have found a condition when this parser fails on
clamav-0.97.5 and clamd reports OK though there is a known virus in
the message. I can provide samples and more details.
Who do I contact about it? Thank you in advance.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:suda...@sibptus.tomsk.ru
1.
I have come across this bug (?) when sending messages with the Unix
mail program. It does not generate the "Content-Type:" header so any
virus sent by the mail(1) program passes through ClamAV+Communigate.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:suda...@sibptus.tomsk
Matt Olney wrote:
> Can you submit a bug through https://bugzilla.clamav.net/ please? Shawn
> will keep working with you, but this will allow us to track this issue.
Bug 5764
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:suda...@sibptus.to
Colleagues,
I upgraded ClamAV from 0.91.2 to 0.93.1 and found out that the
PhishingRestrictedScan option is gone.
I have always used PhishingRestrictedScan=no, how can I have the same
behaviour in 0.93.1? I don't mind some FPs because of this setting.
Thank you for any input.
--
V
the database. After the upgrade, my users started
receiving many phishing mails from some .ru domains:
# grep -a ^H /var/db/clamav/daily.cld | grep -c "\.ru"
0
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:[EMAIL PROTECTED]
___
Help us build
;
> However keep in mind that this causes many false positives (especially
> legit newsletters are considered phishing as well).
>
> > After the upgrade, my users started
> > receiving many phishing mails from some .ru domains:
> >
> > # grep -a ^H /var/db/clama
You can obtain the functionality of PhishingRestrictedScan=no by listing
> >> all top level domains in a .pdb file, like so:
> >> H:com
> >> H:ru
> >>
> >>
> >
> > I get the idea, but the problem is there is no separate .pdb file
