BitFuzzy [EMAIL PROTECTED] wrote: > The difference between what's being detected as phishing attempts is > that they are crafted to make you believe you are at > http://www.your-bank.com, ebay.com, paypal.com, etc. They are in most > cases very convincing, thus not only the foolish can fall prey. (I know > very savvy people who fell for these)
Using heuristics (i.e. malware signatures) to re-actively detect typical _formal_ characteristics of faked messages is bound to result in significant failure rates, either in false positives or in false negatives. The way to combat phishing is to employ sender authentication methods such as SPF, DomainKeys, and public-key message cryptography. Both service providers (banks, eBay, PayPal, etc.) and users need to learn to use the right tools for the job. Neither SpamAssassin nor ClamAV are the right tools. _______________________________________________ http://lurker.clamav.net/list/clamav-users.html