Hi all, Is it possible to disable a specific virus name so that ClamAV won't detect it anymore? For example by creating some sort of special whitelist database file (in the same location as my .db files), or something along those lines?
I'm running clamd on my mail server, which is called via clamdscan, and I frequently have the phishing "virus" named Phishing.Heuristics.Email.SpoofedDomain trigger on incoming, legitimate emails which are actually not phishing at all - ie. false positives. I know I can disable phishing checks altogether in my .conf file, but I'd like to keep them enabled, as the other phishing checks that clamav does, do work fine (and I also use SaneSecurity's phishing databases). I just want to be able to specifically disable Phishing.Heuristics.Email.SpoofedDomain so that clamav no longer uses that one. Can this be done? For the record, I'm running the official Windows port of clamav from http://w32.clamav.net, however I don't believe this is an issue specific to the Windows version - it's a general question regarding clamav databases and whitelisting etc. Cheers, Jeremy _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html