[clamav-users] Heuristics.Phishing.Email.SpoofedDomain false positive desjardins.com and rbc.com
joe a
joea-lists at j4computers.com
Wed Jun 15 21:44:42 UTC 2022
On 6/15/2022 4:51 PM, Maarten Broekman via clamav-users wrote:
> https://docs.clamav.net/manual/Signatures/PhishSigs.html#wdb-format
> <https://docs.clamav.net/manual/Signatures/PhishSigs.html#wdb-format>
>
> There are examples of the wdb format a bit lower on the page.
> Essentially, you would create a file "good_urls.wdb" in the same
> directory as the existing ClamAV database files and put in an
> appropriate line to handle the domains that you want to be safe.
>
> --Maarten
>
Thanks. I felt confounded by the docs at first, but realized,
eventually, that only the X: parameter was required in my case.
Now the sample email scans without a problem. Thanks for all the
suggestions.
joe a.
More information about the clamav-users
mailing list