[clamav-users] Whitelisting FP domains

Alex mysqlstudent at gmail.com
Thu Oct 6 08:40:39 EDT 2016


Hi,

We have reports of a domain being blacklisted and we don't think it should be:

LibClamAV debug: Phishcheck:Checking url
http://www.hospitalitytec.com->www.hospitalitytec.com
LibClamAV debug: Looking up hash
31E3DBF72F782E65722B2AE014524FF4F13F7022245ED9D4A7213D73F7B65A90 for
hospitalitytec.com/(19)(0)
LibClamAV debug: This hash matched:
31E3DBF72F782E65722B2AE014524FF4F13F7022245ED9D4A7213D73F7B65A90
LibClamAV debug: Hash matched for: http://www.hospitalitytec.com
LibClamAV debug: Phishcheck: Phishing scan result: Blacklisted
LibClamAV debug: found Possibly Unwanted:
Heuristics.Safebrowsing.Suspected-phishing_safebrowsing.clamav.net

It's not listed anywhere else as being blacklisted. I will submit a
report to clamav directly, but it involves uploading the whole email.
I'd also like to know if information can be provided as to why it was
blacklisted.

I'd like to be able to just whitelist it locally. I know how to
whitelist signatures, but not domains.

Any ideas greatly appreciated.
Thanks,
Alex



More information about the clamav-users mailing list