[clamav-users] Whitelist Zip.Suspect.MiscDoubleExtension

[Tim Edwards]

The recent addition of Zip.Suspect.MiscDoubleExtension signatures has been
causing a lot of trouble for us, as it keeps getting flagged for completely
innocuous files such as foo_handle_pdf.js.

I've been adding each signature to our whitelist, such
as Zip.Suspect.MiscDoubleExtension-1, Zip.Suspect.MiscDoubleExtension-2,
etc.  Is there a simple way to whitelist Zip.Suspect.MiscDoubleExtension-*
?   I tried using a regex in the whitelist file to no avail.


​Thanks,​
Tim

--
Tim