ScamNailer False Positives
steveb_clamav at sanesecurity.com
Wed Sep 12 13:25:05 IST 2012
> On Tue, 11 Sep 2012, Dan H. Eicher wrote:
>> Almost all the emails I get from UFL's helpdesk are marked as:
>> ScamNailer.Phish.helpdesk_AT_ufl.edu.UNOFFICIAL and quarantined.
> If an address is listed incorrectly, I believe the scamnailer data
> originates from http://code.google.com/p/anti-phishing-email-reply/ so you
> could look there to get false positives and no-longer-positives removed
> (Help Desk addresses can be used in spam so it might have been listed
I've also whitelisted the sig on the Sanesecurity mirrors, so if you
normally grab the scamnailer.ndb file from the Sanesecurity mirrors
(instead of directly) - the sig will be gone.
But the better solution is to contact anti-phishing-email-reply-discuss AT
googlegroups DOT com and ask for a removal.
More information about the MailScanner