> > There was a discussion about this several months ago. Unfortunately, > > many people (including part of the signature-generation team) are too > > dogmatic about their feelings that "phishing is bad, so we should block > > it" to look at it logically. > Is it causing you (or anyone for that matter) a problem by clamav > catching some phishing attempts as opposed to spamassassin catching > them? Whats really the issue here? You just dont believe clamav is the > right tool for that job, but is there REALLY a problem? I doubt it. > If my car is broken usually I take it to a mechanic. But if a friend of > mine who happens to be a plumber can fix it also, does it really matter > if I bring it to him instead? No.
Just my two cents - I agree with the other guy. CLAM should blocks virii and worms, and leave SPAM to something else. Just think of the size of the signature database if it includes thousands (or more) of dumb phish e-mail signatures that you're very likely never to see again. We use a couple of simple anti-spam techniques (not even anything as complex as spamassasin), get almost no SPAM, and I haven't seen a phish e-mail in weeks. This is problem that has essentially been solved elsewhere. And well designed architecture with clear division of component roles is a "good", even if the up-front benefits are not obvious, apparent, or clear: after ten years in IT I can say with confidence that it always pays off at some unforseen circumstance in the future - always. _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
