On Thu, 3 Feb 2005 09:01:42 -0500 in [EMAIL PROTECTED] "Jason Frisvold" <[EMAIL PROTECTED]> wrote:
> There is an article on zdnet regarding a new type of trojan that > uses an ISP's mailserver to send spam. I'm not at all > interested in getting into a discussion regarding this.. What I > am interested in is to know if anyone has seen this in the wild, > and whether or not ClamAV currently has a signature for it. > Unfortunately, the article does not detail how this Trojan is > installed onto the users system. However, mail seems to be one > of the most prevalent methods, so I'm guessing it will come in > that way... Well two things come to mind. It isn't ClamAV's job to block spam, only viruses and immediately identifiable deceptions like phishing attacks. Secondly, the only clue about the path taken is in the mail headers, ClamAV is really a body scanning tool so again it isn't designed to identify the attack approach you mention. -- Brian Morrison bdm at fenrir dot org dot uk GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
