr 14 04:03:38 mail freshclam[5915]: DON'T PANIC! Read http://www.clamav.net/support/faq
Apr 14 04:03:38 mail freshclam[5915]: Database updated (255462 signatures) from db.us.clamav.net (IP: 64.142.100.50)
Apr 14 04:03:38 mail freshclam[5915]: Clamd successfully notified about the update.

Do you guys have any recommendations on what I can do to remedy this frashclam and make sure clamav is running up to date?

I am using this on RHEL 4.6 ES & the link your provided seems to support RH.

However it appears that it is for packages related to installing Clamav rather than definitions for freshclam, no?

I had ment the advice for Debian which is listed as your distribution and none is mentioned in your post.
I got the error messages that my clamav was too old and updates failed on Debian Etch.
After updating to the volatile packages for a newer clamav the updates started working fine.

Updating your clamav, if possible, may solve the update issue.

EDIT: I checked my logs. I was using 0.90.1 and the upgrade helped.

Yes, my applogoies for not being more specific on my distribution the issue is on:

I checked my version and I appear to be using:

This appears to be RHEL latest version compiled in their database.

I had thought of mentioning checking with Red Hat support but Red Hat has this on their site:
If there is a need to use virus protection software, there are third party anti-virus programs available from the Linux community. One example is clamav. Clam AntiVirus is available from http://www.clamav.net/ but is not distributed or support by Red Hat.
http://kbase.redhat.com/faq/FAQ_44_6210.shtm

I was running version 0.90.1 and was being told my version was outdated and that "functionality level = 14, recommended = 26"

You are running version 0.90.3 and are being told your version is outdated and that "functionality level = 16, recommended = 26"

Since my upgrade I am told I am up to date and my f-level: 26.

My understanding with a small bit of researching is that clamav servers stop providing updates for older versions at some point.

With my clamav upgrade it was 24-48 hours before updates began working in all instances. I was seeing a "too often connections with outdated version" in my logs. Perhaps this is a difference between "functionality level" 14 and 16 if you care to wait and see.

With my small bit of knowledge I would suggest considering adding the DAG upgraded package.

Clamav is pretty simple to install from source. Subscribe to their notification list and you'll be told when new versions are releases. Freshclam is responsible for downloading updated virus database files.


Personaly, on CentOS, I use rpmforge (that's effectively the same thing as Dag) for clamav

Can I use Dag on RHEL 4.6 or is that only available for CentOS? I would assume that would be difficult since RHEL4 uses Up2date rather than Yum...

See https://rpmrepo.org/RPMforge

You can always just download the clamav rpm if you want

Check it out, but I see these packages on the DAG site:

clamav-0.92.1-1.el4.rf.i386.rpm Tue 12 Feb 2008 1270 kB Red Hat EL 4 - i386
clamav-0.92.1-1.el4.rf.x86_64.rpm Tue 12 Feb 2008 1319 kB Red Hat EL 4 - x86_64