On 2/5/2017 12:04 AM, Dominic Raferd wrote: > At the risk of going off-topic, is it worth using clamav? I run it > (via amavis) but it last picked up something 'real' 7 weeks ago. > (Freshclam is running and clamav does spot the EICAR test virus.) >
It's been months since the clam official signatures caught anything here. It's unclear if the signatures are ineffective or if postscreen filters all the bad stuff before clam sees it -- my guess is a little of both. I keep clam in the mix to use the excellent sanesecurity addon signatures. They find lots of spam/phish/ransomware other tools miss, with acceptably low false positives. Somewhat on topic, clam official sigs + addons uses a lot of memory, about 900M here. This isn't a problem for me, but some folks may have a different perspective. -- Noel Jones
