On Feb 8, 2018, at 3:52 AM, Matus UHLAR - fantomas
<[email protected]<mailto:[email protected]>> wrote:
when submitting phish samples, should I use the same form as for malware?
(https://www.clamav.net/reports/malware)
some time ago it contained selection list whether it's malware, phish, false
positive.
Now the page contains forms for malware and false positives - no phishes.
I hope phishes are still to be detected :)
side question: is it fine to strip sample of an e-mail of private data like
recipient mail address, Received: headers etc?
On 08.02.18 18:54, Joel Esler (jesler) wrote:
So, there's two things you can do here, I think. Phish can be submitted to
ClamAV in the same way you submit malware. Phish can also be sent in to
phishtank.com (also a project ran by my team) which
allows community voting on phish to product a blacklist for users to use.
so, phish samples to clamav, URLs to phishtank.com.
what about stripping private information, like recipients and Received:
headers - it that fine?
--
Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux - It's now safe to turn on your computer.
Linux - Teraz mozete pocitac bez obav zapnut.
_______________________________________________
clamav-users mailing list
[email protected]
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
