On Friday December 08, 2006 at 12:19:14 (AM) Noel Jones wrote:
> I'm pleased with clamav's detection of phish, but I'm really
> impressed with Steve Basford's add-on rules for phish and other
> malicious non-viral email. I strongly recommend them.
> http://www.sanesecurity.com/clamav/
I hardil
At 08:32 PM 12/7/2006, Matt wrote:
This piqued my interest. I had a quick look at some logs and it
would appear at the relatively small ISP I work for, Clamav is
catching ~3500 phishing messages per day.
If the sigs were updated at a more feverish pace, I'm sure more
would get caught. So, w
jef moskot wrote:
I think the original point was that if Clam is going to scan for phishing
at all, the response time might be too slow to be useful, given the
frequency with which the content changes.
I haven't looked at our data closely enough to say whether or not this is
true for our site, b
Perhaps the original persons email could be better phrased "phishing
sigs take a long time to be generated, *does the clamav group need more
volunteers*?"
After all, if there are only 5 people doing all that work, then adding
another 5 may halve the turnaround time...
[perhaps a nice side project
jef moskot wrote:
> On Wed, 29 Nov 2006, JamesDR wrote:
>> ...if your users are being let down by the 'time it takes to get a
>> phish sig' then isn't about time their network/mail admin looked into
>> added levels of detection?
>
> I think the original point was that if Clam is going to scan for
On Wed, 29 Nov 2006, JamesDR wrote:
> ...if your users are being let down by the 'time it takes to get a phish
> sig' then isn't about time their network/mail admin looked into added
> levels of detection?
I think the original point was that if Clam is going to scan for phishing
at all, the respon
JamesDR wrote:
Dennis Peterson wrote:
JamesDR wrote:
I've found clam to be reactive to phishs, I've found SpamAssassin to
be proactive...
How does it do this?
Proactive may not be the best word here, but since it uses regex and
several rules applied to an email, it isn't reliant upon
Dennis Peterson wrote:
JamesDR wrote:
Dennis Peterson wrote:
Adam Stephens wrote:
On Tue, 28 Nov 2006, Dennis Peterson wrote:
Per Jessen wrote:
This is not really complaint, perhaps just an observation. On
25/11 around 1000CET I submitted a sample and again on 26/11 also
around 1000 I submi
JamesDR wrote:
Dennis Peterson wrote:
Adam Stephens wrote:
On Tue, 28 Nov 2006, Dennis Peterson wrote:
Per Jessen wrote:
This is not really complaint, perhaps just an observation. On 25/11
around 1000CET I submitted a sample and again on 26/11 also
around 1000 I submitted a second sample - b
On Wed, 29 Nov 2006, Dennis Peterson wrote:
> From: Dennis Peterson <[EMAIL PROTECTED]>
> To: ClamAV users ML
> Date: Wed, 29 Nov 2006 07:46:17 -0800
> Subject: Re: [Clamav-users] submit-to-publish time much too long for phishing
> Reply-To: ClamAV users ML
>
> Adam
Dennis Peterson wrote:
Adam Stephens wrote:
On Tue, 28 Nov 2006, Dennis Peterson wrote:
Per Jessen wrote:
This is not really complaint, perhaps just an observation. On 25/11
around 1000CET I submitted a sample and again on 26/11 also
around 1000 I submitted a second sample - both phishing. I'
Adam Stephens wrote:
On Tue, 28 Nov 2006, Dennis Peterson wrote:
Per Jessen wrote:
This is not really complaint, perhaps just an observation. On 25/11
around 1000CET I submitted a sample and again on 26/11 also
around 1000 I submitted a second sample - both phishing. I've only
just today arou
On Tue, 28 Nov 2006, Dennis Peterson wrote:
Per Jessen wrote:
This is not really complaint, perhaps just an observation.
On 25/11 around 1000CET I submitted a sample and again on 26/11 also
around 1000 I submitted a second sample - both phishing.
I've only just today around 1800CET received co
Nigel Horne wrote:
> Use the "experimental code", then. It does a good job at catching
> phishes that aren't even in the database.
OK, that sounds interesting, I'll take a look.
