ClamAV Implementation
Question asked by Ryan Wittenauer - 2/19/2020 at 11:18 AM
Unanswered
Asking for an opinion on how the community handles ClamAV implementation.
We're running a default installation in CentOS, and pointing our main SM server to it for scanning.

Any recommendation's to lower the amount of False Positives we're experiencing.

3 Replies

Reply to Thread
2
echoDreamz Replied
ClamAV is mostly garbage, however, you can use some 3rd party databases to get help with detection rates etc. https://sanesecurity.com/ and https://www.securiteinfo.com/services/anti-spam-anti-virus/improve-detection-rate-of-zero-day-malwares-for-clamav.shtml?lg=en 
0
Ryan Wittenauer Replied
Echo, how do you effectively scan for incoming viruses? We're looking into using our AV to scan messages using the Command Line option.
1
echoDreamz Replied
We use a custom spool proc monitoring app we created that handles initiating command-line scanning messages amongst other various items.

Reply to Thread