Re: [clamav-users] Heuristics.Phishing.Email.SpoofedDomain false positive desjardins.com and rbc.com

joe a Wed, 15 Jun 2022 14:45:34 -0700

On 6/15/2022 4:51 PM, Maarten Broekman via clamav-users wrote:

https://docs.clamav.net/manual/Signatures/PhishSigs.html#wdb-format<https://docs.clamav.net/manual/Signatures/PhishSigs.html#wdb-format>
There are examples of the wdb format a bit lower on the page.Essentially, you would create a file "good_urls.wdb" in the samedirectory as the existing ClamAV database files and put in anappropriate line to handle the domains that you want to be safe.
--Maarten

Thanks. I felt confounded by the docs at first, but realized,eventually, that only the X: parameter was required in my case.

Now the sample email scans without a problem. Thanks for all thesuggestions.


joe a.
_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

Re: [clamav-users] Heuristics.Phishing.Email.SpoofedDomain false positive desjardins.com and rbc.com

Reply via email to