[clamav-users] Using clamav to test for bad links in incoming emails
Gene Heskett
gheskett at shentel.net
Sat Feb 9 14:02:55 UTC 2019
On Saturday 09 February 2019 08:46:52 J.R. wrote:
> > Has anyone rigged clamd to check what looks like questionable links
> > contained in incoming emails? It seems over the last 2 weeks my spam
> > has tripled, and I suspect the real payload is in the urls in the
> > message.
> >
> > Or is this so time consuming and bandwidth wasting its not worth it?
>
> There are some 3rd party clamav definitions that are geared towards
> spam. However, for something that's just plain-text I think would be
> better served by an anti-spam package like SpamAssassin or similar
> that can do Greylisting, RBL lookups, Bayes analysis, SPF & DKIM, and
> all that good stuff.
I'm already looking at everything with spamd, but this stuff is a new
style with a payload url, and gibberish text, often mentioning the
matrix. And while bayes will eventually get smart, it hasn't yet.
But I have a cron job that feeds that stuff to sa-learn every night, but
that takes weeks to register in that database. You folks seem to be
more actively trying to do something about it.
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <http://geneslinuxbox.net:6309/gene>
More information about the clamav-users
mailing list