Taken care of… I think it only uploaded the one sample, but I think all three were just test emails send by the MS customer.
Sincerely, Eric Tykwinski TrueNet, Inc. P: 610-429-8300 > On Jul 11, 2023, at 5:30 PM, Micah Snyder (micasnyd) <micas...@cisco.com> > wrote: > > You can submit FP reports through https://www.clamav.net/reports/fp > <https://www.clamav.net/reports/fp> > > Our threat research team has automation in place behind this submission > portal to investigate and resolve FP's. > > Regards, > Micah > > > Micah Snyder > ClamAV Development > Talos > Cisco Systems, Inc. > From: clamav-users <clamav-users-boun...@lists.clamav.net> on behalf of Eric > Tykwinski via clamav-users <clamav-users@lists.clamav.net> > Sent: Tuesday, July 11, 2023 1:04 PM > To: 'ClamAV users ML' <clamav-users@lists.clamav.net> > Cc: Eric Tykwinski <eric-l...@truenet.com> > Subject: [clamav-users] Needed to whitelist > Email.Phishing.RPMSG_Downloader-10004958-0 > > Just a heads up, we had a legitimate customer receiving Office 365 secure > emails get hit with this filter. > I’m not sure what the original rule was for, but I’m assuming it was for > phishing emails, but seems to be a bit too loose on the rules to not get > false positives. > > Clam team, if you need headers or anything let me know. > > Sincerely, > > Eric Tykwinski > TrueNet, Inc. > P: 610-429-8300
_______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat