Am Montag, den 19.09.2016, 01:23 -0500 schrieb Richard Laager:
> On 09/19/2016 12:46 AM, Marcus Schopen wrote:
> > my be a little bit off topic, but are there any experience with the
> > efficiency of pyzor and clamav-unofficial-sigs
> We use clamav-unofficial-sigs. If clamd triggers, it's a hard fail for
> us, regardless of whether it was a virus or spam rule. We do
> differentiate them for logging and SMTP rejection messages.
> I can't say how much spam would have been blocked anyway by later
> processing (e.g. SpamAssassin), but we have very few (but non-zero over
> the years) false positives. And in our filter, whitelisting does not
> bypass this test; maybe it should, but that's the current setup.
Thank you for your interesting feedback. Did you activate all signatures
or just e.g. sanesecurity sigs? I read activating all signatures turns
clamav into an evil memory monster, while only activating sanesecurity
sigs catches most and doesn't need that much resources.
What about pyzor or razor integration? Do they help or just burn
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com