At 11:31 PM +0300 9/23/09, Jari Fredriksson wrote:
> At 10:39 PM +0300 9/23/09, Jari Fredriksson wrote:
>>
I don't run ClamAV via SpamAssassin. I have it called
by amavisd-new, which does what it does: quarantine.
Sure hope your not using heuristics, phishing and/or
safebrowsing options in ClamAV if you feel that way.
I use amavisd-new default options, have not touched
those.
These are not amavis but clamav stock options. Please
read your config files.
Default Debian settings.
PhishingSignatures true
PhishingScanURLs true
PhishingAlwaysBlockSSLMismatch false
PhishingAlwaysBlockCloak false
DetectPUA false
ScanPartialMessages false
HeuristicScanPrecedence false
StructuredDataDetection false
This is what I found about Phishing and Heuristics. Dangerous? When
I review the quaratine anyway.
No more than sanesecurity rules and alot more than my
winnow_malware.hdb which would have caught your virus.
Point being you might just want to consider what you have running...
Tom
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
