spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jones <djo...@ena.com>
Subject Re: Lots of Polish spam
Date Wed, 25 Feb 2015 13:11:55 GMT
>________________________________________
>From: Axb <axb.lists@gmail.com>
>Sent: Wednesday, February 25, 2015 4:32 AM
>To: users@spamassassin.apache.org
>Subject: Re: Lots of Polish spam

>On 02/25/2015 01:42 AM, Alex Regan wrote:
>> Hi,
>>
>>
>> On 02/24/2015 07:06 PM, Reindl Harald wrote:
>>>
>>> Am 25.02.2015 um 00:56 schrieb Alex Regan:
>>>>> Sophos reports it as Troj/Tinba-O, like most others on virustotal.com
>>>>> ClamAV does not detect anything suspicious.
>>>>
>>>> I really thought clamav was much better. Can you recommend a antivirus
>>>> other than Sophos that works well with Linux/Fedora?
>>>>
>>>> Sophos is a no-go with Fedora, apparently
>>>
>>> as explained repeatly in this thread: ClamAV is a *fraemwork* and works
>>> well if you load the right signatures
>>>
>>> even SpamAssassin *is just a framework* without Bayes, URIBL, DNSBL and
>>> shared hash deployments far away from useable as a "ready solution"
>>>
>>> if you build up a spamfilter you can't just use anything out of the box
>>> and think you are done without invest in configuration and additional
>>> signatures as well as *learining* from real mail flow
>>
>> Yes, I *am* already using the additional signatures from sanesecurity
>> and others. I've started to notice the efficacy suffering over the past
>> months as users have been complaining and comments on this list (I
>> assumed those that were commenting were also using the third-party
>> signatures).
>>
>> I'm also just looking for a secondary scanner in addition to clamav to
>> run in parallel to see how it compares...


>You may want to look into Cyren (was Commtouch) though it's NOT cheap.

>http://www.cyren.com/tl_files/downloads/CYREN-AntiVirus-for-Email.pdf


>also Dr. Web is suprisingly good for the price
>https://www.drweb.com/?lng=en

>I've also been using F-Prot for years and it catches quite a few corner
>cases and for the price it's well worth it.

>If anybody expects to get *cheap* multi-layer AV, forget it.

E-set Nod32 is working very well for us.  We licensed 8 mail filter boxes for
not a lot of money.  It's very fast too so we dropped our processing time
in half from our McAfee AV down to 4-5 seconds per MailScanner batch.

They quoted us pricing as a 5 user license per box:
http://www.eset.co.uk/Business/Mail-Security/Linux-BSD-Solaris
Mime
View raw message