[SURBL-Discuss] RE: Adding SpamBouncer phishing data toph.surbl.org

Jeff Chan jeffc at surbl.org
Mon Aug 1 08:07:03 CEST 2005

On Sunday, July 31, 2005, 7:53:00 PM, Catherine Hampton wrote:
>> And quality software allows you to have it "your way" --
>> as I understand it ClamAV 0.9 (we're on 0.84-2) will add
>> an option.

> <chuckle>  Some ClamAV developers are active on several 
> anti-spam lists and forums, and have been hearing complaints 
> about their anti-phishing filters from some of their
> best customers/users.  Since they *are* reasonable folks,
> they listened.

>> I like it, so does Greg --others don't like it; good
>> software let's us choose when possible.

> Actually, I like it and regularly recommend it to users who
> are running SpamBouncer on small company, academic, or ISP
> mailservers.  SB's own anti-virus filters aren't bad for
> getting the cr*p out of your mailbox, but they do NOT 
> constitute a full AV program, and aren't updated as quickly
> as a good AV program.  Despite my annoyance with one policy
> decision, I'm not dumb enough not to recognize that ClamAV is
> a good AV program.  (Better than merely good, according to 
> friends of mine who work at other AV companies and should 
> know.) 

FWIW We use ClamAV and SpamAssassin, and ClamAV certainly catches
a lot of wild viruses for us.  We probably also use ClamAV for
detecting phishes if that's the default behavior, and that's fine
by me too.  The more protection the better.  But my point is that
viruses and phishes are really two very different kinds of things
and tools for handling one may not always be appropriate for
handling the other.

As Catherine points out there are real-world operational issues
that can sometimes occur when these kinds of functions are
(unexpectedly) combined in the same application.

Jeff C.
Don't harm innocent bystanders.

More information about the Discuss mailing list