Hello,
I'm not sure who to contact about this... I've run into a problem with the "sanesecurity-winnow_phish_complete.ndb" data base. What is causing the problem is "winnow.phish.pt.paypal.mc.248754.UNOFFICIAL".
When decoding this I see: winnow.phish.pt.paypal.mc.$T:4:*:angelfire.com Looking at a legitimate email from one of our clients I see:
> From: Paul USER <[email protected]> > Subject: Welcome to My Lycos! > To: "Paul User" <[email protected]> > Date: Tuesday, May 4, 2004, 4:04 PM > DATE: Fri, 17 Aug 2001 05:22:13 > From: Lycos.Network.Membership[[email protected]] > To: [email protected]
Anyway it looks like this entry will stop messages that have "angelfire.com" in the from line? How can we get this changed. It looks like angelfire.com is real site.
Help is Appreciated! Thanks, Ken _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
