clamav-unofficial-sigs provides a shell script to download, verify (GPG)
and integrate third-party clamav signatures into the clamav database.
These third-party signatures provide valuable spam and malware detection
capabilities and make an excellent enhancement to native clamav signatures.
It is especially useful when running a mailserver with clamav. The best
way to update signatures is probably to setup a cron job to do so.
The following four sources of signatures are used by default:
1) SaneSecurity
2) MSRBL (Realtime Blacklists)
3) SecuriteInfo
4) MalwarePatrol
These sources are fully tweakable via the config file. Also refer to the
documentation included with the package which provides configuration and
setup infomation.
The following are the URLs for each signature source:
SaneSecurity: http://www.sanesecurity.com/index.htm
SecuriteInfo: http://www.securiteinfo.com/services/clamav_unofficial_malwares_signatures.shtml
MSRBL: http://www.msrbl.com/
MalwarePatrol: http://www.malware.com.br/
A sample cron entry is included in the package docs; please make appropriate
changes to it and add it to root's crontab.
You must have clamav installed to run this. Also, if you are using a firewall
on your server, you may have to allow rsync traffic, as MSRBL sigs are
downloaded using rsync.