On 9/2/2011 10:37 AM, Anne Wilson wrote: > When I installed ClamAV with CentOS 6 I expected it to continue > to filter malware, not spam. Maybe I enabled lines in the config file that > have > caused this - I am quite able to believe that it is my fault - but I did not > understand them to be spam filtering. That is, to me, unexpected in a virus > detection tool.
That is exactly the problem. SaneSecurity is not part of ClamAV, its a 3rd party database. Its not enabled in ClamAV's configuration, you have to install it usually by using a script that downloads the databases periodically, checks them, and puts them on ClamAV directory (where ClamAV loads them automatically). If you didn't want spam to be flagged, then you didn't want SaneSecurity (it also includes other 3rd party databases that have nothing to do with spam, some are for phishing, some for other viruses not in ClamAV's database, some are for exceptions -- when a false positive is reported to their list). You did not enable it in the config file, because there is nothing there to enable it. It could be the case that you installed ClamAV from a package, and the package maintainer added the 3rd party databases. Or something else altogether. SaneSecurity (http://www.sanesecurity.org/) is pretty good. I been using it for decades now, and I do disable parts of it because they are redundant (I also use SpamAssassin), and they put a load on my mail server (some databases are very big, and clamd has become slower lately loading them). Hope this helps clarify things a bit. -- René Berber _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
