[clamav-users] ClamAV for EnterPrise

Joel Esler (jesler) jesler at cisco.com
Mon Apr 24 09:31:10 EDT 2017


0.99.3 is coming, it’s under active development now.


As far 3rd party signatures, we are happy to accept any, and all 3rd party signature databases that which to be included in the official set (there is at least one now (http://www.clamav.net/contact#partners) with another two that are coming).  If people are interested in having 3rd party databases incorporated into the official feed, I’d say contact the authors and ask them to contact me.  The authors will receive any false positive reports about their signatures at the same time that we receive them, the behavior is completely open.  We’re even working on creating a false positive API so that people can submit FPs to us.  (say the authors of the GUI wanted to build a right click -> submit FP action to clamav.net<http://clamav.net>.  That’s what we are working on.)

Of course the signatures will be ran through our false positive system, which we are continually working on.



--
Joel Esler | Talos: Manager | jesler at cisco.com<mailto:jesler at cisco.com>






On Apr 20, 2017, at 12:49 AM, Al Varnell <alvarnell at mac.com<mailto:alvarnell at mac.com>> wrote:

Benny,

Obviously Joel is in a better position to answer these than a fellow user, but I'll give some of it a try.

On Wed, Apr 19, 2017 at 08:05 PM, Benny Pedersen wrote:

Joel Esler (jesler) skrev den 2017-04-20 01:40:
Alright all —
I think the conversation and arguing has gone on long enough and we’ve
beat not only the topic to death, but the topics after the topic are
now dead.
I’ve received enough complaints at this point to call a truce.

Joel i can only say you are nearly only one i still not have put autoreader on, its sad to see so many flames of me when user could stop read what i post, thats imho really sad, world would be better if all helped each other, and not trowing bomps on things that is not better after the bomp is trowed

in gentoo 0.99 is last stable version, and 0.99.1 0.99.2 is masked unstable, what happende to 0.99.3 ?

freshclam says 0.99.2 is latest version

You'll probably have to ask Gentoo why they are running behind. 0.99.2 has been ClamAV's stable release since it's Apr 22, 2016.

Questions about 0.99.3 would be better asked on clamav-devel, but it's currently an active branch <https://github.com/vrtadmin/clamav-devel/tree/0.99.3>.

only thing i wish will come is to see OnUnOFFicial sigs in clamav milter so it can accept and tag 3dr party virus/spam sigs, that will save 1 clamd instance, and one clamav-milter instance

that way its up to spamassassin to score on results, and if spamas-milter reject if scored to high

is there plans to have more 3dr party sigs into clamav ?

The policy for the inclusion of 3rd party signatures has long been that the Community is both welcome and encouraged to submit them to the ClamAV Detection Content Team for validation and distribution. I know that some of the main providers have been personally encouraged to do so, but so far have apparently declined. There's even a page where anyone can submit them <http://www.clamav.net/reports/signature>. I seriously doubt that ClamAV will provide open inclusion of such signatures without having an opportunity to check each one for format and then run them against their Quality Control database in an attempt to reduce the number of False Positives.

-Al-
--
Al Varnell
Mountain View, CA




_______________________________________________
clamav-users mailing list
clamav-users at lists.clamav.net<mailto:clamav-users at lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml



More information about the clamav-users mailing list