On Jan 31, 2014, at 5:26 PM, Alex <mysqlstud...@gmail.com> wrote: > Hi, > > I found another false-positive, this time with > Heuristics.Phishing.Email.SpoofedDomain and I'd like help in figuring > out what domain within the email it thinks is spoofed. > > I've pasted the email here: > > http://pastebin.com/S7XkCg9a > > Any ideas greatly appreciated.
LibClamAV debug: Phishcheck:host:.ems1.aeroplan.com LibClamAV debug: Phishing: looking up in whitelist: .ems1.aeroplan.com:.www.tdcanadatrust.com; host-only:1 LibClamAV debug: Looking up in regex_list: ems1.aeroplan.com:www.tdcanadatrust.com/ LibClamAV debug: Lookup result: not in regex list LibClamAV debug: Phishcheck: Phishing scan result: URLs are way too different LibClamAV debug: found Possibly Unwanted: Heuristics.Phishing.Email.SpoofedDomain -Al- -- Al Varnell Mountain View, CA _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
