Re: [Clamav-users] IMAP with web.de does not save send messages
On Wednesday November 14, 2007 at 11:04:15 (AM) DINH Viêt Hoà wrote: > On Nov 14, 2007 4:56 PM, Colin Leroy <[EMAIL PROTECTED]> wrote: > > On Wed, 14 Nov 2007 16:41:05 +0100, DINH Viêt Hoà wrote: > > > > An interesting task, but one that takes a lot of time, and puts a lot > > of responsability on the implementor's shoulders -- I wouldn't want to > > be the one that causes massive data loss to some users. > > chicken :) Nothing ventured, nothing gained! -- Gerard A South American scientist from Argentina, after a lengthy study, has discovered that people with insufficient sexual activity read their e-mail with their hand on the mouse. Do not bother taking it off now; it is too late. ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Phishing feature defaults, naming, and 0.92
On Wednesday November 14, 2007 at 01:01:44 (PM) Török Edwin wrote: > You can filter based on "virus found name", and those containing > 'Heuristics' can go to your special folder. > Or you can turn the feature entirely off. > > [1] http://lurker.clamav.net/message/20071114.165015.e815b938.en.html > > P.S.: the performance issues with the phishing feature will be fixed in > 0.92. > The team apologizes for the delay of 0.92, the reasons are beyond us: > licensing issues with unrar. This seems like a well thought out and reasonable solution. You are never going to please everyone no matter what your final solution is, so this would seem like a logical compromise. -- Gerard "The very powerful and the very stupid have one thing in common. Instead of altering their views to fit the facts, they alter the facts to fit their views ... which can be very uncomfortable if you happen to be one of the facts that needs altering." Doctor Who ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Phishing feature defaults, naming, and 0.92
Török Edwin wrote: > The default will be changed, but not to "off", see [1]. Please reconsider. An upgrade (that doesn't change the config file) should not introduce new behaviour (especially what I'd consider to be experimental behaviour.) If you are going to change the default *anyway*, please make it a useful change. Regards, David. ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Phishing feature defaults, naming, and 0.92
Jan-Pieter Cornet wrote: > PhishingScanURLs should be off, in my opinion, for every mailserver > installation that actually cares about delivering legitimate mails to > its users. So that would imply the default to be "off". > > Agreed, the defaults should not generate false positives, or have a very small chance to do so. The default will be changed, but not to "off", see [1]. > In fact, this very feature is the reason we are considering to stop the > use of ClamAV. You'll have the possibility to turn on only parts of the checks, see [1]. Are you considering to stop using ClamAV *entirely* or just turn off specific features? > Complete lack of a standard naming scheme to distinguish > between viruses and phishing mails is also a factor here. > ClamAV does have different names for malware and phish. See http://wiki.clamav.net/Main/MalwareNaming. If you know particular signatures that don't respect these rules, please tell us. If you are referring to a standard naming scheme among different anti-virus products, it is an entirely different matter, and is just not possible generally. > The reason we're so concerned about this is the false positive rate. > Traditionally, virus scanners have had a negligible false positive > ratio (less than 1 in 1E9, typically). This means it is in > practice no problem to flat-out reject or discard mails that are flagged > as a virus. > Agreed. > However, spam and phishing detection has a much higher false positive > rate, so it's very unwise to discard the mails, and it's usually bad > to reject them (because of automatic bounce handling by legitimate bulk > mailers), so we put such mails in a special folder. Why does this make you wanting to drop the use of ClamAV? You can filter based on "virus found name", and those containing 'Heuristics' can go to your special folder. Or you can turn the feature entirely off. [1] http://lurker.clamav.net/message/20071114.165015.e815b938.en.html P.S.: the performance issues with the phishing feature will be fixed in 0.92. The team apologizes for the delay of 0.92, the reasons are beyond us: licensing issues with unrar. --Edwin ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html