Hi,
I received a number of messages on the 17th that were tagged incorrectly with:
X-Amavis-Alert: INFECTED, message contains virus:
Heuristics.Safebrowsing.Suspected-phishing_safebrowsing.clamav.net
I tried to figure out what the pattern was, but apparently it no longer exists?
# sigtool --find-sigs Heuristics.Safebrowsing | sigtool --decode-sigs
I've tried variations of this, but was unable to locate any signs of it.
What is the proper way to search for this particular pattern, and does
anyone have any info on what it might have been on the 17th that would
cause such a false-positive?
Thanks,
Alex
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
