Hello,
I'm not sure who to contact about this... I've run into a problem with the "sanesecurity-winnow_phish_complete.ndb" data base. What is causing the problem is "winnow.phish.pt.paypal.mc.248754.UNOFFICIAL".
When decoding this I see: winnow.phish.pt.paypal.mc.$T:4:*:angelfire.com Looking at a legitimate email from one of our clients I see:
> From: Paul USER <paul.u...@angelfire.com> > Subject: Welcome to My Lycos! > To: "Paul User" <paulu...@yahoo.com> > Date: Tuesday, May 4, 2004, 4:04 PM > DATE: Fri, 17 Aug 2001 05:22:13 > From: Lycos.Network.Membership[welc...@lycos.com] > To: u...@angelfire.com
Anyway it looks like this entry will stop messages that have "angelfire.com" in the from line? How can we get this changed. It looks like angelfire.com is real site.
Help is Appreciated! Thanks, Ken _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
