Hello, I'm new to clamav, and using 0.94.2. It seems that the clamscan command no longer recognises the '--phishing-strict-url-check' option. However, I can find no mention of it being removed in the Changelog file (I can find an entry that indicates it's name was changed from something else, so it obviously did exist before).
Additionally, the current 'Phishing signatures creation HOWTO' document makes reference to a contributed script called 'why.py' (in section 3.3.1). This script too does not seem to be present with 0.94.2. I got a copy of the script from elsewhere, but it uses the above clamscan option. At the moment I have an MTA which just logs whatever clamav finds. However, given something like 'Phishing.Heuristics.Email.SpoofedDomain', I wanted to know what it actually was that clamav was checking to cause this result. So, the HOWTO document mentioned about finding out why false-positives were flagged as such (using the why.py) script, but, as mentioned, that script seems to now use an unknown CLI option. Is there any other way to find out what actual tests are being done? Thanks, John. -- --------------------------------------------------------------- John Horne, University of Plymouth, UK Tel: +44 (0)1752 587287 E-mail: john.ho...@plymouth.ac.uk Fax: +44 (0)1752 587001 _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
