On 31 March 2017 19:14:36 Steven Morgan <smor...@sourcefire.com> wrote:
Mauro, It is not clear what MailFollowURL did. Have a look at docs/phishsigs_howto.pdf for a description of how to scan for URLs. This may have subsumed MailFollowURL.
It did a curl on any urls found in the body and fetched the content... before scanning the content... bit of a summary here...
https://lists.gt.net/clamav/users/22230
Cheers, Steve Twitter: @sanesecurity _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
