On 2017-02-13 14:39, Reindl Harald wrote:
Am 13.02.2017 um 14:33 schrieb TBits.net, Mailinglists:
On 2017-02-13 13:19, Reindl Harald wrote:
Am 13.02.2017 um 13:05 schrieb TBits.net, Mailinglists:
Hi @all,
clamav-milter identify an email as infected by
Heuristics.Phishing.Email.SSL-Spoof.
This is correct, but when I scan this file in the quarantine with
clamdscan or clamscan the file is clean.8154
It seams that the clamscan or clamdscan do not scan this file for
Phishing.
Is it possible to scan a text file as a mail to identify with
phishing?
clamdscan is using clamd the same way as "clamav-milter" and so if
it's the same clamd configuration it behaves identically
clamav-milter identify it as Heuristics.Phishing.Email.SSL-Spoof but
in
clamdscan it is clean.
And I think the result should be the same
they are - proven by a webinterface where i upload eml files at pass
them through spamd and clamdscan using two different clamd-instances
which are used by clamav-milter and/or spamassassin
are you 100% certain that clamdscan is using the identical clamd
instance with identical configuration?
Yes only one instance of clamd is running.
I scan only the quarantined mail which was hold by clamav-milter before.
Tested under different servers, on all servers are the same result.
----------------------------------------------------------------
Diese Nachricht wurde versandt mit Webmail von www.tbits.net.
This message was sent using webmail of www.tbits.net.
_______________________________________________
clamav-users mailing list
[email protected]
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
