clamav-users May 2010 archive
Main Archive Page > Month Archives  > clamav-users archives
clamav-users: Re: [Clamav-users] excluding signatures on SMTP

Re: [Clamav-users] excluding signatures on SMTP

From: Stephen Gran <steve_at_nospam>
Date: Tue May 11 2010 - 21:35:22 GMT

On Tue, May 11, 2010 at 11:27:54PM +0200, Matus UHLAR - fantomas said:
> Hello,
> I'm working on code that would prevent rejecting some kinds of signarures at
> SMTP level. For example, phishing reports sent to abuse@ contact should
> pass, even if they contain phishing signatures.
> Now I'm curious which patterns to exclude from rejecting:
> I'm sure about "Phishing" in signature name but what about "Suspect" ?
> And are there any others I should count with?
> I'm not using any 3rd party signatures yet.
> ...I know that I can turn off phishing detection using PhishingSignatures
> and/or PhishingScanURLs directives, but that's not what I want.

Why not do selective rejects in your MTA based on the name of the
signature matched? The Phish ones and so on all follow a regular

-- -------------------------------------------------------------------------- | Stephen Gran | It is often the case that the man who | | | can't tell a lie thinks he is the best | | | judge of one. -- Mark Twain, | | | "Pudd'nhead Wilson's Calendar" | --------------------------------------------------------------------------

Help us build a comprehensive ClamAV guide: visit