https://github.com/vrtadmin/clamav-devel/blob/master/docs/signatures.pdf
"To whitelist a specific signature from the database you just add its name into a local file called local.ign2 stored inside the database directory." - Alain On Thu, Sep 25, 2014 at 11:31 AM, Tim Edwards <tim.edwa...@scorm.com> wrote: > The recent addition of Zip.Suspect.MiscDoubleExtension signatures has been > causing a lot of trouble for us, as it keeps getting flagged for completely > innocuous files such as foo_handle_pdf.js. > > I've been adding each signature to our whitelist, such > as Zip.Suspect.MiscDoubleExtension-1, Zip.Suspect.MiscDoubleExtension-2, > etc. Is there a simple way to whitelist Zip.Suspect.MiscDoubleExtension-* > ? I tried using a regex in the whitelist file to no avail. > > > Thanks, > Tim > > -- > Tim > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
