[clamav-users] Encrypted Word doc/phishing attack

Reindl Harald h.reindl at thelounge.net
Wed Oct 5 15:16:01 EDT 2016

Am 05.10.2016 um 21:09 schrieb Michael Grant:
> I see a ton of these too.  But I also have clients who get password
> protected documents all the time, so it's a bit difficult to just blanket
> block all password protected documents

you don't need to - they just get a additional score in SpamAsssin which 
is balanced with BAYES_00 - BAYES_40 in case of ham and combined with 
higher bayes-results and other rules in case of spam

if you don't reach 90-95% hit-quite yu are doing something wrong

More information about the clamav-users mailing list