Re: [clamav-users] Heuristics.Phishing.Email.SpoofedDomain false positive desjardins.com and rbc.com

2022-06-15 Thread joe a
On 6/15/2022 4:51 PM, Maarten Broekman via clamav-users wrote: https://docs.clamav.net/manual/Signatures/PhishSigs.html#wdb-format There are examples of the wdb format a bit lower on the page. Essentially, you would create

Re: [clamav-users] Heuristics.Phishing.Email.SpoofedDomain false positive desjardins.com and rbc.com

2022-06-15 Thread Maarten Broekman via clamav-users
https://docs.clamav.net/manual/Signatures/PhishSigs.html#wdb-format There are examples of the wdb format a bit lower on the page. Essentially, you would create a file "good_urls.wdb" in the same directory as the existing ClamAV database files and put in an appropriate line to handle the domains t

Re: [clamav-users] Heuristics.Phishing.Email.SpoofedDomain false positive desjardins.com and rbc.com

2022-06-15 Thread joe a
On 6/15/2022 11:47 AM, G.W. Haywood via clamav-users wrote: Hi there, On Wed, 15 Jun 2022, joe a wrote: To semi-hijack, I was attempting to deal with my own occasional false positive by using this thread as a clue. Attempting to follow the docs, I hit a wall here: "To help you identify what

Re: [clamav-users] Heuristics.Phishing.Email.SpoofedDomain false positive desjardins.com and rbc.com

2022-06-15 Thread G.W. Haywood via clamav-users
Hi there, On Wed, 15 Jun 2022, joe a wrote: To semi-hijack, I was attempting to deal with my own occasional false positive by using this thread as a clue. Attempting to follow the docs, I hit a wall here: "To help you identify what triggered a heuristic phishing alert, clamscan or clamd wil

Re: [clamav-users] Heuristics.Phishing.Email.SpoofedDomain false positive desjardins.com and rbc.com

2022-06-15 Thread Kris Deugau
joe a wrote: To semi-hijack, I was attempting to deal with my own occasional false positive by using this thread as a clue. Attempting to follow the docs, I hit a wall here: "To help you identify what triggered a heuristic phishing alert, clamscan or clamd will print a message indicating the

Re: [clamav-users] Heuristics.Phishing.Email.SpoofedDomain false positive desjardins.com and rbc.com

2022-06-15 Thread joe a
On 6/13/2022 7:27 PM, Mathieu Morier via clamav-users wrote: Yea for now I just created the line as peer the doc ( https://docs.clamav.net/manual/Signatures/PhishSigs.html#wdb-format  ) and it’s working. For Heuristics.Phish

Re: [clamav-users] On-Access Scanning don't detect new file

2022-06-15 Thread G.W. Haywood via clamav-users
Hi there, On Wed, 15 Jun 2022, Tobias Mächler via clamav-users wrote: I have just configured the On-Access Scanning with clamav. When I use the command line to download a virus to the new directory it gets scanned correctly. However I have an application running on the server (centos 7) and whe