[clamav-users] clamav-milter feature requst

Reindl Harald h.reindl at thelounge.net
Thu Aug 4 13:50:17 EDT 2016



Am 04.08.2016 um 19:47 schrieb Benny Pedersen:
> On 2016-08-04 19:15, G.W. Haywood wrote:
>
>>> make it possible to have policy banks in clamav-milter ...
>> Are you sure that you mean clamav-milter?
>
> its what sendmail uses imho ?
>
> and if it happens there it works just what amavisd do with make some
> virus signature over to spam signature to be processed in spamscanner
> like spamasssassin
>
> reason for this is that make this clamav signature is that its more ram
> effitive then make native spamasssasin rules
>
> xsing fingers to see updates comming

different signatures for different clamd are your friend

[root at testserver:/etc/mail/spamassassin]$ cat clamav.cf
loadplugin ClamAV clamav.pm

full      CLAMAV_JNK  eval:check_clamav('/run/clamd/clamd-sa.sock')
describe  CLAMAV_JNK  ClamAV detected malware/phishing/junk
score     CLAMAV_JNK  6.0

full      CLAMAV_MLW  eval:check_clamav('/run/clamd/clamd.sock')
describe  CLAMAV_MLW  ClamAV detected malware/phishing
score     CLAMAV_MLW  9.9

