Hi, By reading the docs/signatures.pdf i've succeeded in creating my own hex signatures but how is it works for phishing mails? Doesn't it need a feature like "-mail--normalise" (like the "--html-normalise") in order to get rid of the header part of the phishing mail? Anyone can explain me the procedure in forming such phishing .db files?
thanx, Derya Sezen Bu e-posta mesaji ve ekleri sadece gonderildigi kisi veya kuruma ozeldir. Eger dogru kisiye ulasmadigini dusunuyorsaniz, bu mesajin yonlendirilmesi, kopyalanmasi veya herhangi bir sekilde kullanilmasi yasaktir.Mesaj iceriginde bulunan fikir ve yorumlar, SUPERONLINE'a degil sadece gondericiye aittir. Bu mesaj bilinen tum viruslere karsi test edilmistir. This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you are not the intended recipient you are hereby notified that any dissemination, copying or use of the information is prohibited. The opinions expressed in this message belong to sender alone. There is no implied endorsement by SUPERONLINE.This e-mail has been scanned for all known computer viruses. _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
