This is my opinion, and like many things, everyone has one. I'd like to suggest a subtly different approach/guideline:
Any time new functionality is added, leave the new functionality disabled by default. I believe, in this case, that means the PhishingScanURLs option would have been disabled by default. As an additional example, if ClamAV added an option to perform RBL blocking (I am by no means suggesting that such a feature be added), it would be disabled by default. I would additionally suggest that any scanning option that goes beyond signature-based virus scanning should probably be disabled by default. While I agree with John Rudd's assertion that it is valuable to be able to override defaults at compile-time, leaving new options disabled by default provides an extra layer of protection for those of us that may not notice the existence of a new option in a new release of a given software package. I count myself as a member of that group. All of these "disabled by default" notions go hand-in-hand with assigning first priority to avoiding false positives. I believe ClamAV has just such a priority, and see this as a natural extension of an existing design philosophy. --Kyle _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html