edwintorok at gmail
Oct 2, 2008, 12:16 PM
Post #2 of 3
On 2008-10-02 10:25, Robert Allerstorfer wrote:
Re: Removal of clamscan's "--no-phishing-restrictedscan" option
[In reply to]
> clamscan 0.94 is the first version after 0.9 where the
> "--no-phishing-restrictedscan" option is no more mentioned in the
> output of 'clamscan -h'. However, that option has in fact been removed
> earlier - at least in the 0.93.x versions that option just did nothing
> when specified.
> So now, there are only the options "--phishing-ssl" and
> "--phishing-cloak" remaining if someone wants a higher detection rate
> of *possible* phishings. However, using them did not make any
> difference in my tests as without them. Edwin's mbox test file from
> will always be detected as Phishing.Heuristics.Email.SpoofedDomain, no
> matter which options are set or not.
> Could someone please give any sample that demonstrates the
> --phishing-* options?
Indeed, --phishing-ssl and --phishing-cloak should work even if the host
is not in the .pdb and
display the proper name.
I fixed this is in SVN r4220, and will be part of 0.94.1 (bug #1211).
You can have a look at these files, and scan it with a .pdb containing a
I've added these to the unit test too (check_clamscan.sh).
Please submit your patches to our Bugzilla: http://bugs.clamav.net