Em 20/07/2010 15:35, Laurence MOINDROT escreveu:
Hi Everyone,
We are currently using clamav (0.96.1), spamassassin (3.3.1),
greylisting (4.2.5) and sendmail (8.14.4) on our mailserver's cluster
(OS : freeBSD 8.0) at the University of Strasbourg. This antispam and
antivirus solution was quiet sure until last month.
We've been having intensive phishing's issues for one month and we are
considering using sanesecurity'signatures to improve the situation.
We would appreciate any feedback on your experience using clamav with
sanesecurity.
sanesecurity signatures are AWESOME .... just avoid those medium
and high false positive ones, because they really do have high false
positive rates.
at the moment, i'm using on my production servers:
sanesecurity-junk.ndb
sanesecurity-phish.ndb
sanesecurity-spamimg.hdb
sanesecurity-winnow_malware_links.ndb
sanesecurity-jurlbl.ndb
sanesecurity-rogue.hdb
sanesecurity-spear.ndb
sanesecurity-winnow_phish_complete_url.ndb
sanesecurity-lott.ndb
sanesecurity-scam.ndb
sanesecurity-winnow_malware.hdb
i have never tried the HIGH risk ones, but even the medium ones,
specially INetMsg-SpamDomains ones, gives me a LOT of headache ....
avoid the medium and high FP risk ones and be happy !
--
Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br
Minha armadilha de SPAM, NÃO mandem email
[email protected]
My SPAMTRAP, do not email it
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
