clamav-unofficial-sigs provides a shell script to download, verify (GPG) and integrate third-party clamav signatures into the clamav database. These third-party signatures provide valuable spam and malware detection capabilities and make an excellent enhancement to native clamav signatures. It is especially useful when running a mailserver with clamav. Best way to update signature is to setup a cron job. Following four sources of signatures are used by default in the config file: 1) SaneSecurity 2) MSRBL (Realtime Blacklists) 3) SecuriteInfo 4) MalwarePatrol These sources are fully tweakable via the config file. Also refer to the documentation included with the package which provides configuration and setup infomation. Following are the URLs for each signature source. SaneSecurity: http://www.sanesecurity.com/index.htm SecuriteInfo: http://www.securiteinfo.com/services/clamav_unofficial_malwares_signatures.shtml MSRBL: http://www.msrbl.com/ MalwarePatrol: http://www.malware.com.br/ Sample cron entry is included in the package docs, please make appropriate changes to it and add it to root's crontab. You must have clamav installed to run this. Also if you are using a firewall on your server, you may have to allow rsync traffic as MSRBL sigs are downloaded using rsync.