[clamav-users] PhishingScanURLs no/yes
G.W. Haywood
clamav at jubileegroup.co.uk
Tue Aug 11 07:56:36 UTC 2020
Hi there,
On Tue, 11 Aug 2020, Gary R. Schmidt wrote:
> On 11/08/2020 00:53, Paul via clamav-users wrote:
>>
> [SNIP]
>> Further digging has led me to find that when 'PhishingScanURLs no" is set
>> the signatures in safebrowsing.cld are not loaded by clamd.
>>
> Well, there's a win for plain and simple use of the English language (or a
> close approximation thereof. ;-) ).
[quote From "Prejudices: Second Series" by H.L. Mencken, 1880-1956]
Explanations exist; they have existed for all time; there is always a
well-known solution to every human problem - neat, plausible, and wrong.
[/quote]
Quoting from the freshclam.conf 'man' page:
"SafeBrowsing BOOL
This option enables support for Google Safe Browsing. When activated
for the first time, freshclam will download a new database file
(safebrowsing.cvd) which will be automatically loaded by clamd and
clamscan during the next reload, provided that the heuristic
phishing de? tection is turned on. This database includes
information about websites that may be phishing sites or possible
sources of malware. When us? ing this option, it's mandatory to run
freshclam at least every 30 minutes. Freshclam uses the ClamAV's
mirror infrastructure to distribute the database and its updates but
all the contents are provided under Google's terms of use. See
https://support.google.com/code/answer/70015 and
https://www.clamav.net/documents/safebrowsing for more information.
Default: no"
And at http://www.clamav.net/documents/safebrowsing:
"The Safebrowsing database is packed inside a CVD file and distributed
through our mirror network. This feature is disabled by default on all
installations and should be enabled with extreme care."
...
"There is no option in clamd.conf. If the engine finds Google Safe
Browsing files in the database directory, ClamAV will enable safe
browsing. To turn it off you need to update freshclam.conf and remove
the safebrowsing files from the database directory before restarting
clamd."
--
73,
Ged.
More information about the clamav-users
mailing list