None of those examples are signatures, they are engine driven detections. You must disable Heuristics using clamd.conf and clamscan options.
Sent from Janet's iPad -Al- On Jul 15, 2016, at 8:00 PM, Reindl Harald wrote: > Hi > > * the follwoing rules don't make anything but troubles > * created a ign2 file > * again a reject of clamav-milter > * tried also whitelist "Eicar-Test-Signature" > * also still hits > > why?! > _______________________________________________________ > > thelounge_whitelist.ign2: > Heuristics.Phishing.Email.SpoofedDomain > Heuristics.Email.SSL-Spoof > Phishing.Heuristics.Email.SpoofedDomain > Phishing.Heuristics.Email.SSL-Spoof > Heuristics.Encrypted.PDF > _______________________________________________________ > > Fri Jul 15 16:42:46 2016 -> fd[10]: > Heuristics.Phishing.Email.SpoofedDomain(007f163a4f71a336e78174b48e14bc0a:10951) > FOUND _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
