On Mon, Feb 13, 2012 at 12:15:02PM +0100, Matus UHLAR - fantomas wrote:
> What I need is to pass phishes sent to one particular address
> (abuse@, since we should knnow when our customers send phishes)
You might be looking for these arguments of clamscan. You can also control this
in clamd.conf. Default is marked as "(*)".
--scan-mail[=yes(*)/no]
Scan mail files. If you turn off this option, the original files will
still be scanned, but without parsing individual messages/attachments.
--phishing-sigs[=yes(*)/no]
Use the signature-based phishing detection.
--phishing-scan-urls[=yes(*)/no]
Use the url-based heuristic phishing detection
(Phishing.Heuristics.Email.*)
--scan-pdf[=yes(*)/no]
Scan within PDF files. If you turn off this option, the original files
will still be scanned, but without decoding and additional processing.
--scan-html[=yes(*)/no]
Detect, normalize/decrypt and scan HTML files and embedded scripts. If
you turn off this option, the original files will still be scanned, but with‐
out additional processing.
--scan-archive[=yes(*)/no]
Scan archives supported by libclamav. If you turn off this option, the
original files will still be scanned, but without unpacking and additional
processing.
- Henri Salo
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
