Weird right, well at least we know if a hijacked link was to occur the scan would see the download also. That is a good test… again why is doing this, has that link gone bad? Sent from my iPhone
> On Apr 22, 2025, at 09:52, pyllyukko via clamav-users > <clamav-users@lists.clamav.net> wrote: > > Ehlo. > >> On Tue, Apr 22, 2025 at 03:30:30PM +0200, Ralf Hildebrandt via clamav-users >> wrote: >> Are you downloading the signatures for clamv through the filtering >> proxy itself? >> >> Mabye it's basically blocking it's own signature files. > > Seems to be the case. Here's a ClamAV scan against the sig file: > > /var/lib/clamav/interservertopline.db: > sigs.InterServer.net.HEX.Topline.blacklisted.ip.controller.176.223.165.12.366.UNOFFICIAL > FOUND > > -- > pyllyukko > email: <pyllyu...@maimed.org> > PGP: https://keybase.io/pyllyukko > _______________________________________________ > > Manage your clamav-users mailing list subscription / unsubscribe: > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/Cisco-Talos/clamav-documentation > > https://docs.clamav.net/#mailing-lists-and-chat > <signature.asc> _______________________________________________ Manage your clamav-users mailing list subscription / unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat
