aboutsummaryrefslogtreecommitdiff
path: root/network/clamav-unofficial-sigs/README
blob: c2a72780d6e10d32ea71a11196b5fa1200969815 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
clamav-unofficial-sigs provides a shell script to download, verify (GPG) and
integrate third-party clamav signatures into the clamav database.  These
third-party signatures provide valuable spam and malware detection
capabilities and make an excellent enhancement to native clamav signatures.

It is especially useful when running a mailserver with clamav.  Best way to
update signature is to setup a cron job.  

Following four sources of signatures are used by default in the config file:

1) SaneSecurity
2) MSRBL (Realtime Blacklists)
3) SecuriteInfo
4) MalwarePatrol

These sources are fully tweakable via the config file.  Also refer to the
documentation included with the package which provides configuration and
setup infomation.

Following are the URLs for each signature source.
SaneSecurity: http://www.sanesecurity.com/index.htm
SecuriteInfo: http://www.securiteinfo.com/services/clamav_unofficial_malwares_signatures.shtml
MSRBL: http://www.msrbl.com/
MalwarePatrol: http://www.malware.com.br/

Sample cron entry is included in the package docs, please make appropriate
changes to it and add it to root's crontab.

You must have clamav installed to run this.  Also if you are using a firewall
on your server, you may have to allow rsync traffic as MSRBL sigs are
downloaded using rsync.