On 05/06/2010 05:56 PM, Andreas Krauß wrote: > Hi, > > ClamAV 0.96 on our mail server is running very well. We ship every day > many PDf files and have some false positive detections > > How can we solve the problem? > > Today ClamAV found 4 false positives: > > xxxxxxxx01:~/ClamAV# clamscan * > 2.pdf: Exploit.PDF-34 FOUND > 3.pdf: Exploit.PDF-27 FOUND > 4.pdf: Exploit.PDF-34 FOUND > 5.pdf: Exploit.PDF-34 FOUND > > xxxxxxxx01:~/ClamAV# md5sum * > 5495fcf7d5c65efbfffe62d23c61db82 2.pdf > df0bac21be65eba95dd597b1cfa82f49 3.pdf > b0a6dbcd1d1c35ca42a0a21234d081cb 4.pdf > 73fbd8d4d43031122ca1dff2e8be79c0 5.pdf
Submit the files at clamav.net/sendvirus and mark it as a false positive. Alternatively you can disable these signatures locally by adding them to a local.ign(2) file. See signatures.pdf for the format. Best regards, --Edwin _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
