[clamav-users] What was detected?
joe a
joea-lists at j4computers.com
Mon Feb 27 20:52:54 UTC 2023
On 2/27/2023 3:47 PM, joe a wrote:
> Got an email marked as infected by clamav. I cannot determine what was
> detected.
>
> A long time ago I asked here and someone described how to scan an
> individual email file, log the results and scan the log for what was
> detected. Or maybe clued me in on which log I was not searching properly.
>
> Did not find that conversation it in the email archives.
> _______________________________________________
>
> Manage your clamav-users mailing list subscription / unsubscribe:
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/Cisco-Talos/clamav-documentation
>
> https://docs.clamav.net/#mailing-lists-and-chat
Well never mind that part, it is shown clearly in /var/log/clamd.log as
"Heuristics.Phishing.Email.SpoofedDomain".
What I think I conflated that with the means to determine the details so
I can add that to a .ign* file. Something to do with debug mode I think.
More information about the clamav-users
mailing list