I have a newbie question to ask about the logic of how a ruleset works.
Why are some rules commented out by default? Eg. on ET MALWARE there are a lot which are commented thus not used. Is there a reason for it or is it best practice to enable all of them using enable.conf?