A while back discussed excluding some URL's from triggering the
heueristics scan. Seemed to work. Postfix, spamassassin, clamav in use.
Now seems some addtional URL's are involved. Perhaps I am doing
something wrong here.
Been determining (?) the offending URL's by examining the entire email
using:
clamscan --debug --file-list=SFILE --log=RESULT.txt 2> result.txt
then looking for offenders using:
grep -iB4 "Phishing scan result: URLs are way too different" myfile.txt
entering the URL seen in "Real URL: http://some.url"; into
"/var/lib/clamav/somefile.wdb" and restarting clamd (systemctl restart
clamd.service)
I would presume re-scanning as above should no longer flag the offending
URL(s)?
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
