aboutsummaryrefslogtreecommitdiff
path: root/network/clamav-unofficial-sigs/README
blob: e7a7acc76ed913df51b422a55d5d91462a6f4a37 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
clamav-unofficial-sigs provides a shell script to download, verify (GPG)
and integrate third-party clamav signatures into the clamav database.  
These third-party signatures provide valuable spam and malware detection 
capabilities and make an excellent enhancement to native clamav signatures.
It is especially useful when running a mailserver with clamav.  The best 
way to update signatures is probably to setup a cron job to do so.

The following four sources of signatures are used by default:
1) SaneSecurity
2) MSRBL (Realtime Blacklists)
3) SecuriteInfo
4) MalwarePatrol

These sources are fully tweakable via the config file.  Also refer to the 
documentation included with the package which provides configuration and 
setup infomation.

The following are the URLs for each signature source:
SaneSecurity: http://www.sanesecurity.com/index.htm
SecuriteInfo: http://www.securiteinfo.com/services/clamav_unofficial_malwares_signatures.shtml
MSRBL: http://www.msrbl.com/
MalwarePatrol: http://www.malware.com.br/

A sample cron entry is included in the package docs; please make appropriate 
changes to it and add it to root's crontab.

You must have clamav installed to run this.  Also, if you are using a firewall 
on your server, you may have to allow rsync traffic, as MSRBL sigs are 
downloaded using rsync.