Carl Thompson wrote:
making the signature isnt the problem. the problem is that clamav
will only identify the signature if its on its own (such as the
signature is a file all its own) it will not identify email with the
signature information in it.
as an example i took a spam based email image and made a signature of
just it. i would like clamav to identify any email with that image
in it as a virus so that it is trashed instead of delivered. the
image in a file (encoded or decoded) will be identified based on the
signature created but if its in an email the email is not identified
as having an identifiable virus in it.
Carl
You might want to consider this instead of hand rolling your own:
http://www.msrbl.com/site/msrblimagesabout
_______________________________________________
http://lurker.clamav.net/list/clamav-users.html
