Matt Fretwell wrote: > Julian Mehnle wrote: > > Brian Morrison wrote: > > > You don't give up do you? ;-) > > > > Not until someone convincingly explains to me why my request for a > > practical option to distinguish between technical and non-technical > > threats (i.e. exploitation of technical flaws in software vs. > > exploitation of end-user naivet�) is inappropriate. > > This discussion waged for ages the last time it was brought up. Do me a > favour and just read the archives. It was mind numbing back then, and > I'm sure it will not be any less so now.
I don't have to read the archives, I was the one who initiated the mid-November monster thread (in a totally reasonable and non-inflammatory way), and I have read all of it. Most of my reasonable points have remained unanswered, though, apart from flames that effectively amount to "shut up". For instance: Julian Mehnle wrote: | Matt [EMAIL PROTECTED] wrote: | > Getting back to the somewhat original question, if you download the | > signatures.pdf from the Clam website, that gives you a general listing | > of the different classes of various virii/malware naming conventions. | > That should give you an idea of which parts of the database you may | > wish to remove. | | Thanks for your constructive reply. | | If you mean section 3.5, unfortunately there is not mention of the | "Phishing" prefix, so obviously this list is not complete. The fact | that a "Joke" prefix (for hoaxes) is also listed there makes me worry | how many more supposed "malware" categories are unconditionally | detected by ClamAV which I would not want to be detected as malware... | | Also please keep in mind that a modular sig db would relieve ClamAV | users from downloading signatures they don't plan using. Having to | remove unwanted sigs yourself requires you to download all existing | sigs. Julian Mehnle wrote: | To those of you who argue that ClamAV should detect phishing attacks | even though tools like SpamAssassin are designed and inherently better | suited for doing that, I'd like to say that you will never really be | able to abandon SpamAssassin & Co. anyway. ClamAV will never be able | to replace SpamAssassin without becoming SpamAssassin. | | Bit Fuzzy [EMAIL PROTECTED] wrote: | > I can't believe this one subject can create such a mess. | | I absolutely concur. Considering that exactly _no one_ here demanded | that ClamAV abandon its capacity for detecting phishing attacks, little | yellow rubber ducks in PNG images, or whatever else, the uproar is truly | ludicrous. What was actually requested is that there be an _option_ not | to scan for certain classes of malware. No one would be disadvantaged | by that. _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
