[sanesecurity] Re: False Positive

  • From: Sujit Acharyya-choudhury <s.choudhury@xxxxxxxxx>
  • To: "sanesecurity@xxxxxxxxxxxxx" <sanesecurity@xxxxxxxxxxxxx>
  • Date: Fri, 26 Aug 2016 11:31:54 +0000

Many thanks Steve.  I would rather keep junk.ndb and I have added the few 
offending signature names to the *.ign2 list.  I am sure most of the problem 
will go away.

Regards

Sujit

-----Original Message-----
From: sanesecurity-bounce@xxxxxxxxxxxxx 
[mailto:sanesecurity-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Basford
Sent: 26 August 2016 12:11
To: sanesecurity@xxxxxxxxxxxxx
Subject: [sanesecurity] Re: False Positive


On Fri, August 26, 2016 11:46 am, Sujit Acharyya-choudhury wrote:

Shall I add something like this
echo "spammanager" >> /var/lib/clamav/local.ign2 and will it work?  I
am not using ClamAV+SaneSecurity with SpamAssassin, I am using ClamAV
as a virus scanner.

That's won't work.

If all the signatures that are hitting so far are Sanesecurity.Junk.xxxxx that 
I think the best thing to do is not use junk.ndb database as whole.

or just carry on adding in each signature name that hits into the .ign2 file.

That's one of the issues with having this type of "spam report" that actually 
display part of the spam itself, you can work around it with scoring... but if 
you don't use scoring :(

Sorry this is a bit of a rushed reply...

Cheers,

Steve
Web : sanesecurity.com
Twitter: @sanesecurity


Attachment: smime.p7s
Description: S/MIME cryptographic signature

Other related posts:

  1. Home
  2. sanesecurity
  3. Archive
  4. 08-2016