On Jan 21, 2014, at 10:40 AM, Alex <[email protected]> wrote: > I received a number of messages on the 17th that were tagged incorrectly with: > > X-Amavis-Alert: INFECTED, message contains virus: > Heuristics.Safebrowsing.Suspected-phishing_safebrowsing.clamav.net > > I tried to figure out what the pattern was, but apparently it no longer > exists?
There is no specific pattern responsible for the "Heuristics" type. Basically, it generally indicates that the email contains URLs which take one to a different site than what is being displayed to the user. The "safebrowsing" string also suggests that one of the domains in question was listed on Google's blacklist of sites containing suspected malware. Regards, -- -Chuck _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
