> On Thu, 30 Oct 2008 14:40:47 - (GMT)
>
> The local whitelisting feature is currently not functional, the problem
> will be
> fixed in 0.94.1 which is scheduled for November 3rd.
Thanks for the confirmation Tomasz.
___
Help us build a comprehensive
On Thu, 30 Oct 2008 14:40:47 - (GMT)
"Steve Basford" <[EMAIL PROTECTED]> wrote:
> This *was* working ( 2008-10-06) as I renamed all my sigs, testing the
> .ign file and made the announcement... so, perhaps a remote disable or a
> recent update?
The local whitelisting feature is currently not
>
> Hmm... I can't get it to work either :\
>
>
Well, doesn't work on Sanesecurity sigs now either:
created a fake sample email and did a quick test
local.ign:
phish.ndb:9492:Sanesecurity.Phishing.Bank.9492
c:\tmp\test2.eml: Sanesecurity.Phishing.Bank.9492.UNOFFICIAL FOUND
grep "Sanesecurity.
David Shrimpton wrote:
> On Wed, 29 Oct 2008, Noel Jones wrote:
>
>> David Shrimpton wrote:
>>> This suggests creating a local.ign file eg
>>>
>>> daily.ndb:319:W97M.Static
>>> clamscan appear to indicate it was loading the file.
>
>> Sounds as if you did it correctly, I have no insight into why
On Wed, 29 Oct 2008, Noel Jones wrote:
> David Shrimpton wrote:
> >
> > This suggests creating a local.ign file eg
> >
> > daily.ndb:319:W97M.Static
> > clamscan appear to indicate it was loading the file.
>
> Sounds as if you did it correctly, I have no insight into why
> it didn't work for
David Shrimpton wrote:
>
> This suggests creating a local.ign file eg
>
> daily.ndb:319:W97M.Static
>
> where 319 is line number in daily.ndb of W97M.Static signature.
Yes, assuming the unwanted signature is in daily.ndb
> I tried this earlier but it did not work altough
> clamscan appear to i
On Wed, 29 Oct 2008, Noel Jones wrote:
> Submit false positives to the clamav team for analysis.
> http://www.clamav.net/sendvirus/
Thanks, Was done earlier.
>
> It appears this has already been fixed - I can't find a
> signature named W97M.Static in the current clam database.
W97M.Static was
Hi there,
On Wed, 29 Oct 2008 David Shrimpton wrote:
> Surely this signature is incorrect .
>
> Is there a way of disabling it ?
See section 2.5 of
http://www.clamav.net/doc/latest/signatures.pdf
--
73,
Ged.
___
Help us build a comprehensive ClamAV
Jon Milliren wrote:
> David Shrimpton wrote:
>
>> I'm getting a run of what appear to be false positives
>> on W97M.Static in word docs, since this signature was updated on 18/10/2008.
>
> Me too.
>
>> Is there a way of disabling it ?
>
> I would like to know as well.
>
> jon
>
David Shrimpton wrote:
> I'm getting a run of what appear to be false positives
> on W97M.Static in word docs, since this signature was updated on 18/10/2008.
Me too.
> Is there a way of disabling it ?
I would like to know as well.
jon
--
Jon Milliren
Systems Administrator
U
Hi,
I'm getting a run of what appear to be false positives
on W97M.Static in word docs, since this signature was updated on 18/10/2008.
We get no hits with sophos or any other virus scanner we try
on the .doc file.
The current signature extracted from daily.ndb from daily.cld is:
W97M.Static:2
11 matches
Mail list logo
