I have played long with this and IMMO do not put your expectations too high...
Google has two versions of the SafeBrowsing DB. The public one: the one youcan
download with the Google API and used by Clam as stated by Kevin, and a
secondone, used by Chrome and some security vendors (i guess by paying).
The difference between both versions is just "time": latest URLs updates take
up from hours to some daysto go from the public DB to the "good" one.
Not happy enough with that, Rob McEwen fears come true... Checks are done by
removingthe least significant part of each URLs one by one... so a complet
phishing URL willmatch as well as its domain does!
There is a perl module (thanks to Julien Sobrier) you can use for a SA
plugin...https://metacpan.org/pod/Net::Google::SafeBrowsing4
I have tested it and works ok but is pretty slow since a simple URL generates
many querys(becasue it works as Google suggests: removing the least signifcat
part and trying again, and again, and...)
Ken, Kevin, maybe it would be a good idea to have a SA plugin to use it if we
modify the code to check "only"the full URL...
Regards,
Pedro.
