Len Conrad wrote:
How can I put
Phishing.Heuristics.Email.SpoofedDomain
... in local.ign, if I can't find it in the files unpacked by sigtool?
thanks
Len
Phishing heuristics sigs are not "real" signatures, so your
choices include disable the phishing heuristics in clamd.conf
(PhishingScanURLs no), or whitelist the domain that's being
detected as phish.
http://www.clamav.net/doc/latest/phishsigs_howto.pdf
At any rate, you should submit the offending mail as a false
positive. http://www.clamav.net/sendvirus/
-- Noel Jones
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
