search for: sanesecurity

I have discovered that many times the virus definitions I use for scanning messages (ClamAV, with the unofficial signatures http://sanesecurity.com/usage/linux-scripts/) are updated some time after my server has received an infected email. It seems the virus creators are trying to race the virus definition creators to see who can deliver first; more than half of the infected messages are found after they?ve been delivered. Great. To help...

On 03/04/16 22:10, Ireneusz Piasecki wrote: > W dniu 03.04.2016 o 04:39, Rob Kampen pisze: >> EPEL maintainers? >> I note messages in the log about updated version 0.99.1 of CLAMAV >> being available since Mar 5th. >> for CentOS 6 no update is available yet. >> I used to use rpmforge for this package but that languished for months >> before updates became

Op 11/10/2016 om 10:05 AM schreef Teemu Huovila: > > On 09.11.2016 23:36, Brad Koehn wrote: >> I have discovered that many times the virus definitions I use for scanning messages (ClamAV, with the unofficial signatures http://sanesecurity.com/usage/linux-scripts/) are updated some time after my server has received an infected email. It seems the virus creators are trying to race the virus definition creators to see who can deliver first; more than half of the infected messages are found after they?ve been delivered. Great. >>...

Is there any reason not to make (for v1.2) 1) deliver -e behavior the defaut? 2) not even provide the option for the current default (have deliver send bounces itself)? The only reason it even works like it does currently is because I just mostly copied what Cyrus did.

On 09.11.2016 23:36, Brad Koehn wrote: > I have discovered that many times the virus definitions I use for scanning messages (ClamAV, with the unofficial signatures http://sanesecurity.com/usage/linux-scripts/) are updated some time after my server has received an infected email. It seems the virus creators are trying to race the virus definition creators to see who can deliver first; more than half of the infected messages are found after they?ve been delivered. Great. > &g...

On 2016-11-09 21:36, Brad Koehn wrote: > I have discovered that many times the virus definitions I use for > scanning messages (ClamAV, with the unofficial signatures > http://sanesecurity.com/usage/linux-scripts/) are updated some time > after my server has received an infected email. It seems the virus > creators are trying to race the virus definition creators to see who > can deliver first; more than half of the infected messages are found > after they?ve been deliver...

what anti-spam for you used ? dspam?spammassian? amavisd-new ? what is best ?

...lt;stephan at rename-it.nl> wrote: > > Op 11/10/2016 om 10:05 AM schreef Teemu Huovila: >> >> On 09.11.2016 23:36, Brad Koehn wrote: >>> I have discovered that many times the virus definitions I use for scanning messages (ClamAV, with the unofficial signatures http://sanesecurity.com/usage/linux-scripts/) are updated some time after my server has received an infected email. It seems the virus creators are trying to race the virus definition creators to see who can deliver first; more than half of the infected messages are found after they?ve been delivered. Great. >>...

Here's what I'm trying to do. I have a spam filtering operation as a front end for other servers. I've created a virtual server for spam storage where the user will be able to log in using squirrelmail/dovecot to review and release their spam. The email is stored in maildir format. Piecing it together I can use squirrelmail to pipe the email into something so that if a use finds a