[clamav-users] Can't detect deceptive URL's as infected !!
dennispe at inetnw.com
Thu Dec 6 03:21:13 EST 2018
You should probably look at http://uribl.com/ for this problem. ClamAV is
targeted toward viruses and malware in email. The uribl process uses DNS just
like DNS blacklists, is fairly light weight, and well maintained.
On 12/5/18 11:33 PM, Sunny Marwah wrote:
> Hello Team,
> We are using clamav-0.100.2 to scan few HTML email templates.
> Sometimes, there are deceptive URL's mentioned in those templates and that
> template should be detected as infected via ClamAV scan process.
> I can see weird output of ClamAV scan process. Sometimes it detect such
> templates as infected and sometimes, it does not detect them as infected. And
> the URL's i am talking about, are so deceptive that even Google chrome browser
> don't let us open these URL's and show us clear warning as "Dangerous" about
> deceptive website.
> Can you put your views behind such unpredictable behavior ?
> If you want then i can report such URL's on your malware link for reporting.
> clamav-users mailing list
> clamav-users at lists.clamav.net
> Help us build a comprehensive ClamAV guide:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the clamav-users