Just recently have been receiving reports from customers and internal users about not receiving emails.
On further investigations found that clamAV is using several database distributed by Sanesecurity for filtering.
sanesecurity.com/
One of the database is INetMsg-SpamDomains-2w.ndb which list domains in the last 2 weeks that have been spamming.
How they determine this I do not know.
I am therefore experiencing lot of False Positive.
Example of entry in the Clearos log - maillog
X-Amavis-Alert: INFECTED, message contains virus: INetMsg.SpamDomain-2w.exetel_com_au.UNOFFICIAL
where emails from exetel.com.au domain is being discarded or Quarantined, depending on setting in ClearOS web gui.
Is it possible to not check emails against INetMsg-SpamDomains-2w.ndb database ?
If so, how to do ? There is no settings in ClearOS web GUI to do this.
Any Instructions by CLI can be in detail, my linux ability is very basic.
Thankyou in advance
James
