On Tue, 2009-03-31 at 12:11 +0200, Matus UHLAR - fantomas wrote: > > Matus UHLAR - fantomas wrote: > > > Hmm, there could be an option for not rejecting signatures like > > > *.Phishing.* or Safebrowsing.* > > On 31.03.09 11:46, aCaB wrote: > > If you want to fine tune detection based on malware names you can either > > do the tuning in clamd (as explained above) or use OnInfected=Accept and > > AddHeader=Yes and postprocess the message based on the X-Virus- headers. > > Do you think that my advise is just not good, or do you advise me what to > until something like that will be done?
I think he is giving you a work-around. That would also allow you to use 3-rd party signatures that are spam indications, rather than malware. Amavisd-new is able to convert the signature name to either a "dead right there" list or a score to be added to the SpamAssassin value, and he is postulating that you might be able to accomplish much the same thing using header checks in your MTA after the milter has altered the message. -- Daniel J McDonald, CCIE #2495, CISSP #78281, CNX Austin Energy http://www.austinenergy.com
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
