On 07/26/2011 11:59 PM, Al Varnell wrote: > Is there something going on with subject infections? I see that it's listed > on the clamav home page as a "Current Threat". We got several users asking > about this in the ClamXav Forum (including a Linux user?) and I can't seem > to find it in the signature database any more. >
It is an engine detection (actually it is Heuristics.Phishing.Email.SpoofedDomain). All engine detections are prefixed with 'Heuristics.'. This detection is for phishing emails, you can look in daily.pdb to see a list of 'protected' domains (i.e. if a phishing email targets one of those domains we should detect it). Best regards, --Edwin _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
