Humm, I’ve restarted my laptop and now the .fp file gets read and the
detection gets ignored.
How come I need to restart the machine? Is there any service I could
restart instead?
Pavel
Dne 17. 04. 21 v 20:55 Richard Graham via clamav-users napsal(a):
Very curious! It seems to work as expec
An important email from our university president was quarantined with
Heuristics.Phishing.Email.SSL-Spoof. I submitted the email as an attachment
to ClamAV. I'm also disabling it based on past reports such as
https://qmailtoaster-list.qmailtoaster.narkive.com/NYaYAjLl/disabling-clamav-heuristic-phi
> Is there an updated convention for this?
I believe it's more or less unchanged since version 8.6 of Sendmail
> (from the early 1990's). The ID is generated in assign_queueid() in
> .../sendmail/queue.c, which uses the integer as an index to the string
> "0123456789ABCDEF... you get the picture
On Tue, Apr 20, 2021 at 11:54 AM Pavel Řezníček
wrote:
> Humm, I’ve restarted my laptop and now the .fp file gets read and the
> detection gets ignored.
>
> How come I need to restart the machine? Is there any service I could
> restart instead?
>
A restart shouldn't be necessary. Is that behavio
I can't reproduce the issue any more. ☹ Tried to create a new .fp file
with another signature and both the files, the old and the new, get
parsed properly now. This is a bit spooky. Nevertheless, thank you for
your assistance, Richard!
Should I discover the same behavior again, I'll report as
As you have noted, this is a common situation. Anytime the actual URL does not
closely match the displayed URL you'll get an alert unless it has been added to
an M or X signature in the database. I haven't been convinced that anybody is
maintaining that list of exceptions, so disabling it is pro
