Hi Florian,
> not exactly on-topic, but does anyone here use the clam-av signatures from
> http://www.sanesecurity.co.uk to fight pdf-spam? please share your
> experiences ;) i am (like probably many others here) using michael
> stauber's av-spam pkg, but until now it is not working against the rising
> amounts of pdf/other document spam.
Run this command from the command line:
/usr/bin/sa-update --nogpg
/etc/init.d/spamassassin restart
That will download and install an updated rule set for SpamAssassin, which
includes rules to counter the PDF-SPAM and also has some better rules for
image-SPAM.
In the past I didn't advocate auto-updating SpamAssassin through "sa-update",
as the quality of the updates was sometimes affecting stability of
SpamAssassin. But so far it looks good and certainly a manual update once in
a while as shown above can be recommended.
I experiemented with extra rules for Clam AV (which is what you asked for) to
fight PDF-SPAM, but I would discourage using that method. I tested that on a
production box and Clamd fell flat on it's face like four or five times a
day. That stuff on itself is way too experimental for now. Give it some more
time to get sorted and use "sa-update" instead for now.
--
With best regards,
Michael Stauber
http://www.solarspeed.net