Do any commercial AV scanners have phishing signatures? If not, that's a very strong argument for Clam.
Yes and no. Because Phishing is such a growing concern, EVERYONE is addressing it in some manner.
For example, I know there are signatures like Phish-BankFraud.eml.X in McAfee (http://vil.mcafeesecurity.com/vil/content/v_127728.htm).
I also know that Symantec has been gearing up to add everything under the sun to their "expanded threat" category.
However, from what I have researched, ClamAV is way beyond what other virus scanners are doing
But in most cases, URI RBLs like SURBL will be most effective with tagging Phish'ing if not blocking it because so many of the emails are now copying "real" emails verbatim. How can you content differentiate between a "real" and a phish without something like SURBL? Razor/AV/Content stuff just fail in these instances.
Regards, KAM
_______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
