Email.Phishing.RPMSG_Downloader-10004958-0 has been dropped. Thanks for sending the FP report our way.
On Tue, Jul 11, 2023 at 5:43 PM Eric Tykwinski via clamav-users < clamav-users@lists.clamav.net> wrote: > Taken care of… I think it only uploaded the one sample, but I think all > three were just test emails send by the MS customer. > > Sincerely, > > Eric Tykwinski > TrueNet, Inc. > P: 610-429-8300 > > On Jul 11, 2023, at 5:30 PM, Micah Snyder (micasnyd) <micas...@cisco.com> > wrote: > > You can submit FP reports through https://www.clamav.net/reports/fp > > Our threat research team has automation in place behind this submission > portal to investigate and resolve FP's. > > Regards, > Micah > > > Micah Snyder > ClamAV Development > Talos > Cisco Systems, Inc. > ------------------------------ > *From:* clamav-users <clamav-users-boun...@lists.clamav.net> on behalf of > Eric Tykwinski via clamav-users <clamav-users@lists.clamav.net> > *Sent:* Tuesday, July 11, 2023 1:04 PM > *To:* 'ClamAV users ML' <clamav-users@lists.clamav.net> > *Cc:* Eric Tykwinski <eric-l...@truenet.com> > *Subject:* [clamav-users] Needed to whitelist > Email.Phishing.RPMSG_Downloader-10004958-0 > > Just a heads up, we had a legitimate customer receiving Office 365 secure > emails get hit with this filter. > I’m not sure what the original rule was for, but I’m assuming it was for > phishing emails, but seems to be a bit too loose on the rules to not get > false positives. > > > Clam team, if you need headers or anything let me know. > > > Sincerely, > > > Eric Tykwinski > TrueNet, Inc. > P: 610-429-8300 > > > _______________________________________________ > > Manage your clamav-users mailing list subscription / unsubscribe: > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/Cisco-Talos/clamav-documentation > > https://docs.clamav.net/#mailing-lists-and-chat > -- Christopher Marczewski Research Engineer, Talos Cisco Systems 443-832-2975
_______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat