> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:clamav-users- > [EMAIL PROTECTED] On Behalf Of Julian Mehnle > Sent: 15. november 2004 17:54 > To: ClamAV users ML > Subject: RE: [Clamav-users] ClamAV should not try to detect phishing and > othersocial engineering attacks > > Trog [EMAIL PROTECTED] wrote: > > Please give a full definition of Spam and Malware/Viruses that do not > > intersect, and will never intersect for all future Spam and Malware such > > that we can be sure we know what you are requesting. > > The definition of what _I_ would like ClamAV to detect is: anything that > poses a technical thread, no matter whether it also poses a social/fraud > threat or not. That's a clear enough criterion, isn't it? >
Creating such a system has a dramatic impact on the work needed to classify a suspicious sample. These samples often contains weird Jave, HTML etc. that must be decoded and tested with different software versions to ensure no exploit is being triggered and/or harmful content installed. I'm aware of other AV products that allow you control "sample types" you want it to detect, but I believe that categorizing samples beyond what ClamAV offers today is too time consuming. Best regards, Diego d'Ambra
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
