Re: [Clamav-users] sigtool and phishing

From: FM <dist-list_at_nospam>
Date: Thu Jan 03 2008 - 16:40:22 GMT
To: ClamAV users ML <clamav-users@lists.clamav.net>

Tx for the reply but in my case it is not that easy.

I am using courier-mta and courier-pythonfilter to connect the mta and clamav
This filter is using libclamav directly

and in clamd.conf I have :

PhishingScanURLs no
PhishingSignatures no

but still have virus alert in the maillog

Regards,

Dennis Peterson wrote:
> FM wrote:
>
>> hello,
>> I have lots of false positive with clamav phishing detection.
>> What is the correct way to remove these rules using sigtool?
>>
>
>
> From a recent post:
>
> > You can disable the heuristics-based phish checks without
> > disabling the signature-based checks. Both the official
> > clamav and SaneSecurity sigs will still work, but the false
> > positive prone heuristics will be disabled.
> >
> > With clamscan, use the --no-phishing-scan-urls option.
> > For clamd/clamdscan set in your clamd.conf:
> > DetectPhishing yes
> > PhishingScanURLs no
> > and restart clamd.
>
>
> dp
> _______________________________________________
> Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
> http://lurker.clamav.net/list/clamav-users.html
>

Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html

This message: [ Message body ]
Next message: Paul Kosinski: "Re: [Clamav-users] Tomasz, you're an idiot, and you don't even know it"
Previous message: Rob MacGregor: "Re: [Clamav-users] Clam bugs/vulns (was Re: Tomasz, you're an id iot, and you don't even know it)"
In reply to: Dennis Peterson: "Re: [Clamav-users] sigtool and phishing"
Next in thread: Noel Jones: "Re: [Clamav-users] sigtool and phishing"
Reply: Noel Jones: "Re: [Clamav-users] sigtool and phishing"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]