[clamav-users] Google safebrowsing types and usage questions
G.W. Haywood
clamav at jubileegroup.co.uk
Mon Oct 19 22:33:17 UTC 2020
Hi there,
On Tue, 20 Oct 2020, iulian stan via clamav-users wrote:
> After a beer things started to look more clear :)
Why didn't I think of that? :)
> You were right about something: indeed clamav is looking for something before
> starting to look after URL but it's actually looking for what should be the
> start of email headers. In short words is looking for: "From someone".
Oh, bother, I didn't think of that either - and I even do it in my
milter, but it's a while since I wrote it. So is this safebrowsing
thing only going to work for links in emails? That seems odd, I'd
somehow thought it might be useful for people using clamd to scan
their HTTP traffic in in real time. A sort of scan-on-access. Not
that I'm advocating such a thing, but I've seen it mentioned.
> If you read ... carefully ...
That often works better. :)
> Long story short, safebrowsing is working ok ...
Fine - but I still think the documentation needs work.
> ... there are no hits which is quite surprising surprising i can say
> seeing the magnitude of the database entries and the scam/phishing
> flowing trough emails now-days.
It certainly seems true that the volume is increasing. Recently I've
been seeing thousands just from Hotmail accounts. They're trivial to
stop but I'd expect Microsoft to do a lot better at their servers. As
for Google's safebrowsing, as I said I don't use it - but given that
Hotmail's number one position in the spam charts here was previously
occupied by Gmail, I can't say that I plan to spend much time on it.
Glad you got it sorted out. :)
--
73,
Ged.
More information about the clamav-users
mailing list