[clamav-users] Mail from Paypal wrongly identified as phishing by ClamAv

Hello, Mail from our client Paypal is being wrongly flagged as phishing by ClamAv. We get this type of bounce erros: 554 Your email was rejected because it contains the Heuristics.Phishing.Email.SpoofedDomain virus Mailing IPs: 142.54.244. [96-110] Mailing domains:mail.paypal.at, mail.paypal.nl

Re: [clamav-users] Mail from Paypal wrongly identified as phishing by ClamAv

Am 18.05.2017 um 12:41 schrieb outre...@epsilon.com: Mail from our client Paypal is being wrongly flagged as phishing by ClamAv. We get this type of bounce erros: 554 Your email was rejected because it contains the Heuristics.Phishing.Email.SpoofedDomain virus Mailing IPs: 142.54.244. [96-11

Re: [clamav-users] Mail from Paypal wrongly identified as phishing by ClamAv

This can be whitelisted by associating whatever foreign URL is being used within these messages with paypal domains, but you need to submit a sample to so that it can be taken care of. -Al- On Thu, May 18, 2017 at 03:41 AM, outre...@epsilon.com wrote: > > Hel

Re: [clamav-users] Mail from Paypal wrongly identified as phishing by ClamAv

On Thu, May 18, 2017 at 03:47 AM, Reindl Harald wrote: > > Am 18.05.2017 um 12:41 schrieb outre...@epsilon.com: >> These emails are legitimate, sent to optin customers of Paypal, and >> authenticate with SPF, DKIM and DMARC. > > clamav has no way to verify that and hence the > "Heuristics.Phish

Re: [clamav-users] Mail from Paypal wrongly identified as phishing by ClamAv

Am 18.05.2017 um 13:22 schrieb Al Varnell: On Thu, May 18, 2017 at 03:47 AM, Reindl Harald wrote: Am 18.05.2017 um 12:41 schrieb outre...@epsilon.com: These emails are legitimate, sent to optin customers of Paypal, and authenticate with SPF, DKIM and DMARC. clamav has no way to verify tha

Re: [clamav-users] Mail from Paypal wrongly identified as phishing by ClamAv

Hi there, On Thu, 18 May 2017, Anne-Sophie Marsh wrote: Mail from our client Paypal is being wrongly flagged as phishing by ClamAv. No surprise there. We get this type of bounce erros: 554 Your email was rejected because it contains the Heuristics.Phishing.Email.SpoofedDomain virus That'

Re: [clamav-users] Mail from Paypal wrongly identified as phishing by ClamAv

Am 18.05.2017 um 18:51 schrieb G.W. Haywood: Admittedly this was quite a while ago; we've been rejecting all mail from PayPal since 2013. All the same, you aren't helping anybody by doing things like that. like what? like reject mails from paypal to your users? hopefully they know how you m

Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)

Hi Reindl Harald Thanks for the reply. Yes, its pretty clear from your config info about how to set the permissions for the socket. But it still gets the 'root' in the group even after setting up with the configuration you suggested. I don't know if that's how the clam-milter socket permission sho

Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)

Am 19.05.2017 um 03:36 schrieb Kishore Pawar: Hi Reindl Harald Thanks for the reply. Yes, its pretty clear from your config info about how to set the permissions for the socket. But it still gets the 'root' in the group even after setting up with the configuration you suggested. I don't know i

Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)

> Thanks for the reply. Yes, its pretty clear from your config info about how > to set the permissions for the socket. But it still gets the 'root' in the > group even after setting up with the configuration you suggested. Have you tried this? MilterSocketGroup clamav > But there's no way for me