Alain, I seem to be up-to-date with daily:21484 from yesterday and I’m still seeing it:
host -t txt current.cvd.clamav.net current.cvd.clamav.net descriptive text "0.99.1:57:21484:1459646940:1:63:44502:275" sigtool --find Email.Phishing.DblDom-60 [main.ndb] Email.Phishing.DblDom-60:4:*:2f2e70617970616c2e636f6d -Al- On Sat, Apr 02, 2016 at 07:34 PM, Alain Zidouemba wrote: > > Andrew: > > Are you up to date with your signatures? Email.Phishing.DblDom-60 was > removed on 4/1/2016. > > FYI: > > $ echo -n 'Email.Phishing.DblDom-60:4:*:2f2e70617970616c2e636f6d' | sigtool > --decode-sigs > VIRUS NAME: Email.Phishing.DblDom-60 > TARGET TYPE: MAIL > OFFSET: * > DECODED SIGNATURE: > /[dot]paypal[dot]com > > - Alain > > On Sat, Apr 2, 2016 at 3:54 PM, Andrew McGlashan < > andrew.mcglas...@affinityvision.com.au> wrote: > >> Hi, >> -- resend ????? again ???? no help???? --- >> >> 550 This message was detected as possible malware >> (Email.Phishing.DblDom-60). >> >> It is not malware, it is just simple logs of backup processes. >> >> >> I have server log messages coming through that are being rejected as >> having "Email.Phishing.DblDom-60" .... >> >> *** How can I determine what it is that is triggering this claim? *** >> >> Thanks >> AndrewM >> _______________________________________________ >> Help us build a comprehensive ClamAV guide: >> https://github.com/vrtadmin/clamav-faq >> >> http://www.clamav.net/contact.html#ml >> > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml -Al- -- Al Varnell Mountain View, CA
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
