Hello, I'm trying to add some values to whitelist following phishsigs_howto.pdf doc. It's a simple conf, but it doesn't work.
With 'clamscan --debug email.file' command capture: LibClamAV debug: Phishcheck:Checking url http://ad.doubleclick.net/clk;77451406;6134080;d?http://www.correo.movistar.es/do/isp/assistant/login?isp=terra ->aquí. LibClamAV debug: Phishcheck:URL after cleanup: http://ad.doubleclick.net/->aquí LibClamAV debug: Displayed 'url' is not url:aquí LibClamAV debug: Phishcheck: Phishing scan result: Clean LibClamAV debug: blobDestroy 1 LibClamAV debug: blobDestroy 1 LibClamAV debug: messageAddArgument, arg='filename=mixedtextportion' LibClamAV debug: messageToFileblob LibClamAV debug: blobCreate LibClamAV debug: messageExport: numberOfEncTypes == 1 LibClamAV debug: messageExport: enctype 0 is 1 LibClamAV debug: messageFindArgument: compare 8 bytes of filename with name=attachment LibClamAV debug: messageFindArgument: compare 8 bytes of filename with filename=mixedtextportion LibClamAV debug: blobSetFilename: mixedtextportion LibClamAV debug: fileblobSetFilename: mkstemp(/tmp/clamav-a9869b35a7e918d7824ef5c965af32aa/mixedtextportionXXXXXX) LibClamAV debug: Creating /tmp/clamav-a9869b35a7e918d7824ef5c965af32aa/mixedtextportionTu1XhX LibClamAV debug: Exported 2895 bytes using enctype 1 LibClamAV debug: /tmp/clamav-a9869b35a7e918d7824ef5c965af32aa/mixedtextportionTu1XhX is infected LibClamAV debug: fileblobDestructiveDestroy: /tmp/clamav-a9869b35a7e918d7824ef5c965af32aa/mixedtextportionTu1XhX LibClamAV debug: The message has 0 parts LibClamAV debug: cli_mbox returning 1 /tmp/email.file: Email.Phishing.RB-2924 FOUND LibClamAV debug: Cleaning up phishcheck LibClamAV debug: Freeing phishcheck struct LibClamAV debug: Phishcheck cleaned up It's clean?? but command return 'Email.Phishing.RB-2924 FOUND', why? and I added this value to daily.wdb: M:http://ad.doubleclick.net/:aquí<http://ad.doubleclick.net/:aqu%C3%AD> What's wrong? Thanks in advance Jordi _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