[root at testserver:~]$ ls /var/lib/clamav
insgesamt 138M
-rw-r--r-- 2 clamupdate clamupdate  45K 2016-08-03 13:40 
foxhole_filename.cdb
-rw-r--r-- 2 clamupdate clamupdate  44K 2016-06-28 09:58 foxhole_generic.cdb
-rw-r--r-- 2 clamupdate clamupdate 4,1K 2016-06-18 17:22 
thelounge_blocked_extensions.cdb
-rw-r--r-- 2 clamupdate clamupdate  31M 2016-08-04 02:15 daily.cld
-rw-r--r-- 2 clamupdate clamupdate 105M 2016-05-25 14:25 main.cvd
-rw-r--r-- 3 clamupdate clamupdate  11K 2016-03-09 09:56 sanesecurity.ftm
-rw-r--r-- 2 clamupdate clamupdate 100K 2016-08-04 01:48 
bofhland_malware_attach.hdb
-rw-r--r-- 2 clamupdate clamupdate   82 2016-07-13 21:44 crdfam.clamav.hdb
-rw-r--r-- 2 clamupdate clamupdate 953K 2016-08-03 12:52 rogue.hdb
-rw-r--r-- 2 clamupdate clamupdate 143K 2016-08-04 01:45 
winnow_extended_malware.hdb
-rw-r--r-- 2 clamupdate clamupdate 281K 2016-08-04 01:45 winnow_malware.hdb
-rw-r--r-- 2 clamupdate clamupdate  48K 2015-08-05 09:24 hackingteam.hsb
-rw-r--r-- 2 clamupdate clamupdate 9,3K 2015-02-19 09:26 malwarehash.hsb
-rw-r--r-- 2 clamupdate clamupdate  42K 2016-08-04 01:46 porcupine.hsb
-rw-r--r-- 3 clamupdate clamupdate 6,2K 2016-08-01 17:33 sigwhitelist.ign2
-rw-r--r-- 3 clamupdate clamupdate 146K 2016-08-04 01:53 blurl.ndb
-rw-r--r-- 3 clamupdate clamupdate  17K 2016-08-04 01:48 
bofhland_malware_URL.ndb
-rw-r--r-- 2 clamupdate clamupdate 318K 2016-08-04 01:46 porcupine.ndb
-rw-r--r-- 3 clamupdate clamupdate 788K 2016-08-04 01:45 
winnow_malware_links.ndb
[root at testserver:~]$ ls /var/lib/clamav-spam/
insgesamt 87M
-rw-r--r-- 2 clamupdate clamupdate 8,5K 2016-05-31 11:52 foxhole_all.cdb
-rw-r--r-- 2 clamupdate clamupdate 2,0K 2016-07-13 14:59 foxhole_js.cdb
-rw-r--r-- 2 clamupdate clamupdate 5,7K 2016-06-18 17:22 
thelounge_tagged_extensions.cdb
-rw-r--r-- 2 clamupdate clamupdate  52M 2016-08-04 02:16 safebrowsing.cvd
-rw-r--r-- 3 clamupdate clamupdate  11K 2016-03-09 09:56 sanesecurity.ftm
-rw-r--r-- 2 clamupdate clamupdate  298 2016-06-21 09:54 spamattach.hdb
-rw-r--r-- 2 clamupdate clamupdate  767 2016-07-20 09:59 spamimg.hdb
-rw-r--r-- 2 clamupdate clamupdate 515K 2016-08-04 01:45 
winnow.attachments.hdb
-rw-r--r-- 2 clamupdate clamupdate   66 2016-08-04 01:45 winnow_bad_cw.hdb
-rw-r--r-- 3 clamupdate clamupdate 6,2K 2016-08-01 17:33 sigwhitelist.ign2
-rw-r--r-- 2 clamupdate clamupdate  502 2015-11-15 10:52 spam.ldb
-rw-r--r-- 2 clamupdate clamupdate  660 2016-08-04 01:45 
winnow.complex.patterns.ldb
-rw-r--r-- 2 clamupdate clamupdate  41K 2016-08-03 15:42 badmacro.ndb
-rw-r--r-- 3 clamupdate clamupdate 146K 2016-08-04 01:53 blurl.ndb
-rw-r--r-- 2 clamupdate clamupdate  20K 2016-08-04 01:48 
bofhland_cracked_URL.ndb
-rw-r--r-- 3 clamupdate clamupdate  17K 2016-08-04 01:48 
bofhland_malware_URL.ndb
-rw-r--r-- 2 clamupdate clamupdate 3,3K 2016-08-04 01:48 
bofhland_phishing_URL.ndb
-rw-r--r-- 2 clamupdate clamupdate 6,4M 2016-08-02 13:55 junk.ndb
-rw-r--r-- 2 clamupdate clamupdate 260K 2016-08-04 01:53 jurlbla.ndb
-rw-r--r-- 2 clamupdate clamupdate 400K 2016-08-03 21:53 jurlbl.ndb
-rw-r--r-- 2 clamupdate clamupdate 240K 2016-07-29 18:20 lott.ndb
-rw-r--r-- 2 clamupdate clamupdate 3,7M 2016-08-03 12:39 phish.ndb
-rw-r--r-- 2 clamupdate clamupdate 4,9M 2016-08-04 01:46 phishtank.ndb
-rw-r--r-- 2 clamupdate clamupdate  14M 2016-08-04 01:45 scamnailer.ndb
-rw-r--r-- 2 clamupdate clamupdate 1,8M 2016-07-16 12:00 scam.ndb
-rw-r--r-- 2 clamupdate clamupdate  53K 2016-08-03 18:54 spearl.ndb
-rw-r--r-- 2 clamupdate clamupdate 2,0M 2016-08-03 18:49 spear.ndb
-rw-r--r-- 2 clamupdate clamupdate  159 2016-08-04 01:45 
winnow_extended_malware_links.ndb
-rw-r--r-- 3 clamupdate clamupdate 788K 2016-08-04 01:45 
winnow_malware_links.ndb
-rw-r--r-- 2 clamupdate clamupdate 607K 2016-08-04 01:45 
winnow_phish_complete.ndb
-rw-r--r-- 2 clamupdate clamupdate 147K 2016-08-04 01:45 
winnow_spam_complete.ndb
-rw-r--r-- 2 clamupdate clamupdate 1,5K 2015-07-01 14:54 
Sanesecurity_sigtest.yara
-rw-r--r-- 2 clamupdate clamupdate 1,3K 2016-02-22 13:21 
Sanesecurity_spam.yara


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20160804/886a743f/attachment.sig>


More information about the clamav-users mailing list