Just spotted this go report https://twitter.com/hanno/status/642067768616046592
Anyone else seeing issues:
https://www.reddit.com/r/sysadmin/comments/3kg08m/gmail_flagging_company_docs_as_viruses_when/
___
Help us build a comprehensive ClamAV guide:
Glad to hear. Thank you for the follow-up.
Shaun
On Mon, May 19, 2014 at 11:04 AM, Julian Hansmann
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hey,
>
> Now it works as expected. Thank you very much für your help.
>
> Kind regards,
>
> - --
>
> Julian Hansmann
>
> 1&1 Mail & Med
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey,
Now it works as expected. Thank you very much für your help.
Kind regards,
- --
Julian Hansmann
1&1 Mail & Media GmbH
Mail Application Security
Am 15.05.2014 23:03, schrieb Shaun Hurley:
> Julian,
>
> Please run freshclam again and scan th
Julian,
Please run freshclam again and scan the file. It should not be alerting
anymore.
Thanks,
Shaun
On Thu, May 15, 2014 at 10:07 AM, Shaun Hurley wrote:
> Julian and Al,
>
> I thought this was signature was removed on Tuesday. I think I found the
> problem and should have this resolved lat
Julian and Al,
I thought this was signature was removed on Tuesday. I think I found the
problem and should have this resolved later today.
Please let me know if you have any questions.
Thank you,
Shaun Hurley
Cisco Malware Reseearcher
On Thu, May 15, 2014 at 3:40 AM, Al Varnell wrote:
>
> On
On Thu, May 15, 2014 at 12:34 AM, Julian Hansmann wrote:
>
>
> Am 15.05.2014 09:11, schrieb Al Varnell:
>> On Thu, May 15, 2014 at 12:04 AM, Julian Hansmann wrote:
>>> thank your very much for your responses. I added the signatures
>>> name to the whitelist which works flawless.
>>
>> The signa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am 15.05.2014 09:11, schrieb Al Varnell:
> On Thu, May 15, 2014 at 12:04 AM, Julian Hansmann wrote:
>> thank your very much for your responses. I added the signatures
>> name to the whitelist which works flawless.
>
> The signature was removed almost
On Thu, May 15, 2014 at 12:04 AM, Julian Hansmann wrote:
> thank your very much for your responses. I added the signatures name
> to the whitelist which works flawless.
The signature was removed almost immediately after the announcement, so you
should no longer need the whitelist.
> I can see th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hey all,
thank your very much for your responses. I added the signatures name
to the whitelist which works flawless.
I can see that sending an attachment with an double extension is
somehow sensless and suspicious however I think you can't take that
On Tue, May 13, 2014 at 05:38 PM, Benny Pedersen wrote:
>
> Sending the jpg file is not an option without puting it in a zip archive
> first?
>
> It does not pay of to compress jpg without jpg tools, that sayed if it just
> to get single attachment on mail it still make sense to use zip for a
Sending the jpg file is not an option without puting it in a zip archive first?
It does not pay of to compress jpg without jpg tools, that sayed if it just to
get single attachment on mail it still make sense to use zip for a container
file
Dont know a solution else
--
Sendt fra min Android te
Julian,
I didn't see this in the false positive queue, but did see this email. I
just completed a review of the original sample. It turns out that the
original sample is being detected by another signature and that this one is
not adding anything. I've scheduled the signature to be dropped out of
On Tue, May 13, 2014 8:27 am, Julian Hansmann wrote:
> Regardless of its content (even if it's empty) a mail which has a file
> with the suffix ".JPG.zip" (case sensitive) attached will be detected as
> "Email.Trojan-417".
>
Hi Julian,
I'm guessing the orignal offical signature was to catch some
Julian,
Looking at the signature, I see your point, but it must also contain:
> Content-Transfer-Encoding: base64
> Content-Disposition: attachment
That would seem to be a given for almost any attachment, as well. I have no
idea what the actual sample was, but there must be something much more
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear ClamAV-Users and Developers,
some time ago I reported a FP on the homepage on ClamAV. Unfortunately
I haven't received a response nor has the signature in question be
removed from the official database. So I'd like to ask what else can I
do to ge
15 matches
Mail list logo
