It may be worth mentioning that in addition to the [optional] SafeBrowsing CVD 
that you can choose to include, ClamAV has just started including PhishTank 
signatures late last month.

For those who curious, see   PhishTank 
signatures are prefixed with Phishtank.Phishing.

Micah Snyder
ClamAV Development
Cisco Systems, Inc.

On Dec 6, 2018, at 3:27 AM, Al Varnell 
<<>> wrote:

Frankly, I'm surprised that ClamAV finds any such URL's. They are way to 
dynamic (blacklisted one day and removed the next). ClamAV does malware 
detection over the long haul and trying to keep up with fraudulent web sites 
would be a full time job and better done by other means (e.g. Google Safe 


On Wed, Dec 05, 2018 at 11:33 PM, Sunny Marwah wrote:
Hello Team,

We are using clamav-0.100.2 to scan few HTML email templates.

Sometimes, there are deceptive URL's mentioned in those templates and that 
template should be detected as infected via ClamAV scan process.

I can see weird output of ClamAV scan process. Sometimes it detect such 
templates as infected and sometimes, it does not detect them as infected. And 
the URL's i am talking about, are so deceptive that even Google chrome browser 
don't let us open these URL's and show us clear warning as "Dangerous" about 
deceptive website.

Can you put your views behind such unpredictable behavior ?

If you want then i can report such URL's on your malware link for reporting.

clamav-users mailing list<>

Help us build a comprehensive ClamAV guide:

clamav-users mailing list

Help us build a comprehensive ClamAV guide:

Reply via email to