The FP reporting form at https://www.clamav.net/reports/fp seems not to be working in my browser, but I found a false positive that is easy to reproduce. In a linux system zip file produced by these following commands triggers Email.Phishing.VOF1-6313981-0:
dd if=/dev/urandom of=fubar.txt bs=1k count=10 zip -m test.docx fubar.txt zip -m test test.docx Now when you send the test.zip as an email attachment it triggers Email.Phishing.VOF1-6313981-0. -- Pertti Karppinen Suora puhelinnumero 014 445 5105 Sähköposti pertti.karppi...@online.fi Online Solutions Oy - http://www.online.fi/ Puhelinvaihde 014 445 5100, Telekopio 014 445 5101 Tutustu SecMail -sähköpostiturvapalveluumme: http://www.secmail.com/ _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
