Hi winnow.attachments.hdb winnow_bad_cw.hdb winnow_malware_links.ndb
Also work to stop these On Nov 15, 2012, at 4:55 PM, Steve Basford wrote: > >> OK, I'm stumped as to why clamav-milter did not catch this virus. It was >> from this address, being masked as from UPS: >> >> >> File: Invoices-14-2012.htm" >> > Hi Jamen, > > I've been seeing these java/htm combos over the last few days and been > adding detection to phish.ndb. > > The other bad stuff coming in should be detected with: > > phish.ndb, rogue.hdb and blurl.ndb > > OITC's sigs are also recommended. > > More details here: > http://www.sanesecurity.com/clamav/databases.htm > > > Cheers, > > Steve > Sanesecurity > > _______________________________________________ > Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net > http://www.clamav.net/support/ml _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
