Hi there, On Thu, 24 Dec 2009 Frank Murphy (Frankly3D) wrote:
> How does one setup clamav to automatically quarantine dodgy > Thunderbird emails. (mainly phishing) Normally you would run a mail server to do this. The mail server would use supporting programs like ClamAV to scan each message as it arrives, and then based on what the supporting programs tell it that they've found, the server would decide what to do with the message at delivery time. I imagine that you're using an ISP's mail server, and that Thunderbird grabs your incoming mail from it using POP3 or IMAP. > I have a clamscan cronjob running every 20mins on ~/.thunderbird > it finds the fish, but no quarantine. When the mail has reached your inbox, I'm afraid it's too late for ClamAV to do anything. You could easily script something however. Basically you'd need to find a package which can manipulate messages in a mail box, and which can call ClamAV for each message in the box. A number of such packages exist, Google will find some for you quite easily. Your script will tell the package to check if each message is phishy or not, and then if it is, move it to another box. By itself, ClamAV can't do that - it just scans the messages, and reports back if it finds anything (that you have told it is) undesirable. -- 73, Ged. _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
