You should make a copy of signatures to another directory that HAVP can use (don't bother a second clamd, just use library). And not copy SaneSecurity etc there at all. You could also grep away any Mail-type signatures (:4: in .ndb) to save some memory, since you don't generally encounter mbox-files in http..
The only marginal benefit is that some of the signatures might "catch" suspicious mails in webmails.
As an example, that rule Email.Malware.Sanesecurity.Url.SQLInj_32 simply matches the string "http://www.banner82.xxx" (replaced com with xxx in case you surf through HAVP..) anywhere.
Logged In: YES
user_id=1160896
Originator: YES
http://copfilter.endlich-mail.de/viewtopic.php?t=2114