3rd party clamav sigs
Ken A
ka at pacific.net
Fri Dec 21 22:53:19 GMT 2007
I had a corrupt clamav sig cause mail to stop flowing early this am. I
had about 30k emails in queues to catch up on. Thankfully, once
MailScanner started going through them, it only took a couple hours to
catch up!
The problem was traced to a shell script 'scamp.sh' from the
sanesecurity site that downloads the sigs and unpacks them. Somehow it
was corrupting them one of them. Downloading and unpacking manually
worked fine. :-\
In any case, I visited the sanesecurity site and there's a new version
of the script - updated this month. So, in testing it, I'm seeing it
grabbing sigs from a few other sites.
Sanesecurity and MSRBL have been good in the past, but I'm not sure
about the others. Any opinions or experiences with these sources below?
Thanks,
Ken
# Files updated:
# honeynet.hdb.gz (securiteinfo.com)
# mbl.db (Malware.com.br)
# MSRBL-Images.hdb (MSRBL.com)
# MSRBL-SPAM.ndb (MSRBL.com)
# MSRBL-SPAM-CR.ndb (MSRBL.com)
# phish.ndb.gz (sanesecurity.com)
# scam.ndb.gz (sanesecurity.com)
# securiteinfo.hdb.gz (securiteinfo.com)
# vx.hdb.gz (securiteinfo.com)
--
Ken Anderson
Pacific.Net
More information about the MailScanner
mailing list