On 22/09/11 15:39, Rick Romero wrote:
There are additional 'non-official' ClamAV signatures that are meant to detect phishing attempts. They do work, but aren't perfect.
Got a link? Or are you thinking of the SaneSecurity Signatures?
Yep. The SaneSecurity Sigs.
We do use ClamAV+SaneSecurity on incoming email, but these are *very* targetted phishing attacks, and lots of them manage to get through. The Kochi application that I brought up sits on the *outgoing* mail routers and prevents people sending out their login details once they've been tricked.
-- Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F