Looks like the signature was dropped in daily - 25025 about an hour ago. -Al-
On Wed, Oct 10, 2018 at 05:46 AM, Pertti Karppinen wrote: > The FP reporting form at https://www.clamav.net/reports/fp > <https://www.clamav.net/reports/fp> seems not > to be working in my browser, but I found a false positive that is easy > to reproduce. In a linux system zip file produced by these following > commands triggers Email.Phishing.VOF1-6313981-0: > > dd if=/dev/urandom of=fubar.txt bs=1k count=10 > zip -m test.docx fubar.txt > zip -m test test.docx > > Now when you send the test.zip as an email attachment it triggers > Email.Phishing.VOF1-6313981-0.
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml