making the signature isnt the problem. the problem is that clamav will only identify the signature if its on its own (such as the signature is a file all its own) it will not identify email with the signature information in it.
as an example i took a spam based email image and made a signature of just it. i would like clamav to identify any email with that image in it as a virus so that it is trashed instead of delivered. the image in a file (encoded or decoded) will be identified based on the signature created but if its in an email the email is not identified as having an identifiable virus in it. Carl *********** REPLY SEPARATOR *********** On 10/5/2006 at 12:43 AM Christoph Cordes wrote: >Carl Thompson wrote: >> I have followed the documentation i've found and created custom database >files that identify files that stand alone without a problem using sigtool >--md5 <file> > /path/to/custom.db > >Try: >sigtool --md5 <file> > /path/to/custom.hdb > >-- >Best regards, > Christoph mailto:[EMAIL PROTECTED] >_______________________________________________ >http://lurker.clamav.net/list/clamav-users.html _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
