Dennis Peterson wrote: > And the point is you don't have to come to harm if a > phishing pattern is not available.
That depends on your expectations. If you're purely using it for your own personal protection, you're absolutely right. If you're using it as a service to others, whether employees or clients, it's a different story. My point is - when I've told someone I can protect them from phishing to some degree, ClamAV is letting me down by not delivering in time. I'd really like to repeat - I am most definitely NOT complaining. I just think the phishing detection of ClamAV is pointless when it's one to two days late. >>> Given the ease with which these can be defeated with other simple >>> tools available to any good messaging server >> >> I could do with a couple of pointers (for server-based use). > > The tools to create your own pattern files are included with ClamAV. Certainly, and that may be what we'll do anyway. But the whole strength of ClamAV is the collaboration of a large worlwide community, is it not? >>> I don't mind they are given lower priority than correcting code >>> errors, improving documentation, discovering and responding to truly >>> destructive outbreaks, etc. >> >> As a matter of principle, maintaining the database of what ClamAV is >> supposed to detect must have the highest priority, IMHO. If not, >> everything else is pointless. > > I guess you could always ask for a refund if you're unhappy with the > product. I think they're doing a hell of a good job. So do I. I've even contributed code myself. I am in no way unhappy with the product, and I shall continue to use it, but I AM a tad unhappy with the promises wrt phishing. /Per Jessen, Zürich _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
