1 |
On 2020-09-11 15:09, Robin H. Johnson wrote: |
2 |
> Hi, |
3 |
> |
4 |
> As a result of a recent high-impact [1] false positive spam detection in |
5 |
> Gentoo mail, we've disabled using the MalwarePatrol ruleset in Clamav |
6 |
> for spam detection for all inbound mail to @gentoo.org |
7 |
> |
8 |
|
9 |
All of these services produce killer false positives eventually. If |
10 |
you're using amavisd-new, you can score them instead of reject outright: |
11 |
|
12 |
@virus_name_to_spam_score_maps = |
13 |
(new_RE( |
14 |
[ qr'^MBL_.*' => 4.0 ], |
15 |
)); |
16 |
|
17 |
That doesn't totally fix the problem, but if the message is otherwise |
18 |
pristine (no blacklists, etc.) then a MalwarePatrol hit won't be fatal. |