On 11.05.10 23:27, Matus UHLAR - fantomas wrote: > I'm working on code that would prevent rejecting some kinds of signarures at > SMTP level. For example, phishing reports sent to abuse@ contact should > pass, even if they contain phishing signatures. > > Now I'm curious which patterns to exclude from rejecting: > > I'm sure about "Phishing" in signature name but what about "Suspect" ? > And are there any others I should count with?
I'm using (perl) regular expressions. What can I expect in spam reports? \.Phishing ^Email\. ^HTML\. well, excluding last two gives me only one Phishing. signature: E-Mail.Phishing.SMT Can I safely assume that only those above don't include the bad code? > I'm not using any 3rd party signatures yet. > > ...I know that I can turn off phishing detection using PhishingSignatures > and/or PhishingScanURLs directives, but that's not what I want. -- Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. REALITY.SYS corrupted. Press any key to reboot Universe. _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
