Brian Morrison [EMAIL PROTECTED] wrote: > What I am suggesting is that, because you appear to have a requirement > that is significantly different from nearly everyone else that has > responded in this thread,
(I don't think you're judging the proportions correctly.) > you are in the best position to roll your own solution rather than > suggesting that ClamAV is changed to accommodate your requirement. > [...] > I find it really hard to understand why you want to do it as well, I > find that ClamAV kills the obvious signature-based phishing attacks and > SA spots those that ClamAV doesn't. Two lines of defence is fine by me. What I don't understand is that no one seems to be willing to discuss my proposal of making the signature database modular, i.e. offer social engineering attack signatures separately from technical attack ones for download and installation. That would solve my and others' problem nicely, and would take _nothing_ away from those who don't care what ClamAV detects. _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
