I've had to exempt 4 MBL sigs in 24 hours. Where's the QC? I'm on a knife edge about just dropping MBL.
________________________________ From: clamav-users <[email protected]> on behalf of Alex <[email protected]> Sent: Friday, April 27, 2018 8:22:05 PM To: ClamAV users ML Subject: [clamav-users] Malwarepatrol false positives Hi, I can't imagine outright blocking https://goo.gl is not a mistake. $ sigtool --find-sigs MBL_6888621 | sigtool --decode-sigs VIRUS NAME: MBL_6888621 TARGET TYPE: ANY FILE OFFSET: * DECODED SIGNATURE: https://goo.gl MBL_6882958 and MBL_6888621 both hit on https://goo.gl. I've reported this to them hours ago and still no update so wanted to be sure people knew about it here. _______________________________________________ clamav-users mailing list [email protected] http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list [email protected] http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
