Gentoo Archives: gentoo-dev

From: Michael Orlitzky <mjo@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] [infra] Anti-spam changes: removal of malware patrol and other older ClamAV rules
Date: Fri, 11 Sep 2020 19:16:17
Message-Id: bf9fa41b-0f39-c5b7-c516-2ea678a8b7cf@gentoo.org
In Reply to: [gentoo-dev] [infra] Anti-spam changes: removal of malware patrol and other older ClamAV rules by "Robin H. Johnson"
1 On 2020-09-11 15:09, Robin H. Johnson wrote:
2 > Hi,
3 >
4 > As a result of a recent high-impact [1] false positive spam detection in
5 > Gentoo mail, we've disabled using the MalwarePatrol ruleset in Clamav
6 > for spam detection for all inbound mail to @gentoo.org
7 >
8
9 All of these services produce killer false positives eventually. If
10 you're using amavisd-new, you can score them instead of reject outright:
11
12 @virus_name_to_spam_score_maps =
13 (new_RE(
14 [ qr'^MBL_.*' => 4.0 ],
15 ));
16
17 That doesn't totally fix the problem, but if the message is otherwise
18 pristine (no blacklists, etc.) then a MalwarePatrol hit won't be fatal.