train on viruses?
Dan Singletary
dvsing at sonicspike.net
Tue Feb 24 20:28:38 CET 2004
Chris,
I have found it much more effective to run a virus scanner on the
message prior to processing by bogofilter (in procmailrc). If the
virus scanner (clamav, in this case) catches a virus in the message, it
goes straight to /dev/null and bogofilter never sees it. Bogofilter
isn't that great at catching viruses that widely vary their subject
lines as well as spoof senders addresses. In my opinion, it's better to
use a tool designed to catch viruses and weed them out first. Running
clamav has become a necessity with all of the recent email worms
bouncing around.
-Dan
Chris Fortune wrote:
> What are the pros and cons of training bogofilter with virus emails?
>
> 1. Does it fill up the wordlist with unneccessary tokens?
> 2. Does it prejudice bogofilter against all emails that have executable attachments?
> 3. What about polymorphic viruses?
> 4. How accurate? How many instances would it need to be accurate?
>
> Questions like that...
>
>
>
> ---------------------------------------------------------------------
> FAQ: http://bogofilter.sourceforge.net/bogofilter-faq.html
> To unsubscribe, e-mail: bogofilter-unsubscribe at aotto.com
> For summary digest subscription: bogofilter-digest-subscribe at aotto.com
> For more commands, e-mail: bogofilter-help at aotto.com
>
More information about the Bogofilter
mailing list