On Mon, Nov 12, 2007 at 04:22:47PM -0500, David F. Skoll wrote: > > My own opinion is that the developers are not going to change the default > > settings since they are what the majority of users would want enabled by > > default. > > Really? All posters on this thread who gave an opinion wanted > PhishingScanURLs off by default. I invite users who want > PhishingScanURLs to be on by default to come forward; I'll happily go > with the majority decision.
If there's going to be a vote, I haven't expressed my opinion in this thread yet. PhishingScanURLs should be off, in my opinion, for every mailserver installation that actually cares about delivering legitimate mails to its users. So that would imply the default to be "off". In fact, this very feature is the reason we are considering to stop the use of ClamAV. Complete lack of a standard naming scheme to distinguish between viruses and phishing mails is also a factor here. The reason we're so concerned about this is the false positive rate. Traditionally, virus scanners have had a negligible false positive ratio (less than 1 in 1E9, typically). This means it is in practice no problem to flat-out reject or discard mails that are flagged as a virus. However, spam and phishing detection has a much higher false positive rate, so it's very unwise to discard the mails, and it's usually bad to reject them (because of automatic bounce handling by legitimate bulk mailers), so we put such mails in a special folder. -- Jan-Pieter Cornet <[EMAIL PROTECTED]> !! Disclamer: The addressee of this email is not the intended recipient. !! !! This is only a test of the echelon and data retention systems. Please !! !! archive this message indefinitely to allow verification of the logs. !! _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
