[clamav-users] Automated submissions to third party databases?
Henrik K
hege at hege.li
Tue Sep 3 11:38:38 UTC 2019
On Tue, Sep 03, 2019 at 01:17:16PM +0200, Arnaud Jacques wrote:
> Ged,
>
> >>Did you try spam_marketing.ndb from securiteinfo.com ? We detect many
> >>spams/phishing.
> >
> >Thanks - no, I don't use that one. It's listed at Sanesecurity as
> >having a high false positive rate.
>
> As far as I know, this review has not been updated since years.
> We fight false positives as soons as we discover one. This is our priority.
> Anyway, the best choice is to give a try, custom the signatures if
> necessary, and make your own opinion, not only rely on 3rd party evaluation
> from years ago.
>
> About my own tests, on several mail servers, spam_marketing.ndb detects a
> lot more spam and phishing than SaneSecurity signatures. No offense to
> SaneSecurity, it is just my own opinion. spam_marketing.ndb does not pretend
> to replace SaneSecurity, but is a complement.
General comment:
Using any third party rules with ClamAV is a gamble, but they are very good
for scoring with Amavisd/Spamassassin etc. In my setup I don't even trust
the official signatures, I just score everything along with SA.
More information about the clamav-users
mailing list