[clamav-users] Heuristics.Phishing.Email.SpoofedDomain false positive desjardins.com and rbc.com
G.W. Haywood
clamav at jubileegroup.co.uk
Mon Jun 13 21:59:04 UTC 2022
Hi there,
On Mon, 13 Jun 2022, Mathieu Morier via clamav-users wrote:
> Look like many Canadian Banks are switching their corporate email to
> Office 365 ( Microsoft cloud ) and all the links in their email are
> then automatically change ...
Don't get me started.
> ... links to ... hit the Heuristics.Phishing.Email.SpoofedDomain .
> ... Can this rule be changed ...
Speaking personally, I don't want it to be changed but you could for
example add an 'ignore' rule:
https://docs.clamav.net/manual/Signatures/AllowLists.html?highlight=ignore#signature-ignore-lists
> Then will have to trust Microsoft ...
... currently the second worst spam support provider in the world, and
rarely out of the top five:
https://www.spamhaus.org/statistics/networks/
--
73,
Ged.
More information about the clamav-users
mailing list