[clamav-users] FP with Heuristics.Phishing.Email.SpoofedDomain
Paul
paul at netpresto.co.uk
Wed Aug 29 13:05:56 UTC 2018
Hi
I have 2 emails which have tripped
Heuristics.Phishing.Email.SpoofedDomain (4 times in each email using
clamscan -x option)
Is the output from clamscan -x --debug shown below indicate the
offending url pair triggering Heuristics.Phishing.Email.SpoofedDomain?
LibClamAV debug: Phishing: looking up in whitelist:
.clicktime.symantec.com:.www
.barclays.co.uk; host-only:1
LibClamAV debug: Phishing: looking up in whitelist:
.clicktime.symantec.com:.www
.barclays.co.uk; host-only:1
LibClamAV debug: Phishing: looking up in whitelist:
.clicktime.symantec.com:.www
.barclays.co.uk; host-only:1
LibClamAV debug: Phishing: looking up in whitelist:
.clicktime.symantec.com:.www
.barclays.co.uk; host-only:1
More information about the clamav-users
mailing list