Email.Phishing.RPMSG_Downloader-10004958-0 has been dropped. Thanks for sending the FP report our way.
On Tue, Jul 11, 2023 at 5:43 PM Eric Tykwinski via clamav-users < [email protected]> wrote: > Taken care of… I think it only uploaded the one sample, but I think all > three were just test emails send by the MS customer. > > Sincerely, > > Eric Tykwinski > TrueNet, Inc. > P: 610-429-8300 > > On Jul 11, 2023, at 5:30 PM, Micah Snyder (micasnyd) <[email protected]> > wrote: > > You can submit FP reports through https://www.clamav.net/reports/fp > > Our threat research team has automation in place behind this submission > portal to investigate and resolve FP's. > > Regards, > Micah > > > Micah Snyder > ClamAV Development > Talos > Cisco Systems, Inc. > ------------------------------ > *From:* clamav-users <[email protected]> on behalf of > Eric Tykwinski via clamav-users <[email protected]> > *Sent:* Tuesday, July 11, 2023 1:04 PM > *To:* 'ClamAV users ML' <[email protected]> > *Cc:* Eric Tykwinski <[email protected]> > *Subject:* [clamav-users] Needed to whitelist > Email.Phishing.RPMSG_Downloader-10004958-0 > > Just a heads up, we had a legitimate customer receiving Office 365 secure > emails get hit with this filter. > I’m not sure what the original rule was for, but I’m assuming it was for > phishing emails, but seems to be a bit too loose on the rules to not get > false positives. > > > Clam team, if you need headers or anything let me know. > > > Sincerely, > > > Eric Tykwinski > TrueNet, Inc. > P: 610-429-8300 > > > _______________________________________________ > > Manage your clamav-users mailing list subscription / unsubscribe: > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/Cisco-Talos/clamav-documentation > > https://docs.clamav.net/#mailing-lists-and-chat > -- Christopher Marczewski Research Engineer, Talos Cisco Systems 443-832-2975
_______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
