Hi Steve, The site is interesting and will help with general cases but lately the school is getting phishing specific to the university, which does not help us. For an example, the latest phishing we got had a Subject: ODU Network and in the body of the message contained:
The reason for this message is because of the Email Scams & Phishing going on the ODU Network. We have decided to contact all our students and staffs to provide their password so that we can confirm the active users and to de-activate the inactive user. We regret the inconveniences this might have cost you. Please provide us with the below details. Username: Password: So, the e-mail team and security staff need to be able to create signatures so that clamd can detect this spam, and similar phishing, and need to get the database updated in a short time frame. I do not think submitting these to the ClamAV database maintainers or other signature maintainers to update the databases and get the databases downloaded is going to suffice. Regards, Darren Steve Basford wrote: > Hi Darron, > > You could try and use my add-on clamav sigs here: > > http://www.sanesecurity.co.uk/clamav/usage.htm > http://www.sanesecurity.co.uk/clamav/downloads.htm > > If your find the samples you have still are being missed: > > http://www.sanesecurity.co.uk/clamav/feedback.htm > > I'll see if I can create a signature for you, which may also help others. > > Also, extra docs (a little outdated here): > > http://www.sanesecurity.co.uk/clamav/docs.htm > > Cheers, > > Steve > Sanesecurity > > > > -- > BEGIN-ANTISPAM-VOTING-LINKS > ------------------------------------------------------ > > Teach CanIt if this mail (ID 98963468) is spam: > Spam: https://www.spamtrap.odu.edu/b.php?c=s&i=98963468&m=3736acdb8e69 > Not spam: https://www.spamtrap.odu.edu/b.php?c=n&i=98963468&m=3736acdb8e69 > Forget vote: https://www.spamtrap.odu.edu/b.php?c=f&i=98963468&m=3736acdb8e69 > ------------------------------------------------------ > END-ANTISPAM-VOTING-LINKS > > _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
