3rd party clamav sigs
Ken A
ka at pacific.net
Sat Dec 22 16:16:36 GMT 2007
Gerard wrote:
>> On December 21, 2007 at 05:53PM Ken A wrote:
>
>> In any case, I visited the sanesecurity site and there's a new version
>> of the script - updated this month. So, in testing it, I'm seeing it
>> grabbing sigs from a few other sites.
>>
>> Sanesecurity and MSRBL have been good in the past, but I'm not sure
>> about the others. Any opinions or experiences with these sources below?
>>
>> Thanks,
>> Ken
>>
>>
>> # Files updated:
>> # honeynet.hdb.gz (securiteinfo.com)
>> # mbl.db (Malware.com.br)
>> # MSRBL-Images.hdb (MSRBL.com)
>> # MSRBL-SPAM.ndb (MSRBL.com)
>> # MSRBL-SPAM-CR.ndb (MSRBL.com)
>> # phish.ndb.gz (sanesecurity.com)
>> # scam.ndb.gz (sanesecurity.com)
>> # securiteinfo.hdb.gz (securiteinfo.com)
>> # vx.hdb.gz (securiteinfo.com)
>
> Hi Ken,
>
> I wrote that script. In the script, you will notice that "MSRBL-SPAM-CR.ndb (MSRBL.com)"
> is disabled by default. There is a link to a site that details why it might
> not be appropriate for you use. The other sites have never given me any
> problems.
>
>
Hi Gerard,
Thanks for the script! It really is nice to catch this stuff with clamav
but of course there is more concern about false positives since we
delete viruses. So far so good.. :-)
Ken
--
Ken Anderson
Pacific.Net
More information about the MailScanner
mailing list