Tomasz Kojm wrote:
On Mon, 15 Nov 2004 12:04:39 -0800 <[EMAIL PROTECTED]> wrote:
Ken Jones wrote:
I think the thing to remember here is that we are discussing scanning of email. If the email is malicious, then having clamav remove it is a good thing in my opinion. Spam (uce/ube) that poses no threat to the user, and is just an anoyance is what SA should be catching.
ClamAv is marketed as an antivirus tool. I think, as you say, there is a need for a generic anti-malware tool. But don't call it clamav.
So, in addition to phishing, we shouldn't detect trojans as well? Oh, let's create ClamAT!
Wake up! It's the XXI century and not the old, good DOS times when there were five types of viruses and (almost) no other malware.
The users arguing about phishing detection should visit http://www.antiphishing.org to learn more about this special type of _attack_.
I think the people "arguing" about phishing are not ignoring it's importance. The question, at least in my mind, is should ClamAV or MailScanner or SpamAssassin or "Bob's Big Phishing Gadget" get the resources of the server to do the detection.
My preference has been stated. I would prefer SpamAssassin do the puzzle solving of message bodies, headers, URI lookups, message obfuscation, etc and let ClamAV do the signature matching of attachments.
I have MailScanner running ClamAV on my Gateway, and SpamAssassin on my toasters. I would prefer to not have to chase through three pieces of software looking for a false positive. Though, the argument could be made (and it is a very good one) that multiple tests is a good thing.
It seems everyones email product wants to detect phishing scams suddenly.
DAve
-- Systems Administrator http://www.tls.net Get rid of Unwanted Emails...get TLS Spam Blocker!
_______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
