[clamav-users] Email.Phishing.DblDom-60 -- issue
Al Varnell
alvarnell at mac.com
Sun Apr 3 01:17:59 UTC 2016
I was suggesting that you submit the log file as an FP.
It contains partial url and if I post it here then this e-mail will be reported as infected. You can see it for yourself by running the following:
sigtool --find Email.Phishing.DblDom-60 | sigtool --decode-sig
-Al-
On Sat, Apr 02, 2016 at 05:19 PM, Andrew McGlashan wrote:
>
> On 3/04/2016 9:32 AM, Al Varnell wrote:
>> Have you submitted the log to False Positive Reports yet?
>> <http://www.clamav.net/reports/fp>
>
> This is not a /file/ it is an email source and the source changes with
> each and every log. Some log files are giving this problem, most are
> not; I need to know what it is that is causing clamav to claim to be
> malware so I can understand why clamav thinks the email has malware.
>
> Thanks
> AndrewM
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
-Al-
--
Al Varnell
Mountain View, CA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2370 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20160402/7c837c4b/attachment.bin>
More information about the clamav-users
mailing list