The makers of ClamAV recently (well October 5th 2009, actually) announced that 0.94.x would no longer be supported from 15th April 2010.
All ClamAV releases older than 0.95 are affected by a bug in freshclam which prevents incremental updates from working with signatures longer than 980 bytes.
You can find more details on this issue on our bugzilla (see bug #1395)
This bug affects our ability to distribute complex signatures (e.g. logical signatures) with incremental updates.
So far we haven’t released any signatures which exceed this limit.
Before we do we want as many users as possible to upgrade to the latest version of ClamAV.
Starting from 15 April 2010 our CVD will contain a special signature which disables all clamd installations older than 0.95 – that is to say older than 1 year.
This move is needed to push more people to upgrade to 0.95 .
We would like to keep on supporting all old versions of our engine, but unfortunately this is no longer possible without causing a disservice to people running a recent release of ClamAV.
The traffic generated by a full CVD download, as opposed to an incremental update, cannot be sustained by our mirrors.
We plan to start releasing signatures which exceed the 980 bytes limit on May 2010.
We recommend that you always run the latest version of ClamAV to get optimal protection, reliability and performance.
Thanks for your cooperation!
As well as the post on their site, they also sent out notifications to the ClamAV mailing list warning people of the approaching deadline. Even so, as I check my mailbox today, I see several emails from people complaining that the antivirus on their servers had suddenly stopped working and they’re no longer able to process email.
Now, I realize that the decision to remotely disable old versions of ClamAV was always going to be a hugely controversial one, and that causing mail servers around the world to intentionally break may have have been a bit naughty. Who gives third party companies the right to decide what versions of software you run on your mail server, right?
Well, actually, I applaud the makers of ClamAV for this move. They must have known there would be people still using old versions who don’t read (or understand) the website and/or mailing lists, but were prepared to accept this negative publicity in order to give people the kick up the arse they need to upgrade from old versions which are known to be broken. It is widely known and accepted that old versions of antivirus software are less effective than their newer counterparts.
To all those red faced sysadmins saying that they weren’t informed about this in advance: you are responsible for running your mail server. That includes putting yourself in the loop so that you’re aware of these sorts of issues/announcements. What did you expect, a representative of ClamAV to deliver you a hand written note? Perhaps you would prefer to continue running ineffectual versions of antivirus software, blissful in your ignorance.
I can happily report that we’ve been running 0.95.x for several weeks without any issues at all.