> On 4/8/13 1:40 PM, "Andrew Beverley" wrote: > >> Some time ago there was a discussion that resulted in the GTUBE test >> spam message being added to the Clamav signatures[1]. >> ... >> [1] http://lurker.clamav.net/message/20090924.234610.57310ea1.en.html > > According to the second message in your footnoted reference, it was added > to > the Sanesecurity unofficial signature database, not ClamAV's. Every time > it > comes up I have tried to test it and it always fails. Now I know why. >
Hi All, Couple of updates.. I've just check end the Sanesecurity.TestSig.GTUBE signature name had accidentally been renamed to Sanesecurity.TestSig.10616 I have, however, removed the checks for GTUBE, so at least ClamAV and Third-Party sigs are now consistent. If people really want to check they can use something like this: printf "Sanesecurity.TestSig.GTUBE:0:*:584a53 2a43344a44425141444e312e4e53424e332a3249444e454e2a47545542452d5354414e444152442d414e54492d5542452d544553542d454d41494c2a432e333458" > gtube.ndb (remove the line wraps) Cheers, Steve Sanesecurity _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
