$ sigtool -fEmail.Phishing.DblDom-60 | awk -F' ' '{print $2}' | sigtool
--decode-sigs
VIRUS NAME: Email.Phishing.DblDom-60
TARGET TYPE: MAIL
OFFSET: *
DECODED SIGNATURE:
/.www.my.if.com/If you think you have a false positive, please submit it here: http://www.clamav.net/reports/fp - Alain On Wed, Mar 30, 2016 at 12:23 PM, Andrew McGlashan < andrew.mcglas...@affinityvision.com.au> wrote: > Hi, > > I have server log messages coming through that are being rejected as > having "Email.Phishing.DblDom-60" .... > > How can I determine what it is that is triggering this claim? > > Thanks > AndrewM > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
