Phishing.Heuristics.Email.SpoofedDomain false positives
Gareth
list-mailscanner at linguaphone.com
Mon Aug 6 12:19:03 IST 2007
I have just upgraded MailScanner and enabled full message scanning but I
am getting a few false positives on
Phishing.Heuristics.Email.SpoofedDomain against some genuine Amazon
emails and a couple of others.
Strangely when I use clamscan and scan the message file the message is
reported as being clean.
Quarantine Modified Body = no
Quarantine Whole Message = yes
Quarantine Whole Messages As Queue Files = no
How does Mailscanner save the raw mail file for clamavmodule to scan?
Could there be a slight difference which is causing the heuristics to
misbehave?
Thanks
Gareth
More information about the MailScanner
mailing list