Hi, I submitted a sample email which was blocked with Heuristics.Safebrowsing.Suspected-phishing_safebrowsing.clamav.net
However, the site rejected the submission saying it detects no false positive in it. I'm running Debian, that is 0.98.4, and databases are up to date... See below for the hash match. The blacklisted web site are sellers of refrigerators for bars and coffee shops. The mail was addressed to their suppliers. Their web site seems to being refurbished; does blacklisting imply it was used for phishing? I found nothing in PhishTank about it. Does ClamAV host or refer to some other phishing repository? I'd guess there is a repository, otherwise I wonder how can the blacklist be maintained, but maybe it's not publicly accessible or I just didn't find it. Can someone shred some light on this? Here's the hash match: LibClamAV debug: Phishcheck:Checking url http://www.gasparinifrigoriferi.it-> LibClamAV debug: Looking up hash 47FB0D44C60DB56EC05317671A5E73AA384E4462E631712311D378AE47684C76 for gasparinifrigoriferi.it/(24)(0) LibClamAV debug: This hash matched: 47FB0D44C60DB56EC05317671A5E73AA384E4462E631712311D378AE47684C76 LibClamAV debug: Hash matched for: http://www.gasparinifrigoriferi.it LibClamAV debug: Phishcheck: Phishing scan result: Blacklisted Ciao Ale _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
