[clamav-users] clamav-users Digest, Vol 150, Issue 19

Joel Esler (jesler) jesler at cisco.com
Thu Jun 1 16:48:00 UTC 2017 

I do agree that these features need to be decoupled.  We’ve marked that as a feature we’d like to develop.

--
Joel Esler | Talos: Manager | jesler at cisco.com<mailto:jesler at cisco.com>






On Jun 1, 2017, at 2:44 AM, Reindl Harald <h.reindl at thelounge.net<mailto:h.reindl at thelounge.net>> wrote:



Am 01.06.2017 um 08:32 schrieb Al Varnell:
On May 31, 2017, at 11:24 PM, Reindl Harald <h.reindl at thelounge.net<mailto:h.reindl at thelounge.net>> wrote:
Am 01.06.2017 um 03:04 schrieb Al Varnell:
I made an attempt to determine whether epl.paypal-communication.com<http://epl.paypal-communication.com> was a legitimate domain owned by PayPal with very mixed results.
No WhoIs service could identify it directly

and here is stop to read - let me guess you entered "epl.paypal-communication.com<http://epl.paypal-communication.com>" including the subdomain and/or used some obsucre website doing whois requests
Wrong on both points. I initially used only paypal-communications.com<http://paypal-communications.com> in two different Mac utilities which have given flawless results in the past. Then I tried a TraceRoute, eventually coming up with the IP

who knows how that crap works, proper software directly asks the servers on such a list https://github.com/rfc1036/whois/blob/next/tld_serv_list and everybody but you knows "paypal-communications.com<http://paypal-communications.com>" is owned by Paypal for a very long time

why i am so emotional about this topic?

because *THAT ISSUE* i originally registered on this list and *you* recommended at http://lists.clamav.net/pipermail/clamav-users/2016-July/003111.html "You must disable Heuristics using clamd.conf and clamscan options" while all you guys which recommend that not realizing that it would disable safebrowsings too and so CLAMAV IS BROKEN BY DESIGN as long nobody either makes that crap whitelisteable with ign2-files, removes it completly or make a switch *only* diable that crap without other heuristics

http://lists.clamav.net/pipermail/clamav-users/2016-July/003111.html
_______________________________________________
clamav-users mailing list
clamav-users at lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

More information about the clamav-users mailing list