Trying not to get too far off topic, but I wanted to add if you reject based on the hostname of the mail server that can also drop an overwhelming majority of the spam. The most basic test is to see if the IP resolves to anything. Next, does the hostname contain any red flags, like: dhcp, dynamic, ddns, dsl, catv, ppp, dial-up, vpn, broadband, cable, dedicated, etc...
I could be wrong in saying this, but while ClamAV is great for comparing a file against it's vast list of signatures, it has no automated "learning" ability or scoring system like anti-spam programs. I'm not saying it's the wrong tool for the job, it's just one part of the overall process. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