/Per Jessen, Zürich
___
Help us build a comprehensive ClamAV guide: vis
On Wed, 2006-11-29 at 05:37 -0500, Gerard Seibert wrote:
> On Wednesday November 29, 2006 at 04:17:30 (AM) Nigel Horne wrote:
>
> > On Tue, 2006-11-28 at 15:05 -0500, Gerard Seibert wrote:
> > > On Tuesday November 28, 2006 at 02:13:29 (PM) Per Jessen wrote:
> > >
> > > > Quick additional comment
On Wednesday November 29, 2006 at 04:17:30 (AM) Nigel Horne wrote:
> On Tue, 2006-11-28 at 15:05 -0500, Gerard Seibert wrote:
> > On Tuesday November 28, 2006 at 02:13:29 (PM) Per Jessen wrote:
> >
> > > Quick additional comment - I used to use the very same argument, but
> > > experience and age
On Tue, 2006-11-28 at 15:05 -0500, Gerard Seibert wrote:
> On Tuesday November 28, 2006 at 02:13:29 (PM) Per Jessen wrote:
>
> > Quick additional comment - I used to use the very same argument, but
> > experience and age have taught me that people are stupid.
>
> I would not say that. Perhaps abs
On Tue, 2006-11-28 at 20:27 +0100, Per Jessen wrote:
> Dennis Peterson wrote:
>
> > And the point is you don't have to come to harm if a
> > phishing pattern is not available.
>
> That depends on your expectations. If you're purely using it for your
> own personal protection, you're absolutely r
Per Jessen wrote:
Dennis Peterson wrote:
To blame ClamAV for letting you down is unkind and inaccurate.
Perhaps you would care to state the purposes of ClamAVs phishing
detection?
To make money.
Admittedly, I have not read up on it myself, but merely assumed it was
to provide reasonabl
Dennis Peterson wrote:
> To blame ClamAV for letting you down is unkind and inaccurate.
Perhaps you would care to state the purposes of ClamAVs phishing
detection?
Admittedly, I have not read up on it myself, but merely assumed it was
to provide reasonable means of protection against phishing
Gerard Seibert wrote:
> however, I believe 'stupid' is too harsh.
Perhaps - but a great deal more concise :-)
/Per Jessen, Zürich
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-user
On Tuesday November 28, 2006 at 02:13:29 (PM) Per Jessen wrote:
> Quick additional comment - I used to use the very same argument, but
> experience and age have taught me that people are stupid.
I would not say that. Perhaps absent-minded, absorbed, abstracted,
aimless, amnesic, benighted, bird-b
Per Jessen wrote:
Dennis Peterson wrote:
And the point is you don't have to come to harm if a
phishing pattern is not available.
That depends on your expectations. If you're purely using it for your
own personal protection, you're absolutely right. If you're using it
as a service to others,
Dennis Peterson wrote:
> And the point is you don't have to come to harm if a
> phishing pattern is not available.
That depends on your expectations. If you're purely using it for your
own personal protection, you're absolutely right. If you're using it
as a service to others, whether employees
Per Jessen wrote:
>> The best defense against phishing is and has always been education,
>> fwiw.
>
Quick additional comment - I used to use the very same argument, but
experience and age have taught me that people are stupid.
/Per Jessen, Zürich
Per Jessen wrote:
Dennis Peterson wrote:
The best defense against phishing is and has always been education,
fwiw.
Doesn't that apply to virus too?
Of course. And the point is you don't have to come to harm if a phishing
pattern is not available.
Given the ease with which these ca
Dennis Peterson wrote:
> I'm not aware of any systems that have been disabled or rendered
> useless be even the most aggressive phishing scheme.
Nor am I.
> The best defense against phishing is and has always been education,
> fwiw.
Doesn't that apply to virus too?
> Given the ease with w
Per Jessen wrote:
This is not really complaint, perhaps just an observation.
On 25/11 around 1000CET I submitted a sample and again on 26/11 also
around 1000 I submitted a second sample - both phishing.
I've only just today around 1800CET received confirmation for both. This
is respectively
This is not really complaint, perhaps just an observation.
On 25/11 around 1000CET I submitted a sample and again on 26/11 also
around 1000 I submitted a second sample - both phishing.
I've only just today around 1800CET received confirmation for both. This
is respectively about 56 and 32 hours
29 matches
Mail list logo
