Am 02.06.2017 um 08:12 schrieb Al Varnell:
On Wed, May 31, 2017 at 11:44 PM, Reindl Harald wrote:
why i am so emotional about this topic?
because *THAT ISSUE* i originally registered on this list and *you* recommended at
http://lists.clamav.net/pipermail/clamav-users/2016-July/003111.html "You must
disable Heuristics using clamd.conf and clamscan options" while all you guys which
recommend that not realizing that it would disable safebrowsings too and so CLAMAV IS
BROKEN BY DESIGN as long nobody either makes that crap whitelisteable with ign2-files,
removes it completly or make a switch *only* diable that crap without other heuristics
Yes, I remember that very well.
Looks like ClamAV may be taking some action on it, hopefully sooner than later.
In the meanwhile, have you tried using a local.sfp file containing whitelisted
pairs?
You could either fill it with "M" records for each pair, e.g.
M:http://epl.paypal-communication.com/:www.paypal.com
or a Regex formatted "X" record for multiple country codes, e.g.
X:.+\.paypal-communications\.(de|fr|it|at|ca|be|ch|nl|pl|es|co\.uk|com|com\.(au|cn|hk|my|sg))([/?].*)?:(.+\.)?paypal\.(at|be|ca|ch|co\.uk|de|es|fr|ie|in|it|nl|ph|pl|com|com\.(au|cn|hk|my|sg))([/?].*)?
i solved it with 2 different clamd instances with different scores and a
self-fixed spamassassin-clamav-plugin which don't have it's stuff
hardcoded and supports more then one instance because when we start to
block leigt customer mail i have a red flag and to solve that
*instantly* and not months or years later
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
