How do I get clamav to not cc the intended user with the virus notification
message?
Thanks
Mark Penkower
At 01:51 PM 11/15/2004, you wrote:
Brian Morrison [EMAIL PROTECTED] wrote:
2) It takes extra work for someone to make the decision, create the
separate databases etc.
Diego d'Ambra [EMAIL
On Mon, 29 Nov 2004 13:50:40 -0500 in
[EMAIL PROTECTED] Mark Penkower
[EMAIL PROTECTED] wrote:
How do I get clamav to not cc the intended user with the virus
notification message?
ClamAV doesn't do that, it is your MTA that does it.
--
Brian Morrison
bdm at fenrir dot org dot uk
GnuPG
Give the --postmaster-only option to clamav-milter.
-Nigel
On Mon, 2004-11-29 at 18:50, Mark Penkower wrote:
How do I get clamav to not cc the intended user with the virus notification
message?
Thanks
Mark Penkower
At 01:51 PM 11/15/2004, you wrote:
Brian Morrison [EMAIL
On Tue, 16 Nov 2004 01:31:22 +0100 in
[EMAIL PROTECTED] Julian Mehnle
[EMAIL PROTECTED] wrote:
If people require machines as desperately as that to prevent
themselves from falling for fraud attempts, humanity is truly doomed.
It always has been. Never mind the quality, feel the *width*.
--
On Tue, 16 Nov 2004 at 1:31:22 +0100, Julian Mehnle wrote:
If people require machines as desperately as that to prevent themselves
from falling for fraud attempts, humanity is truly doomed.
It already is ;-) .
Anybody who doubts it can have a look:
On Tue, 16 Nov 2004, Julian Mehnle wrote:
If people require machines as desperately as that to prevent themselves
from falling for fraud attempts...
...then they're pretty much behaving in the manner humanity always has and
always will.
To those of you who argue that ClamAV should detect
On Tue, 16 Nov 2004, Julian Mehnle wrote:
Announcingple require machines as desperately as that to prevent themselves
from falling for fraud attempts...
...then they're pretty much behaving in the manner humanity always has and
always will.
To those of you who argue that ClamAV should
Matt [EMAIL PROTECTED] wrote:
Trog wrote:
I'm not trying to scare you away, I really don't care what you do.
I've told you how you can easily do what you want, using ClamAV.
As Trog has already mentioned, you can simply remove the phishing
signatures from the database. This is not
Julian Mehnle wrote:
Pardon me, Trog offered me two options, of which user another product
was the first. If that isn't scaring me away for you, then I don't know
what is.
That was just another alternative :)
I might be able to remove the signatures I don't want, but I would still
have
On Mon, 15 Nov 2004 16:02:03 +0100
Julian Mehnle [EMAIL PROTECTED] wrote:
Matt [EMAIL PROTECTED] wrote:
Julian Mehnle wrote:
I might be able to remove the signatures I don't want, but I would
still have to know if there is an authoritative hierarchy of
signature names from which I can
Tomasz Kojm [EMAIL PROTECTED] wrote:
Julian Mehnle [EMAIL PROTECTED] wrote:
Thanks, but the point of my question was that I wanted to know whether
there are more social engineering signature in the database than
just phishing ones.
Yes, there are. E.g. HTML.Mydoom.email-gen-1 and
Julian Mehnle wrote:
Thanks, but the point of my question was that I wanted to know
whether there are more social engineering signature in the
database than just phishing ones.
Apologies. I misinterpreted that question.
Yes, there are. E.g. HTML.Mydoom.email-gen-1 and others...
Julian Mehnle wrote:
Dennis Skinner [EMAIL PROTECTED] wrote:
Julian Mehnle wrote:
Besides, if mail servers started using SPF (or similar authentication
techniques) to verify envelope sender addresses, whoever publishes SPF
records for his domains would be
Not to start another flame war, but I find
Matt [EMAIL PROTECTED] wrote:
The problem is that, as yourself and others have mentioned, the
distinction between the different categories are dependant upon personal
interpretation. What one classes as social engineering, someone else may
class as, for example, malware. Even though they can
On Mon, 15 Nov 2004 17:48:35 +0100 in
[EMAIL PROTECTED] Julian Mehnle
[EMAIL PROTECTED] wrote:
But there definitely is a distinction between technical attacks and
social engineering attacks, even though they're somewhat overlapping.
