I'm not dismissing anything. (Except the notion that I am dismissing things). I know one of our guys is monitoring the list during the holiday. I'll ping him.
-- Sent from my iPhone > On Dec 29, 2016, at 7:07 AM, Groach <groachmail-stopspammin...@yahoo.com> > wrote: > >> On 29/12/2016 09:32, Reindl Harald wrote: >> >>> Am 29.12.2016 um 10:21 schrieb Reindl Harald: >>> >>> state of the official sgnatures is that clamav don't catch many real >>> malware all over the time without sanesecurity 3rd party signatures and >>> the official >> >> given how much memory the instance with the officical signatures i am going >> so far to say that i would love to be able to *completly* exclude >> "daily.cld", "daily.cvd" and "main.cvd" and only update "safebrowsing.cvd" >> and just keep the few sanesecurity signatures in the clamd-instance which is >> allowed to reject directly via milter > > I couldnt agree more. Clam sigs have *never* caught a single threat - in many > cases many MANY months after the threat had been and gone (I have documented > evidence if anyone cares to read it). The only thing Clam has ever done is > 'catch' false positives (yes, I mean "ONLY") - so much so that I have been > forced to turn off quarantine/action upon threat and put it in to REPORT MODE > only. If I could exclude the Clam default signatures and just continue to > use Sane then I would and then I could turn back on quarantining to make our > systems safe again. The irony is that Sane has been tested and proven by me > to be the best Zero hour threat detector and thats why I have chosen it (even > against all the big commercial boys) but its built on and uses the Clam > engine - yet its the default Clam signatures that stop me keeping my system > safe despite Sane doing its work properly. (Its like Sane being employed by > the police and telling the police of the intruder but the police not doing > anythi ng about it because they would simploy go about arresting the intruder and even the innocent premises owners and general public. Answer: done tell the police and just write it down instead.) > _______________________________________________ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
