Matus UHLAR - fantomas wrote:
> > I upgraded ClamAV from 0.91.2 to 0.93.1 and found out that the
> > PhishingRestrictedScan option is gone.
> >
> > I have always used PhishingRestrictedScan=no, how can I have the same
> > behaviour in 0.93.1? I don't mind some FPs because of this setting.
>
> I don't remember exactly what did it do,
PhishingRestrictedScan BOOL
Use phishing detection only for domains listed in the .pdb data-
base. It is not recommended to have this option turned off,
because scanning of all domains may lead to many false posi-
tives!
Default: yes
> but are currenc Phish* settings insufficient to you?
Yes, they are insufficient. I have always had PhishingRestrictedScan=no
and ClamAV did a good job of catching phishing in all domains, not
only those listed in the database. After the upgrade, my users started
receiving many phishing mails from some .ru domains:
# grep -a ^H /var/db/clamav/daily.cld | grep -c "\.ru"
0
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:[EMAIL PROTECTED]
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
