aboutsummaryrefslogtreecommitdiff
path: root/network/clamav-unofficial-sigs/README
blob: 5b1f013ecd06faa1fc8e101e17176589693037ec (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
clamav-unofficial-sigs provides a shell script to download, verify (GPG) and
integrate third-party clamav signatures into the clamav database.  These
third-party signatures provide valuable spam and malware detection
capabilities and make an excellent enhancement to native clamav signatures.

It is especially useful when running a mailserver with clamav.  The best way to
update signatures is to set up a cron job.  

Following four sources of signatures are used by default in the config file:

1) SaneSecurity
2) MSRBL (Realtime Blacklists)
3) SecuriteInfo
4) MalwarePatrol

These sources are fully tweakable via the config file.  Also refer to the
documentation included with the package which provides configuration and
setup infomation.

Following are the URLs for each signature source.
SaneSecurity: http://www.sanesecurity.com/index.htm
SecuriteInfo: http://www.securiteinfo.com/services/clamav_unofficial_malwares_signatures.shtml
MSRBL: http://www.msrbl.com/
MalwarePatrol: http://www.malware.com.br/

A sample cron entry is included in the package docs, please make appropriate
changes to it and add it to root's crontab.

If you are using a firewall on your server, you may have to allow rsync 
traffic as MSRBL sigs are downloaded using rsync.