On 20.7.2010 21:35, Laurence MOINDROT wrote:
> Hi Everyone,
>
> We are currently using clamav (0.96.1), spamassassin (3.3.1),
> greylisting (4.2.5) and sendmail (8.14.4) on our mailserver's cluster
>
> We would appreciate any feedback on your experience using clamav with
> sanesecurity.
>
I use currently ClamAV/SaneSecurity via the SpamAssassin's ClamAV
plugin, and score CLAMAV-rule as 5.0. That way even the false positives
do not create too much havoc, if the email message gets any + points.
I used to use ClamAV via amavisd earlier, but it caused problem as
amavisd used to quarantine the false positives. There always will be
FP's when using SaneSecurity, and I used only malware-rules back then
because of that.
With SA plugin I can use most rules without worries.
And I have a one user system. I had always access to the quarantine, I
would think in a multi user system like in a university the always
deliver (with report-safe option in SA) is a better approach.
--
But, for my own part, it was Greek to me.
-- William Shakespeare, "Julius Caesar"
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
