Ricardo, > Ah - Safebrowsing is now detected in virus_name_to_spam_score_maps.
Yes, I just copied the suggestion by Michael Scheidell. > I'd like to add the winnow signatures as well > (http://www.oitc.com/winnow/clamsigs/index.html) There are three types > currently - Malware, phish and spam. Would this work? > > [ qr'^winnow\.(phish|spam)\. => 0.1], > [ qr'^winnow\.malware\. => undef ], # keep as infected > > And is there an updated amavis-sanesecurity_v2.cf that includes these > and/or Safebrowsing? I think MBL_NA\.Unofficial should be added as > well. Would this work? > > header L_AV_SafeBr X-Amavis-AV-Status =~ m{\bAV:Safebrowsing\.} > header L_AV_WINN_Phish X-Amavis-AV-Status =~ > m{\bAV:winnow\.phish\.} header L_AV_WINN_Spam X-Amavis-AV-Status > =~ m{\bAV:winnow\.spam\.} > > score L_AV_WINN_SafeBr 10 > score L_AV_WINN_Phish 10 > score L_AV_WINN_Spam 5 I haven tried either of these. I hope somebody else can answer. Btw, I had a series of false positived from MBL_NA.UNOFFICIAL about two weeks ago, so I had to radically reduce its score. Mark ------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensign option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
