On 6/14/07, Kelsey Cummings <[EMAIL PROTECTED]> wrote:
> Out of 912
> messages that were caught by Phishing.Email a full 123 were human verified
> false positives.
Please post output of:
clamconf|grep Phish
If you have PhishingRestrictedScan = No, its obvious what the problem is.
> An 87% accuracy rate is pretty awful and so it is clear
> that this feature is not ready for production mail systems yet.
>
> Nearly all of the 123 messages are legit or at least would appear to be
> legit list traffic.
You can run with --debug, and look for Phishcheck: messages.
>
> I could work towards anonymizing the 123 messages so I can provide them as
> examples if that would be helpful.
That is quite a lot of work for 123 messages. Can you just anonymize a
few of them,
and attach them to a bugreport on our bugzilla.
>
> Meanwhile, how can I turn off just Phishing.Email while leaving the other
> signature passed phishing filters active?
PhishingScanURLs No
> It wasn't clear how to do this after reading the documentation.
man clamd.conf:
PhishingScanURLs BOOL
Scan URLs found in mails for phishing attempts.
Default: yes
P.S.: please don't post messages twice to the list.
Best regards,
Edwin
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net
