[clamav-users] Whitelisting FP domains

2016-10-06 Thread Alex
Hi, We have reports of a domain being blacklisted and we don't think it should be: LibClamAV debug: Phishcheck:Checking url http://www.hospitalitytec.com->www.hospitalitytec.com LibClamAV debug: Looking up hash 31E3DBF72F782E65722B2AE014524FF4F13F7022245ED9D4A7213D73F7B65A90 for hospitalitytec.co

Re: [clamav-users] Whitelisting FP domains

2016-10-06 Thread Richard
> Date: Thursday, October 06, 2016 08:40:39 -0400 > From: Alex > > Hi, > > We have reports of a domain being blacklisted and we don't think it > should be: > > LibClamAV debug: Phishcheck:Checking url > http://www.hospitalitytec.com->www.hospitalitytec.com > LibClamAV debug: Looking up hash > 3

Re: [clamav-users] Whitelisting FP domains

2016-10-06 Thread Steve Basford
On Thu, October 6, 2016 1:40 pm, Alex wrote: > Hi, > > > We have reports of a domain being blacklisted and we don't think it > should be: > > LibClamAV debug: Phishcheck:Checking url > http://www.hospitalitytec.com->www.hospitalitytec.com I think its better to keep the domain listed at the moment

Re: [clamav-users] MaxQueue & MaxConnectionQueueLength

2016-10-06 Thread Matus UHLAR - fantomas
On 04.10.16 22:19, crazy thinker wrote: I am newbie to ClamAV. what is the exact difference between MaxQueue and MaxConnectionQueueLength the latter is afaik at TCP socket level, while the first at clamd level. how many clamdscan instances can able to connect to clamd on local machine? is the

Re: [clamav-users] Whitelisting FP domains

2016-10-06 Thread Reindl Harald
Am 06.10.2016 um 16:08 schrieb Alex: We have reports of a domain being blacklisted and we don't think it should be: LibClamAV debug: Phishcheck:Checking url http://www.hospitalitytec.com->www.hospitalitytec.com I think its better to keep the domain listed at the moment.. https://www.virusto

Re: [clamav-users] Whitelisting FP domains

2016-10-06 Thread Steve Basford
On Thu, October 6, 2016 3:21 pm, Reindl Harald wrote: > >> I have another that was just discovered. Is this a sanesecurity >> pattern and could it be a FP? There's no reference to it on virustotal or >> elsewhere: >> >> >> # sigtool --find-sigs winnow.spam.ts.miscspam.1025807 | sigtool >> --deco

Re: [clamav-users] Whitelisting FP domains

2016-10-06 Thread Alex
>> We have reports of a domain being blacklisted and we don't think it >> should be: >> >> LibClamAV debug: Phishcheck:Checking url >> http://www.hospitalitytec.com->www.hospitalitytec.com > > I think its better to keep the domain listed at the moment.. > > https://www.virustotal.com/en/url/291d973

Re: [clamav-users] How to get each file status when scan a ditrtectory using clamdscan

2016-10-06 Thread crazy thinker
@All In MultiScan Mode,i would like to get each file staus call back from clamd server but currently clamdscan gets callback from clamd when a file is either infected or error one. clamdscan runs faster than clamscan..so i would like to improve performance in full system scan i am reading source