ClamAV Implementation
Question asked by Ryan Wittenauer - 2/19/2020 at 11:18 AM
Unanswered
Asking for an opinion on how the community handles ClamAV implementation.
We're running a default installation in CentOS, and pointing our main SM server to it for scanning.

Any recommendation's to lower the amount of False Positives we're experiencing.
echoDreamz Replied
ClamAV is mostly garbage, however, you can use some 3rd party databases to get help with detection rates etc. https://sanesecurity.com/ and https://www.securiteinfo.com/services/anti-spam-anti-virus/improve-detection-rate-of-zero-day-malwares-for-clamav.shtml?lg=en 
Ryan Wittenauer Replied
Echo, how do you effectively scan for incoming viruses? We're looking into using our AV to scan messages using the Command Line option.
echoDreamz Replied
We use a custom spool proc monitoring app we created that handles initiating command-line scanning messages amongst other various items.

Reply to Thread

Enter the verification text