Honestly I'm -0.5 on this. SA isn't a virus scanner, and while it could
The magic key that to my mind makes bringing it into the core set isn't
"virus", its "phish". Agreed, SA isn't a virus scanner and probably
shouldn't be; it is quite inefficient at that sort of thing.
My thoughts are the exact same as Loren. Knowing that Symantec Antivirus
was renamed to Symantec Endpoint Protection with the release of SAV 11, I
think there is a lot of convergence with AV products to handling malware of
all types including virii, trojans, backdoors, malware, spyware, adware,
phishing scams, etc. etc. etc. The nuances between each type is lost on the
vast majority of the users.
But in any case, ClamAV covers the same bases. The term Anti-Virus is just
too narrow. Endpoint Protection isn't bad but still not great.
The point is, ClamAV does block other things including phishes. While there
are better ways perhaps to do this, adding the code to have the plugin
disabled by default but available seems a decent idea.
And I would recommend this plug-in is used ESPECIALLY if someone was to use
ClamAV in a way that ONLY used phishing signatures which might not be safe
enough to use in an outright blocking manner but would be more suitable to
SA's scoring algorithms.
My vote remains +1.
Regards,
KAM
