[clamav-users] Heuristics, only on or off?
Andrew C Aitchison
clamav at aitchison.me.uk
Wed Mar 24 06:06:01 UTC 2021
On Tue, 23 Mar 2021, Joe Acquisto-j4 wrote:
> In log find (snipped)
>
> ". . .infected by Heuristics.OLE2.ContainsMacros.VBA"
>
> and
>
> ". . .infected by Heuristics.Phishing.Email.SpoofedDomain"
>
> I love the first one but loathe the second one.
> Is there some secret sauce to
> allow discriminating between them?
If I remember correctly, I used to do this in my MTA - exim,
filtering in the ACL based on the text wjich you are logging.
--
Andrew C. Aitchison Kendal, UK
andrew at aitchison.me.uk
More information about the clamav-users
mailing list