Craig Carriere wrote:
Perhaps more a clamav question, but does anyone use the additional definitions for clam from SaneSecurity and are they helpful in the Spam Wars?
We do, an I think they are. Currently I run two instances of clamd in our mail gateway.
One instance has only the official ClamAV databases with phishing signatures turned off. This instance is used by MIMEDefang (a milter) for discarding infected mail.
The second instance has the official databases with phishing signatures (and some other stuff) turned on as well as the SaneSecurity*, MSRBL* and Malware* signatures. This instance is used by SpamAssassin for scoring mail.
I do consider spam-checking and virus-checking to be to different things that should be handled differently. Using two instances of clamd and the SpamAssassin ClamAV plugin* I can use the ClamAV engine for both purposes with different datasets.
Regards /Jonas * SaneSecurity: http://sanesecurity.co.uk/clamav/ * MSRBL: http://www.msrbl.com * Malware: http://www.malware.com.br * Plugin: http://wiki.apache.org/spamassassin/ClamAVPlugin -- Jonas Eckerman, FSDB & Fruktträdet http://whatever.frukt.org/ http://www.fsdb.org/ http://www.frukt.org/
