Todd Lyons wrote:
Any reason to call it phish.ndb instead of phish.db? Just a way to make
automating it easier?
Hi Todd,
If you look at the current signature pdf docs here:
http://www.clamav.net/doc/0.88/signatures.pdf
If you look at Section 3.3 (Basic Signature format) you'll see that
these databases are .db format, which
doesn't have a html type, it looks for matches in ALL file types, which
I thought would increase the risk of
false positives.
So, I went for Extended Signature format (Section 3.4), which MUST be in
a .ndb format.
I think that's right anyway ;)
Steve
_______________________________________________
http://lurker.clamav.net/list/clamav-users.html
