train on viruses?
Boris 'pi' Piwinger
3.14 at logic.univie.ac.at
Tue Feb 24 21:14:51 CET 2004
"Chris Fortune" <cfortune at telus.net> wrote:
>What are the pros and cons of training bogofilter with virus emails?
>
>1. Does it fill up the wordlist with unneccessary tokens?
>2. Does it prejudice bogofilter against all emails that have executable attachments?
>3. What about polymorphic viruses?
>4. How accurate? How many instances would it need to be accurate?
I do the following: Viruses recognized by a virus scanner
are taken away. Messages with typical attachments are taken
away, then bogofilter comes into play.
What it gets (virus related):
- Virus mails with attachment removed/replaced
- Bounces (not infective) to virus mail
- Lusers' warnings (your machine is infected)
- Viruses which are not recognized and not of typical file
type (zip)
pi
More information about the Bogofilter
mailing list