[clamav-users] Low detection rate
Brian Morrison
bdm at fenrir.org.uk
Mon Mar 3 16:50:25 UTC 2014
On Mon, 03 Mar 2014 14:00:16 +0000
Steve Hill wrote:
> On 03.03.14 13:49, Shawn Webb wrote:
>
> > You can submit files you suspect are legitimate malware here:
> > http://www.clamav.net/lang/en/sendvirus/
>
> As mentioned, I've already done that, but my concern is trying to
> figure out why Clam only seems to be blocking phishing emails rather
> than actual malware - have I got something wrong in my configuration,
> or is Clam's detection engine and signature database *really* unable
> to detect all this malware?
>
>
Steve is your Exim installation set up to reject mail on spamminess,
using SpamAssassin or similar?
I find that SA detects a lot of mail using SA rules that probably
contain attachments or inline images that are virus laden, but it's
cheaper on system resources to reject at SMTP time than running ClamAV
on every mail received.
--
Brian Morrison
More information about the clamav-users
mailing list