[EMAIL PROTECTED] wrote: > On Feb 7, 2008 11:12 AM, <[EMAIL PROTECTED]> wrote:
>> > Just wanted to update in case anyone else comes across this. Its > actually the mailscanner module for logwatch that trips this up. The > mailscanner module dumps the details of the phishing attack to the > logwatch email and then clam catches the bogus url and behaves > accordingly. > It is common for loggers to do this - they are capable of being rather spammy and is why mail from them is often excluded from scanning. Given the source is known and the destination is known, and the content is generally important it's probably a good idea to accept the messages without scanning. dp _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
