>> And report the false positive to the ClamAV team? > > All false positives from SecuriteInfo.com signatures should be sent to > webmas...@securiteinfo.com. > Thank you.
As this false positive was from unofficial signatures i am going to report it to webmas...@securiteinfo.com. >> All good :-) Going to remove javascript.ndb too. Sorry again. > > Rather than deleting entire signature databases because of one false > positive, why don't you either: > > 1. Whitelist the file (if it's static) > or > 2. Whitelist the signature(s) > > Both are a quick google search and very easy to do... Thank you, but for the moment my setup is using ClamAV only for virus/malware (and quarantine+report them to admins), the mentiones falsepositive signature was against spam. For the moment I am strictly using spamassassin for antispam and clamav for antivirus. This will change later this year when changing to rspamd for antispam. but yes, for sure you are right about whitelisting, again thanks for the hints _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
