On 6/28/07, Steve Basford <[EMAIL PROTECTED]> wrote: > > > > > 554 Failure Messagecontains an infected attachment ( > Email.Phishing.RB-827) > > > > The laptop that is sending the message is not infected with any virus. > > RB-827 is a phishing signature for regions bank, I won't post the full url > for the signature but here's a part of it: > > /ibsregions/cmserver/ > > So, any urls/text like that in the outgoing email? > > Cheers, > > Steve
Few relevant lines from my clamd.conf, # Enable internal e-mail scanner. # Default: enabled # ScanMail # If an email contains URLs ClamAV can download and scan them. # WARNING: This option may open your system to a DoS attack. # Never use it on loaded servers. # Default: disabled #MailFollowURLs It appears ClamAV is not supposed to be doing anything with the URLs in my signature. Where could things be going wrong? -- -- B.G. Mahesh http://www.greynium.com/ http://www.oneindia.in/ http://www.click.in/ - Free Indian Classifieds _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
