On 2008-07-24 13:41, Garry wrote: > Hi, > > Yestarday I made a Paypal payment and didn't get the email saying the > payment was made through my VPS, when I check the exim_mainlog I saw: > > 2008-07-23 12:24:42 H=mx0.phx.paypal.com (phx01imail02.phx.paypal.com) > [66.211.168.230] Warning: Sender rate 0.0 / 1h > 2008-07-23 12:24:42 1KLh8s-0006KC-CV H=mx0.phx.paypal.com > (phx01imail02.phx.paypal.com) [66.211.168.230] F=<[EMAIL PROTECTED]> > rejected after DATA: This message contains a virus or other harmful content > (Phishing.Heuristics.Email.SpoofedDomain) > > I have checked the IP address it comes back as belonging to Ebay which I > believe is also Paypal > > For now I have editted /etc/clamd.conf > # Scan URLs found in mails for phishing attempts using heuristics. > # Default: yes > PhishingScanURLs no > > I found this info after doing a google for Email.SpoofedDomain > > Can you advise as what to do ?
Please submit the e-mail as a false positive: http://www.clamav.net/sendvirus/ You can remove personal data from it, but please keep the URLs intact. Thanks, --Edwin _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
