Hope I haven't missed this one being discussed... but ... APER is a project hosted at Google Code (Anti-Phishing Email Reply) that tracks From, Reply-to, and Body URLs that match known phishing attacks. There are a few examples for how to use it ... but I was wondering:
Has anyone turned this into a regularly updated set of ClamAV signatures? I've been tasked with implementing it, and I'd love to be able to just plug it into my existing regiment of ClamAV signatures (I currently use MBL, MSRBL, and some (but not all) of the signatures hosted at Sane Security). _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml