> >> On Wed, 11 Mar 2009 17:56:22 +0000 > >> Ian Eiloart <i...@sussex.ac.uk> wrote: > >>> That sounds good. What does it do, though? > >>> My guess is that it enables freshclam to download copies of files > >>> containing URLs that Google considers "unsafe", and then clamd will > >>> block emails that contain those URLs. Is that right?
> > On 12.03.09 09:11, Spiro Harvey wrote: > >> http://code.google.com/apis/safebrowsing/ > >> > >> Sounds like it.. might be possible to check realtime too.. but the > >> quick blurb on the site just mentions downloading a lookup table to the > >> local machine. > On 2009-03-24 13:40, Matus UHLAR - fantomas wrote: > > Yes, but I found this question quite important and "Seems like it" is not > > satisfactory answer. Customers may (and already did) send us notices about > > unsafe pages in our hosting (shit happens, while clamav works good for > > rejecting infected files, it doesnt for .htaccess containing Rewrite*), and > > I'd like such mail _not_ to be blocked by clamav... On 24.03.09 14:07, Török Edwin wrote: > You can match on the virusname "^Safebrowsing.+", and send those > messages to a different folder. > If it is about customers reporting unsafe pages, then you wouldn't want > that to go to the spam folder either, would you? I mean, I don't want to detect safebrowsing when scanning incoming mail at SMTP level, i do when checking by SpamAssassin. > You can then filter based on the virusname, if you want to treat > phishing/safebrowsing-blacklisted entries as spam. Yes, that wil be important. Does clamav-milter support this for now? > > I'm also surprised that safebrowsing is an option only for freshclam. Some > > people reported running two instances of clamav, one with > > "PhishingSignatures off" for SMTP-level filtering, one with "on" for spam > > filter. Seems this won't be possible with safebrowsing database... > Turning off the heuristic-based phishing detection also turns off the > use of safebrowsing.cvd: "PhishingScanURLs off" Aha, that should be enough. Btw, which URL's does it check for? url-like strings in plaintext, urls in html, url-like strings in html ? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. "Two words: Windows survives." - Craig Mundie, Microsoft senior strategist "So does syphillis. Good thing we have penicillin." - Matthew Alton _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
