To use the Malware Block List with Clamav, one has to do the following:

1) Download the MBL in Clamav signatures format. For example:
/usr/bin/wget -O - http://www.malware.com.br/cgi/submit?action=list_clamav > mbl.db

2) Copy the file to Clamav's DatabaseDirectory. This can be found in the 
clamd.conf file and usually is where the files main.cvd and daily.cvd are. 
It is important that the file copied must have the extension .db and has 
the right permission so that Clamav can read from it.
/bin/cp mbl.db /var/clamav

3) Reload/Restart clamav (if you are using the daemon)
/etc/init.d/clamad reload

That is it. From now on, emails that contain URLs from the MBL, when 
scanned with Clamav, will be marked as infected by MBL.%NUM%.

by eduardoh CPD-UFRGS