Hi, I have compared clamscan's url-based phishing options of 0.90rc3 with those of 0.90rc2, and as a result, some things are no longer clear to me:
(1) Has the "Phishing.Email.HexURL" type been dropped in rc3? What has been detected as "Phishing.Email.HexURL" in rc2, will now be detected as just "Phishing.Email": clamscan-0.90rc2 20061007-042145.696587_Html.mbox 20061007-042145.696587_Html.mbox: Phishing.Email.HexURL FOUND clamscan-0.90rc3 20061007-042145.696587_Html.mbox 20061007-042145.696587_Html.mbox: Phishing.Email FOUND (2) The "--phishing-cloak" option does not seem to work: clamscan-0.90rc3 --phishing-cloak 20061004-110140.185616_Html.mbox 20061004-110140.185616_Html.mbox: OK However: clamscan-0.90rc3 --no-phishing-restrictedscan 20061004-110140.185616_Html.mbox 20061004-110140.185616_Html.mbox: Phishing.Email.Cloaked.NumericIP FOUND (3) It seems that the "--phishing-ssl" and "--phishing-cloak" options are always activated when "--no-phishing-restrictedscan" is given, right? (4) Do you really want to keep the "no-" within "--no-phishing-restrictedscan"? This must have been a glitch. (5) Can we expect another release candidate with these Phishcheck module related issues being fixed before 0.9 final? Will --enable-experimental still be required at compile time? Thanks, rob. -- _______________________________________________ http://lurker.clamav.net/list/clamav-devel.html
