On Thursday, January 6, 2005, 1:28:50 AM, Bas Zoetekouw wrote: > Hi Daniel!
>> Anyway, ClamAV can do what they want, but I think everyone building a >> corpus needs to put ClamAV phishing positive messages into their spam >> corpus rather than classifying them as viral and removing them from >> their corpus. I strongly suspect this is throwing off some of our >> forgery and anti-phishing rules. > Hmm, is there any way to detect automatically, whether a message is a > real virus or a phishing spam? Currently, all virusses I get go > directly to /dev/null The SURBL phishing list ph.surbl.org may catch some. Jeff C.
