FYI - today it is detected by Sanesecurity.SpearL.2.UNOFFICIAL I posted this on the clamav-users list but not sure how much traffic that gets... Or do the browsers do it a different way? -- °((( = (( ===°°° ((( ================================================ On 8/28/2013 3:56 PM, Ricardo Stella wrote: > (apologies for sending this to Steve directly by accident). > > Recently we got a really bad phish attempt with a URL in plain text. > The URL triggers Safebrowsing both in Firefox and Chrome, but for some > reason clamav does not seem to trigger anything. > > I use a good set of rules and when running clamscan in debug mode, > clearly see that they are all being loaded, including safebrowsing. > All of course updated as well. But the copy of the email reports no > infections at all. > > BTW, all three tests (subject, html and txt) work and are detected... > > Have not submitted the form to any one else, but can send it if anyone > is interested. > > TIA. > > > -- > °((( = (( ===°°° ((( ================================================ >
begin:vcard fn:Ricardo Stella n:Stella;Ricardo org:Rider University;OIT - N.U.T.S. adr:;;2083 Lawrenceville Rd;Lawrenceville;NJ;08648;USA email;internet:stella@xxxxxxxxx title:Assoc. Director tel;work:609-896-5000 x7436 url:www.rider.edu version:2.1 end:vcard