Had a reply back regarding the false positives
Hello,
?
?Thank you for contacting us and for reporting potential problems with our
ClamAV signatures. The two entries mentioned were removed from the block
lists and data feeds a few days ago. Our users and customers should be able
to
Paul wrote:
Hi
I have 2 emails which have tripped
Heuristics.Phishing.Email.SpoofedDomain (4 times in each email using
clamscan -x option)
Is the output from clamscan -x --debug shown below indicate the
offending url pair triggering Heuristics.Phishing.Email.SpoofedDomain?
LibClamAV
Try now?
On Aug 28, 2018, at 9:31 AM, Jon Roberts
mailto:j...@racksrv.net>> wrote:
Hi Joel,
The seemingly blocked IP is 213.5.176.169
Regards, Jon
From: clamav-users
mailto:clamav-users-boun...@lists.clamav.net>>
on behalf of Joel Esler (jesler)
On Tue, August 21, 2018 12:31 pm, Al Varnell wrote:
> OK, I don't think there is anything that ClamAV can do about it since
> it's an UNOFFICIAL.
>
> Maybe Steve Basford from SaneSecurity can put some pressure on them. He
> usually reads what's posted here.
I've just sent them an email and a
Hi,
Apparently the cudasvc.com URLs are a function of Barracuda for their
customers, replacing dangerous public URLs in messages with private
links to barracuda-hosted warnings or screening pages, to prevent
customers from receiving and following original potentially malicious URLs.
Microsoft
Hi
I have 2 emails which have tripped
Heuristics.Phishing.Email.SpoofedDomain (4 times in each email using
clamscan -x option)
Is the output from clamscan -x --debug shown below indicate the
offending url pair triggering Heuristics.Phishing.Email.SpoofedDomain?
LibClamAV debug: Phishing: