ScamNailer False Positives

Steve Basford steveb_clamav at
Wed Sep 12 13:25:05 IST 2012

> On Tue, 11 Sep 2012, Dan H. Eicher wrote:
>> Almost all the emails I get from UFL's helpdesk are marked as:
>> “” and quarantined.

> If an address is listed incorrectly, I believe the scamnailer data
> originates from so you
> could look there to get false positives and no-longer-positives removed
> (Help Desk addresses can be used in spam so it might have been listed
> legitimately).

I've also whitelisted the sig on the Sanesecurity mirrors, so if you
normally grab the scamnailer.ndb file from the Sanesecurity mirrors
(instead of directly) - the sig will be gone.


But the better solution is to contact anti-phishing-email-reply-discuss AT
googlegroups DOT com and ask for a removal.



More information about the MailScanner mailing list