[clamav-users] Using clamav to test for bad links in incoming emails
J.R.
themadbeaker at gmail.com
Sun Feb 10 14:13:20 UTC 2019
Trying not to get too far off topic, but I wanted to add if you reject
based on the hostname of the mail server that can also drop an
overwhelming majority of the spam. The most basic test is to see if
the IP resolves to anything. Next, does the hostname contain any red
flags, like: dhcp, dynamic, ddns, dsl, catv, ppp, dial-up, vpn,
broadband, cable, dedicated, etc...
I could be wrong in saying this, but while ClamAV is great for
comparing a file against it's vast list of signatures, it has no
automated "learning" ability or scoring system like anti-spam
programs. I'm not saying it's the wrong tool for the job, it's just
one part of the overall process.
More information about the clamav-users
mailing list