[clamav-users] clamav-virusdb mailing list - what is the use?

Dennis Peterson dennispe at inetnw.com
Fri Mar 11 17:05:52 UTC 2016 

You got the literal definition of the clamav lists. If you need a political 
answer you might be on the wrong list.

dp

On 3/11/16 8:39 AM, Groach wrote:
> Hi Dennis
>
> Either you are being very generous on giving information despite it not being 
> asked for, or you have misunderstood my initial post (in either case, thank 
> you).  My question was really "what is the point of *this* mailing list" in 
> context of what was written ealier:  ie, the "clamav-virusdb" mailing list 
> (not the clamav-user list).  That list contains no useful information 
> whatsoever to anyone (as outlined in my first post).
>
>
> On 11/03/2016 17:29, Dennis Peterson wrote:
>> This is the list clamav users and administrators use to troubleshoot, debug, 
>> install, and configure the product. The support staff also participate and 
>> answer questions that can't be answered by reading the manual. It is intended 
>> for product support. The other lists are for product improvement through 
>> false positive handling and malware sample submissions.
>>
>> dp
>>
>> On 3/11/16 12:57 AM, Groach wrote:
>>> Hello
>>>
>>> Ok, so I understand the process:
>>>
>>> 1,  If you have a false positive or you have a suspicious file you send it 
>>> to ClamAV via the website and wait a few days for them to process it.
>>> 2,  When they do process it (in theory) you get an email back saying 
>>> something to the effect of :
>>>
>>> "Dear ClamAV user,
>>>
>>> The following submissions have been processed and published:
>>> -
>>>
>>> See http://lists.clamav.net/pipermail/clamav-virusdb/2016-March/ "
>>>
>>>
>>> 3,  By its referenced inclusion, you then go to 
>>> http://lists.clamav.net/pipermail/clamav-virusdb/2016-March to see some 
>>> 'details'
>>>
>>> But what is the point of this mailing list?
>>>
>>> Because it doesnt show anything meaningful within the individual postings:
>>>
>>> Example:
>>>
>>> Submission-ID: 14926518
>>> Sender: Virus Total
>>> Sender: VirScan.org
>>> Sender: Anonymous
>>> Sender: Paul McKnight
>>> Added: No
>>>
>>> (and a LOT of them).
>>>
>>> "Submission-ID" - what does that refer to?  It certainly isnt a anything 
>>> that I received back at time of submitting. Completely ambiguous.
>>>
>>> "Sender" - ok, this I accept
>>>
>>> "Added" - what does that mean?  (In the experience of a recent submission of 
>>> mine I received an "Added=no" and I had submitted a False Positive report.  
>>> And most entries say "no").
>>>
>>> I thought the theory of this mailing list was to allow people to view their 
>>> (or any other) submissions with the details yet the details they give have 
>>> no use whatsoever beyond that of the 'Sender' ID and the header "ClamAV 
>>> database updated..." Date. (And even then the SenderId is no good if you 
>>> have done multiple submissions).
>>>
>>> And this is all pointless anyway as there is no longer any search facility 
>>> any more (I submitted a report and now must go through every entry 
>>> individually, doing a CTRL-F search, looking for the Sender id of 
>>> interest(!), backwards, and then backout, in to the next posting, and repeat 
>>> again...and again....and again...until I find one).
>>>
>>> Did anyone actually THINK about the point of publishing this list and 
>>> whether it has any use to anyone?
>>>
>>> I would like to see something more meaningful where:
>>>
>>> a, 'Submission ID' is a reference that is given to the user making the 
>>> report in the first place (currently the users dont get anything)
>>> b, 'Added' means something more meaningful that makes it clear whether a new 
>>> virus signature has been created, a false positive has been removed, or 
>>> whether the submission was just disregarded for some reason (making the 
>>> reason clear).
>>> c, Bring back a SEARCH facility so that a user can search for either a 
>>> signature definition (when it was added) or their recent submission (to see 
>>> if it has been processed yet).
>>>
>>>
>>> Take this as constructive feedback.  But if anyone can give an answer with 
>>> convincing reasons as to why this mailing list is of interest to any member 
>>> of public, and how they are expected to use it, then Im all ears
>>>
>>> _______________________________________________
>>> Help us build a comprehensive ClamAV guide:
>>> https://github.com/vrtadmin/clamav-faq
>>>
>>> http://www.clamav.net/contact.html#ml
>>
>> _______________________________________________
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>>
>> http://www.clamav.net/contact.html#ml
>
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml

More information about the clamav-users mailing list