My mistake, Steve. I saw them listed at the bottom of your signatures page (https://sanesecurity.com/usage/signatures/) and neglected to read the "and distributed by" portion.
Micah Snyder ClamAV Development Talos Cisco Systems, Inc. On Apr 29, 2018, at 11:34 AM, Steve Basford <steveb_cla...@sanesecurity.com<mailto:steveb_cla...@sanesecurity.com>> wrote: On Sun, April 29, 2018 3:29 am, Micah Snyder (micasnyd) wrote: What I think Joel is saying is that your MBL signatures are coming through SaneSecurity, not from Cisco/Talos official ClamAV rule set. Hi Micah, MBL signatures are produced and distributed by MalwarePatrol, nothing to do with Sanesecurity. MalwarePatrol can be added as an option from the main download script here: https://github.com/extremeshok/clamav-unofficial-sigs MalwarePatrol FP's can be reported here: fp (_a_t_) malwarepatrol.net On the Sanesecurity mirrors, sigwhitelist.ign2 has the following whitelist entries: MBL_6882958 MBL_6888621 MBL_6913896 So, that might help a little until they fix the issues. -- Cheers, Steve Twitter: @sanesecurity _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml