Hi

I have 2 emails which have tripped Heuristics.Phishing.Email.SpoofedDomain (4 times in each email using clamscan -x option)

Is the output from clamscan -x --debug shown below indicate the offending url pair triggering Heuristics.Phishing.Email.SpoofedDomain?

LibClamAV debug: Phishing: looking up in whitelist: .clicktime.symantec.com:.www
.barclays.co.uk; host-only:1
LibClamAV debug: Phishing: looking up in whitelist: .clicktime.symantec.com:.www
.barclays.co.uk; host-only:1
LibClamAV debug: Phishing: looking up in whitelist: .clicktime.symantec.com:.www
.barclays.co.uk; host-only:1
LibClamAV debug: Phishing: looking up in whitelist: .clicktime.symantec.com:.www
.barclays.co.uk; host-only:1

_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Reply via email to