Hi there, On Mon, 18 Jun 2012, Kern, Thomas wrote:
We have a few hundred PDFs that contain strings that trigger the DLP as credit card or SSN strings. These are false positives. The files have been examined to make sure that such private information is not in them, but there is real information that fits the same structure and triggers the DLP. We would like to continue to use DLP but do not want to wade through this long list of false positives every day.
You can create a database containing the signatures which you do not wish to cause files to be flagged as suspect. It's explained in the ClamAV user documentation.
Is there some mechanism to have a "false positive" exception file listing all the files that we know are false positives, so that Clamav will not report that on it?
Standard Unix/Lilnux tools can do that for you very easily. -- 73, Ged. _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