I can't see logically how things that are distinct can also
On Mon, 15 Nov 2004 17:53:31 +0100 in
[EMAIL PROTECTED] Julian Mehnle
[EMAIL PROTECTED] wrote:
Trog [EMAIL PROTECTED] wrote:
Please give a full definition of Spam and Malware/Viruses that do
not intersect, and will never intersect for all future Spam and
Malware such that we can be sure we
On Mon, 2004-11-15 at 16:53, Julian Mehnle wrote:
Trog [EMAIL PROTECTED] wrote:
Please give a full definition of Spam and Malware/Viruses that do not
intersect, and will never intersect for all future Spam and Malware such
that we can be sure we know what you are requesting.
The
Brian Morrison [EMAIL PROTECTED] wrote:
What I am suggesting is that, because you appear to have a requirement
that is significantly different from nearly everyone else that has
responded in this thread,
(I don't think you're judging the proportions correctly.)
you are in the best position
On Nov 15, 2004, at 11:48 AM, Julian Mehnle wrote:
Matt [EMAIL PROTECTED] wrote:
The problem is that, as yourself and others have mentioned, the
distinction between the different categories are dependant upon
personal
interpretation. What one classes as social engineering, someone else
may
class
On Nov 15, 2004, at 11:48 AM, Trog wrote:
Not one of the Clam developers have proposed adding general spam
detection to ClamAV.
You're right. This was an idea being proposed, I thought...a
suggestion. Isn't this something worth going over on a users list as
discussion?
Sorry if not... :-/
Trog [EMAIL PROTECTED] wrote:
What you don't seem to understand is that the distinction between
technical attacks and social engineering attacks is irrelevant, because
thats not what *any* anti-virus product has as a requirement.
So now you're declaring _my_ requirements irrelevant. I'm not
On Nov 15, 2004, at 11:54 AM, Brian Morrison wrote:
On Mon, 15 Nov 2004 17:48:35 +0100 in
[EMAIL PROTECTED] Julian Mehnle
[EMAIL PROTECTED] wrote:
But there definitely is a distinction between technical attacks and
social engineering attacks, even though they're somewhat overlapping.
I can't see
Brian Morrison [EMAIL PROTECTED] wrote:
Julian Mehnle [EMAIL PROTECTED] wrote:
Trog [EMAIL PROTECTED] wrote:
Please give a full definition of Spam and Malware/Viruses that do
not intersect, and will never intersect for all future Spam and
Malware such that we can be sure we know what
On Mon, 2004-11-15 at 12:12 -0500, Bart Silverstrim wrote:
If it's a bunch of flashy graphics telling you to visit a website for
fantastic deals on hiding money from third world countries while
getting fantastic mortgage rates on your pen1s enlargement ointment,
it's for a spam filter.
On Mon, 2004-11-15 at 18:00 +0100, Julian Mehnle wrote:
Brian Morrison [EMAIL PROTECTED] wrote:
What I am suggesting is that, because you appear to have a requirement
that is significantly different from nearly everyone else that has
responded in this thread,
What I don't understand is
Julian Mehnle wrote:
technical := affecting the technical systems involved in storing and
transporting the data items subject to being scanned by ClamAV.
technical threat := (go figure...)
Would that include viruses that require action on the part of the
recipient? Included in password protected
On Nov 15, 2004, at 12:25 PM, Chris Meadors wrote:
On Mon, 2004-11-15 at 12:12 -0500, Bart Silverstrim wrote:
If it's a bunch of flashy graphics telling you to visit a website for
fantastic deals on hiding money from third world countries while
getting fantastic mortgage rates on your pen1s
On Nov 15, 2004, at 12:29 PM, Daniel J McDonald wrote:
clamav kills bad things - that's good, and I'd like it to be able to
continue to kill bad things in the same expedient manner that it has in
the past.
That's not entirely true. There are people who installed it on Windows
and Windows still
Chris Meadors [EMAIL PROTECTED] wrote:
How about an e-mail that contains a link that takes one to a webpage
that exploits the web browser to install a program that will intercept
the account information the next time the actual site is visited?
That's social engineering.
I know some of you
Julian Mehnle wrote:
The definition of what _I_ would like ClamAV to detect is: anything
that poses a technical thread, no matter whether it also poses a
social/fraud threat or not. That's a clear enough criterion, isn't it?
