[clamav-users] Encrypted Word doc/phishing attack
Reindl Harald
h.reindl at thelounge.net
Wed Oct 5 15:16:01 EDT 2016
Am 05.10.2016 um 21:09 schrieb Michael Grant:
> I see a ton of these too. But I also have clients who get password
> protected documents all the time, so it's a bit difficult to just blanket
> block all password protected documents
you don't need to - they just get a additional score in SpamAsssin which
is balanced with BAYES_00 - BAYES_40 in case of ham and combined with
higher bayes-results and other rules in case of spam
if you don't reach 90-95% hit-quite yu are doing something wrong
More information about the clamav-users
mailing list