Bend in the Weather

Entries tagged as phishing

Entries tagged as phishing

Related tags

Thursday, May 8. 2008

Beefing up ClamAV to detect and filter out scam, phishing and malware Emails

Many people use ClamAV with their Email server to filter out viruses. This is indeed a good idea!(tm) 8-)

However, by default it doesn't pick up Scam, Phishing or even Malware Emails. :-(

You can add some unofficial 3rd party databases to beef up the amount of 'bad' data that ClamAV can detect.

SaneSecurity produce a ClamAV database that holds such information.
SecuriteInfo also creates a ClamAV database that contains information on Malware.
MBL also produce lists in various formats, one of these is in ClamAV signature database format.

You can even automate the process easily by using a script to grab these lists at regular intervals (once per day is recommended). Throw it in cron to run once daily, and you're set. ;-)

You'll see something like this in your maillogs:

2008-05-08 01:41:14 1JtllZ-0002Ok-5x H=61-228-171-106.dynamic.hinet.net [61.228.171.106] F= rejected after DATA: This message contains a virus or other harmful content (Html.Spam.Gen2942.Sanesecurity.08040202.zip)
Whilst clamd reports it like:
Thu May 8 01:41:14 2008 -> /var/spool/exim/scan/1JtllZ-0002Ok-5x/1JtllZ-0002Ok-5x.eml: Html.Spam.Gen2942.Sanesecurity.08040202.zip FOUND


You'll be surprised at just how much it picks up, outside that of your usual spam/virus scanning and even greylisting processing.
Posted by Matt in Linux at 02:49 | Comments (0) | Trackbacks (0)
Defined tags for this entry: , , , , , ,
193 hits
Bookmark Beefing up ClamAV to detect and filter out scam, phishing and malware Emails at del.icio.us Digg Beefing up ClamAV to detect and filter out scam, phishing and malware Emails Mixx Beefing up ClamAV to detect and filter out scam, phishing and malware Emails Bloglines Beefing up ClamAV to detect and filter out scam, phishing and malware Emails Technorati Beefing up ClamAV to detect and filter out scam, phishing and malware Emails Fark this: Beefing up ClamAV to detect and filter out scam, phishing and malware Emails Bookmark Beefing up ClamAV to detect and filter out scam, phishing and malware Emails at YahooMyWeb Bookmark Beefing up ClamAV to detect and filter out scam, phishing and malware Emails at Furl.net Bookmark Beefing up ClamAV to detect and filter out scam, phishing and malware Emails at reddit.com Bookmark Beefing up ClamAV to detect and filter out scam, phishing and malware Emails at Spurl.net Bookmark Beefing up ClamAV to detect and filter out scam, phishing and malware Emails at blogmarks Bookmark Beefing up ClamAV to detect and filter out scam, phishing and malware Emails at Ma.gnolia.com Stumble It!
(Page 1 of 1, totaling 1 entries)

Quicksearch

Calendar

Back August '08 Forward
Mon Tue Wed Thu Fri Sat Sun
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31

Archives

August 2008 (0)
July 2008 (0)
June 2008 (0)
Recent...
Older...

My Photos

DSCN0482 DSCN0481 DSCN0480 DSCN0479 DSCN0478 DSCN0477

Syndicate This Blog

Add to Google

Blog Stats

Last entry: 2008-08-19 21:37
211 entries written
225 comments have been made

Blog Administration

Open login screen

Blog Tags