Thanks Al. I have submitted false positive reports for each domain. Does anyone know if we will receive any kind of confirmation that this is being looked at / resolved?
Thanks, Anne-Sophie -----Original Message----- From: Al Varnell [mailto:[email protected]] Sent: 19 May 2017 09:24 To: [email protected] Subject: Re: clamav-users Digest, Vol 150, Issue 18 I'm just a fellow user, but from what I know about the way it's organized, technically yes, there should be one from every domaine. Perhaps somebody from the signatures team can give you a better response. Sent from Janet's iPad -Al- On May 19, 2017, at 1:05 AM, "[email protected]" wrote: > Hi Al, > > Thanks for your input, I will send you a sample. > > Paypal sends campaigns for all their EMEA countries via our platform, so > there are several sending domains used. Do I need to send a sample for each > domain? > > Many thanks, > > Anne-Sophie > ------------------------------ > > Message: 11 > Date: Thu, 18 May 2017 04:19:54 -0700 > From: Al Varnell <[email protected]> > To: ClamAV users ML <[email protected]> > Subject: Re: [clamav-users] Mail from Paypal wrongly identified as > phishing by ClamAv > Message-ID: <[email protected]> > Content-Type: text/plain; charset="us-ascii" > > This can be whitelisted by associating whatever foreign URL is being used > within these messages with paypal domains, but you need to submit a sample to > <http://www.clamav.net/reports/fp> so that it can be taken care of. > > -Al- > > On Thu, May 18, 2017 at 03:41 AM, [email protected] wrote: >> >> Hello, >> >> Mail from our client Paypal is being wrongly flagged as phishing by ClamAv. >> >> We get this type of bounce erros: >> 554 Your email was rejected because it contains the >> Heuristics.Phishing.Email.SpoofedDomain virus >> >> Mailing IPs: 142.54.244. [96-110] >> Mailing domains:mail.paypal.at, mail.paypal.nl, mail.paypal.com, >> mail.paypal.pl Date of issue: 09 May 2017 >> >> Please make the necessary changes to your product ASAP. >> >> These emails are legitimate, sent to optin customers of Paypal, and >> authenticate with SPF, DKIM and DMARC. >> >> >> Please contact me if you need any additional information. >> >> Regards, >> >> Anne-Sophie Marsh, Sr Email Deliverability Manager EMEA >> T +44 2086143219 M +44 7469352383 Epsilon, 67 Broad Street, Teddington >> TW11 8QZ, UK epsilon.com<http://epsilon.com/> >> [http://help.epsilon.com/images/logo.png] _______________________________________________ clamav-users mailing list [email protected] http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
