[clamav-users] Clamav and DLP
Einer Petersen
einer at page34.net
Tue Mar 7 23:52:32 UTC 2017
Is there a way to use the {local}.ing2 file to explicitly ingore
certain patterns that would generate a false positive when using the
CreditCard DLP filter?
The DLP filer for credit card detection, as curently written, has a
very high percentage of Flase Positive detects and nearly unusable in
it current incarnation. An example would be False detects on boundary
tags in the email header/body that contain large sequences of digits.
Hear is a regex I currently use in milter-regex to ingore some of these
false positives:
body /^(--=_[A-Fa-f0-9]|--_[A-Fa-f0-9]|--[A-Fa-f0-9]|------=_Part_|
--=======|--_=_|<!-- |--boundry_)/nie
Is there a way I can do something similar using an {local}.ing2 file?
Thanks,
Einer
More information about the clamav-users
mailing list