Hi, On Tue, Jan 21, 2014 at 2:15 PM, Charles Swiger <[email protected]> wrote: > On Jan 21, 2014, at 10:40 AM, Alex <[email protected]> wrote: >> I received a number of messages on the 17th that were tagged incorrectly >> with: >> >> X-Amavis-Alert: INFECTED, message contains virus: >> Heuristics.Safebrowsing.Suspected-phishing_safebrowsing.clamav.net >> >> I tried to figure out what the pattern was, but apparently it no longer >> exists? > > There is no specific pattern responsible for the "Heuristics" type. > > Basically, it generally indicates that the email contains URLs which take one > to a > different site than what is being displayed to the user. The "safebrowsing" > string > also suggests that one of the domains in question was listed on Google's > blacklist > of sites containing suspected malware.
So I can assume that since clamscan no longer finds a virus, that the string that triggered the false-positive is no longer part of the blacklist? The reference to the FAQ doesn't seem to be all that helpful. How can I extract the contents of the safebrowsing.cvd file to determine its contents? Thanks, Alex _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
