Alex skrev den 2018-04-29 03:24:
That shouldn’t be part of the official ruleset.
Really?
bit.ly have abuse handling, so its hard to report if its rejected
No one uses bit.ly for a legitimate purposes?
is this a question ?
I don't mean for that to sound sarcastic - I really don't know.
E
I've had to exempt 4 MBL sigs in 24 hours. Where's the QC?
I'm on a knife edge about just dropping MBL.
From: clamav-users on behalf of Alex
Sent: Friday, April 27, 2018 8:22:05 PM
To: ClamAV users ML
Subject: [clamav-users] Malwarepatrol false positives
Hi,
What I think Joel is saying is that your MBL signatures are coming through
SaneSecurity, not from Cisco/Talos official ClamAV rule set.
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
On Apr 28, 2018, at 9:24 PM, Alex
mailto:mysqlstud...@gmail.com>> wrote:
Hi,
That shouldn’t be pa
Hi,
> That shouldn’t be part of the official ruleset.
Really? No one uses bit.ly for a legitimate purposes?
I don't mean for that to sound sarcastic - I really don't know.
Everyone's heard of / uses bit.ly I thought...
___
clamav-users mailing list
cla
That shouldn’t be part of the official ruleset.
Sent from my iPhone
> On Apr 28, 2018, at 17:32, Alex wrote:
>
> Hi,
>
> So I decided to check which MBL hits there were today, and it seems
> they're now blocking https://bit.ly
>
> $ sigtool --find-sigs MBL_6913896 |sigtool --decode-sigs
> V
Hi,
So I decided to check which MBL hits there were today, and it seems
they're now blocking https://bit.ly
$ sigtool --find-sigs MBL_6913896 |sigtool --decode-sigs
VIRUS NAME: MBL_6913896
TARGET TYPE: ANY FILE
OFFSET: *
DECODED SIGNATURE:
https://bit.ly
I'm beginning to think I've made a mistak