On 31 March 2017 19:14:36 Steven Morgan <smor...@sourcefire.com> wrote:
It is not clear what MailFollowURL did. Have a look at
docs/phishsigs_howto.pdf for a description of how to scan for URLs. This
may have subsumed MailFollowURL.
On 31.03.17 19:51, Steve Basford wrote:
It did a curl on any urls found in the body and fetched the
content... before scanning the content... bit of a summary here...
https://lists.gt.net/clamav/users/22230
among other, it provided spammers evidence their mail was read.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"To Boot or not to Boot, that's the question." [WD1270 Caviar]
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
