22 Sep
2011
22 Sep
'11
5:36 p.m.
- Rick Romero rick@havokmon.com:
There are additional 'non-official' ClamAV signatures that are meant to detect phishing attempts. They do work, but aren't perfect.
Got a link? Or are you thinking of the SaneSecurity Signatures?
I'm fortunate enough to be on the phishing list, so I wrote a quickie perl script that will grep the logs for all the recipients and then scan their INBOX for the phishing email and remove it before they read it.
I usually use doveadm for this.
-- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt@charite.de | http://www.charite.de