Again, that can be interpreted in different ways :) What is a
On Nov 15, 2004, at 12:32 PM, Dennis Skinner wrote:
How little user interaction is required before it is considered a
technical enough? Require the user to open the attachment? Require
the user to pop their mail?
Technically, most viruses these days are social engineered in some
way. Unlike
On Nov 15, 2004, at 12:43 PM, Matt wrote:
If the standard database was segregated, some people would inevitably
cock up their configs and run with partial protection. This can cause
problems not only for themselves, but others, in the case of
propogation.
Whitelist all traffic you want to allow!
Dennis Skinner [EMAIL PROTECTED] wrote:
Julian Mehnle wrote:
technical := affecting the technical systems involved in storing
and transporting the data items subject to being scanned by ClamAV.
technical threat := (go figure...)
Would that include viruses that require action on the part
Hanford, Seth [EMAIL PROTECTED] wrote:
I agree with Julian that Clam does not seem the logical solution to Spam
messages.
Please note that I have never talked about ClamAV unwantedly detecting
_spam_. I just talked about social engineering in general and about
phishing in particular.
Julian Mehnle wrote:
Counter question: What do have the following in common: 1. tricking a
user into clicking a link that takes him to a virus, and 2. tricking a
user into clicking a link that takes him to a web page that tricks him
into clicking on a link that takes him to the virus?
Answer:
Dennis Skinner [EMAIL PROTECTED] wrote:
Julian Mehnle wrote:
Counter question: What do have the following in common: 1. tricking a
user into clicking a link that takes him to a virus, and 2. tricking a
user into clicking a link that takes him to a web page that tricks him
into clicking
Trog wrote:
On Mon, 2004-11-15 at 16:39, Dave Goodrich wrote:
Julian Mehnle wrote:
Am I? I'm just saying that I think that a distinction between technical
attacks and social engineering attacks is possible and meaningful (even if
not everyone would make use of that distinction). That has nothing
Bart Silverstrim wrote:
I find it interesting though that I've yet to hear from anyone
commenting on my proposal to create a filter that will extract and
convert all emails into pure text, or reformat it so only certain things
can get through as an attachment with a pure text message so it
Thanks, but the point of my question was that I wanted to know
whether there are more social engineering signature in the
database than just phishing ones.
Getting back to the somewhat original question, if you download the
signatures.pdf from the Clam website, that gives you a
Ken Jones [EMAIL PROTECTED] wrote:
Knowing two freinds that have responded to phising emails and what it
took afterwards to correct the problem . they would beg you to
remove the possability of this threat.
Bit Fuzzy [EMAIL PROTECTED] wrote:
I'm sorry, but I personally know 7 people who
Matt [EMAIL PROTECTED] wrote:
Thanks, but the point of my question was that I wanted to know
whether there are more social engineering signature in the
database than just phishing ones.
Getting back to the somewhat original question, if you download the
signatures.pdf from the
Hi all,
since ClamAV reached v0.80, I am using it to scan and reject e-mail
messages. Today I noticed that ClamAV also detects phishing attacks.
Phishing is pure social engineering and poses no threat whatsoever in a
technical sense.
How can I configure ClamAV not to try to detect phishing and
Julian Mehnle wrote:
How can I configure ClamAV not to try to detect phishing and other
social engineering attacks?
Why? Your prerogative, obviously, but I am just curious.
Matt
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
On Sun, 14 Nov 2004 13:58:53 +0100
Julian Mehnle [EMAIL PROTECTED] wrote:
Hi all,
since ClamAV reached v0.80, I am using it to scan and reject e-mail
messages. Today I noticed that ClamAV also detects phishing attacks.
Phishing is pure social engineering and poses no threat whatsoever in
BitFuzzy [EMAIL PROTECTED] wrote:
So blocking [social engineering attacks] can only be seen as a good
thing.
I disagree, and I already explained why.
I don't even request that ClamAV completely stop detecting such stuff, I
just request that I have the option of disabling it.
This is a me too. I am ABSOLUTELY in love with ClamAV due to the fact
it has gone beyond what most commercial AV players are doing, and is
incorporating scanning for phishing and spyware.
If you follow the industry, you will see that most AV vendors are
bringing out *separate* products to
46 matches
Mail list logo