Hi, > It's not necessary to whitelist the heuristic. If you choose to, you can > whitelist the domain which can be done using a .wdb signature. There is > documentation on how to write an entry in the phishsigs_howto.pdf document.
Whitelist the sending domain? Or the offending domain? Or which? Are you talking about this URL or a component of it? >> > urldefense. >> > proofpoint.com/ <http://proofpoint.com/ >> >(26)v2/url?u=http-3A__www.bankofamerica.com_emaildisclaimer&d=AwMFAg&c=ewHkv9vLloTwhsKn5d4bTdoqsmB Thanks, Alex _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
