I can't believe this one subject can create such a mess.
> ClamAv is marketed as an antivirus tool. I think, as you say, there is a need for a generic anti-malware tool. But don't call it clamav. Not detecting phishing attempts, would be like allowing Trojans through as acceptable attachments. These aren't Nigerian scams, or viagara ads, there are emails designed right down to the linked site to obtain account information . Lets not forget that the "Phishing", and "Social Engineering" are 'Hacker' terms for methods of retrieving sensitive information, in the hopes to gain access to the account or desired target (network). With that in mind it seems to me these emails should be treated as seriously as Trojans are treated. The "phishing" e-mail's being detected (by all AV's I might add) should be kept out of the hands of those who need protecting (click happy users). This isn't Spam that by replying or clicking the included link you get added to a Spam list. It's the type of emails that come along indicating they're from "Citibank, Paypal, Ebay, CapitalOne, ETC". You click the link and 'HEY' what do you know, it looks identical to the site they "thought" they were going to, so they provide their credit card / account information for verification (like they'd think to verify the URL in their address bar) I'm sorry, but I personally know 7 people who fell prey to this practice, and I've gotten emails from users thanking us for the addition. Set it up as an option if needed, but as a network administrator, I'd rather be on the safe side and allow them to view the email held if they desire, than to find out that because it got through and put a hard working family in to financial turmoil. Just my 2 cents. _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
