Am 22.09.2011 16:36, schrieb Ralf Hildebrandt: > * Rick Romero <r...@havokmon.com>: > >> There are additional 'non-official' ClamAV signatures that are meant >> to detect phishing attempts. >> They do work, but aren't perfect. > > Got a link? Or are you thinking of the SaneSecurity Signatures? > >> I'm fortunate enough to be on the phishing list, so I wrote a quickie >> perl script that will grep the logs for all the recipients and then >> scan their INBOX for the phishing email and remove it before they >> read it. > > I usually use doveadm for this. >
why not simply use clamav-milter with sanesecurity sigs ( works like charme here ) so the stuff dont pass ever in mailboxes, if you dont like reject , then hold for manual human admin interaction -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria
