|
WD
| Joined: 01 Feb 2010 |
| Posts: 0 |
|
|
|
 Posted: Mon Feb 01, 2010 1:51 pm |
|
 |
 |
|
|
I use the doemail whitelist - so every email has a "spoofed domain". www.doemail.org
Love your product, but this "feature" is causing me real grief.
|
|
|
|
GuitarBob
| Joined: 09 Jul 2006 |
| Posts: 9 |
| Location: USA |
|
|
| Posted: Mon Feb 01, 2010 2:18 pm |
|
|
|
|
|
ClamWin uses the virus signature database/scanning engine provided by Clam AV and does not have any control over them. All you can do is to submit files with false positive detections to Clam, starting at https://www.clamav.net/sendvirus/lang-pref/en/ on the web. When you get to the upload page, before uploading the file, check the false positive block and give the exact name of the false positive detection in the comments block.
They get a lof of FPs on that Spoofed Domain sig. If they get enough false positives, they may drop it. Be aware, however, that Clam is developed to work with Linux email scanners (to find Windows viruses for their email users), and they can't afford to be wrong, so they will error on the side of caution for their clients. They will settle for a FP now and then to prevent a real virus from getting through on their email clients.
Regards,
|
|
|
