edwin at clamav
Apr 18, 2012, 8:51 AM
Post #2 of 2
(200 views)
Permalink
|
On 04/18/2012 06:38 PM, Stephen Guglielmo wrote:
> Hello,
>
> I have a mail system with virus filtering via ClamAV. It has been
> working well, I've tested it with the EICAR check successfully.
> However, ClamAV has been detecting false positives in certain emails
> with the detection "Heuristics.Structured.SSN."
>
> This is the most recent email it flagged as
> "Heuristics.Structured.SSN", but is a false positive.
> http://lists.freebsd.org/pipermail/freebsd-announce/2012-April/001417.html
>
> It is a announcement on a FreeBSD mailing list. It has no viruses or
> social security numbers.
>
> Is there a way to decrease the sensitivity of this?
Set StructuredSSNFormatStripped to No in clamd.conf (which is the default).
Parts of the MD5/SHA256 from that email are identified as valid SSNs otherwise.
Best regards,
--Edwin
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
|
