On 08-09-2011 21:33, Bill Landry wrote:
countries), and some rather large universities. And it looks like
these entities have been using them for quite some time and are
reporting no issues.
They wouldn't report transient issues. Instead, databases will just be
used with a lower score should they cause problems every so often.
The expected mindset of a medium and large site email admin team is
"reduce medium and long-term maintenance effort", and "never increase
the fast-response-needed maintenance burden". If something causes FPs,
it is not kept at a high score because "staying on top of FPs" is just
not an option.
IME, large sites are not likely to offer much on the way of periodic
feedback, either. Many won't even write you to say "it doesn't work at
all for us", based on the incorrect notion that you're not interested in
that feedback.
The thousands of hits with INetMsg SpamDomain-2m in those 5 days
are somewhat exceptional: in the 3 weeks before that we had about
250 per host and week ...
Well, this really doesn't tell us anything as the hit counts need to
be correlated to overall hit rates from all other signatures
database during that time frame, as well.
Hmm, clamav logs can easily provide that information. If you'd really
appreciate more periodic feedback, I'd suggest getting someone to modify
mailgraph[1] to track clamav logs and create RRDs of the hit-rate of the
various databases.
