Re: [exim] Question about ClamAV

Góra strony
Wiadomość jest częścią wątku:
Mpełne drzewo wątku posortowane wg daty
MPatrick von der Hagen at <-
M 
Delete this message
Reply to this message
Autor: pencho kuncho
Data:  
Dla: Exim Users
Temat: Re: [exim] Question about ClamAV
HI,

Yes, my ClamAV is with regular signatures. Why i need scan archives with ClamAV when this could be done with Exim? Ok, i'll continue with Spamassassin because i don't have knowledge to filter spam by Exim ... but ClamAV is useless for me with this new level of infection. Thanks anyway.
Best Regards. 


      From: Patrick von der Hagen <patrick.hagen@???>
 To: "exim-users@???" <exim-users@???> 
 Sent: Wednesday, April 13, 2016 5:17 PM
 Subject: Re: [exim] Question about ClamAV


On 13.04.2016 09:41, pencho kuncho wrote:
> Hi,
> I already implemented Lena's solutions and thinking to stop ClamAV. It's only take resources ... by my opinion.
for me it felt easier to write a clamav-signature blocking js inside of
zips. And it hardly takes any resources, compared to SpamAssassin. But
it really depends on context. Do you use the "regular" signatures only
or did you add additional signature sets (e.g.
http://sanesecurity.com/usage/signatures/ ?)

For example, malwarepatrol.net offers the same signatures for clamav or
as a ruleset for SpamAssassin, but the clamav ones are way more
efficient. Running the clamav-ones I don't notice any difference in
processing, using the SpamAssassin ones my system suffers considerably.

So, if your clamav is running smoothly, I'd check alternative signatures
first, before disabling it.
https://github.com/extremeshok/clamav-unofficial-sigs is a great tool to
get automatical updates. I added quite a lot and I'm happy.

However, currently few antivirus solutions will update signatures quick
enough to be really effective against current malware. Not accepting
bogus messages in the first place seems to be the better option.


--
Karlsruher Institut für Technologie (KIT)
Steinbuch Centre for Computing (SCC)

Patrick von der Hagen

Zirkel 2, Gebäude 20.21, Raum 004.2
76131 Karlsruhe
Telefon: +49 721 608-46433
E-Mail: hagen@???
Web: http://www.scc.kit.edu

KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Wiadomość została wysłana do następujących list mailowych:
Exim-users
Informacja o liście mailowej | Najbliższe wiadomości		<-[exim] Ignoring SSL-Errors on self signed certificatesRe: [exim] Ignoring SSL-Errors on self signed certificates->
Tahini and Hummus and Cumin Development Archives administrowana przez cumin AdminsLurker (wersja 2.3)