[SURBL-Discuss] RE: Adding SpamBouncer phishing data to ph.surbl.org

Greg Allen salist at floridacpu.com
Mon Aug 1 02:00:52 CEST 2005


Most antivirus companies appear to disagree with you for now. At this point
in time it is a competitive thing. They do it or they will not survive. My
McAfee saw your example ebay page as a Trojan "js/cardsteeler'.

This has been a debate for some time and the antivirus companies have
decided the debate. Can you look at it with SURBL also? Sure, but I am just
saying it is a lot of effort to add these disposable IP addresses into any
database. Who goes back and cleans up these databases 2 years from now when
maybe a real user gets one? It's your system, I am just giving you my
prospective, which could of course be wrong or...right. Time will tell.



>Personally, I don't think an AV program should attempt to detect
>anything other than a virus or trojan -- actual malicious code.
>ClamAV's doing so has made it more than a bit of a nuisance for
>some administrators, who found that complaints about phishes sent
>to their abuse address were getting filtered by their AV program.



More information about the Discuss mailing list