[Mimedefang] clamav-unofficial-sigs and pyzor
Dianne Skoll
dfs at roaringpenguin.com
Mon Sep 19 08:36:06 EDT 2016
On Mon, 19 Sep 2016 07:46:11 +0200
Marcus Schopen <lists at localguru.de> wrote:
> my be a little bit off topic, but are there any experience with the
> efficiency of pyzor and clamav-unofficial-sigs [1].
No comment on pyzor because I don't use it, but some of the
clamav-unofficial-sigs are useful. We use the following data sets:
phish.ndb
rogue.hdb
sanesecurity.ftm
winnow_malware.hdb
winnow_malware_links.ndb
We find the others have unacceptably-high false-positive rates, and
even the ones above occasionally get a bad signature that produces annoying
false-positives.
Regards,
Dianne.
More information about the MIMEDefang
mailing list