This is my opinion, and like many things, everyone has one.
I'd like to suggest a subtly different approach/guideline:
Any time new functionality is added, leave the new
functionality disabled by default.
I believe, in this case, that means the PhishingScanURLs option
would have been disabled by default.
As an additional example, if ClamAV added an option to perform
RBL blocking (I am by no means suggesting that such a feature
be added), it would be disabled by default.
I would additionally suggest that any scanning option that goes
beyond signature-based virus scanning should probably be disabled
by default.
While I agree with John Rudd's assertion that it is valuable to
be able to override defaults at compile-time, leaving new options
disabled by default provides an extra layer of protection for those
of us that may not notice the existence of a new option in a new
release of a given software package. I count myself as a member of
that group.
All of these "disabled by default" notions go hand-in-hand with
assigning first priority to avoiding false positives. I believe
ClamAV has just such a priority, and see this as a natural extension
of an existing design philosophy.
--Kyle
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
