Hello, > is that a *technical* reason or do you *think* it's recommended for > whatever reason
It is technical : we avoid duplicate signatures in our databases. It means everyday we remove samples already detected by Clamav. > - as example sanesecurity works just fine without the > official stuff an dthe difference are hundrets of MB useless wasted RAM > while i have not seen any relevant hit on our inbound MX caught by the > official signatures which woul dhave slipped through sanesecurity In your example you are right. On mail filtering, sanesecurity and spam_marketing.ndb from SecuriteInfo.com are good enough to protect mailboxes, because Win32 malwares are not spreaded by mail nowadays. In any other case (system protection, HTTP scanning, file hosting, etc...) you have to get Clamav official + 3rd party signatures for a maximum detection. -- Best regards, Arnaud Jacques SecuriteInfo.com Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286 Twitter : @SecuriteInfoCom _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
