[sanesecurity] Re: Procedure to add to signwhitelist.ign2

• From: "Bill Landry" <bill@xxxxxxxxxxx>
• To: sanesecurity@xxxxxxxxxxxxx
• Date: Tue, 8 Jun 2010 14:09:47 -0700

On Tue, June 8, 2010 1:55 pm, Mike Abraham wrote:
> Hello
>
> ClamAV Version:
> ClamAV 0.96.1/11160/Tue Jun  8 13:07:08 2010
>
> I'm trying to add the following signature to sigwhitelist.ign2, but it
> still gets caught.
>
> INetMsg.SpamDomain-2m.mtsallstream_com
>
> Full Signature:
> INetMsg-SpamDomains-2m.ndb:136356:INetMsg.SpamDomain-2m.mtsallstream_com:4:*:(2e|2f|40|20|3c|5f)6d7473616c6c73747265616d2e636f6d(27|22|20|2f|3d|5f|3e|0a|0d)
>
> Can anyone point to a document that describes procedures for using
> sigwhitelist.ign2 (not local.ign2) ?
>
> Or is there a better way to whitelist this domain ?

Did you reload the clamd (clamdscan --reload) after adding the entry into
sigwhitelist.ign2?

Also, since I haven't seen spam from the domain since 2010-05-11, I've
gone ahead and removed the domain from the SpamDomains signature
databases.

Regards,

Bill

• Follow-Ups:
  • [sanesecurity] Re: Procedure to add to signwhitelist.ign2
    • From: Mike Abraham

• References:
  • [sanesecurity] Procedure to add to signwhitelist.ign2
    • From: Mike Abraham

Other related posts:

• » [sanesecurity] Procedure to add to signwhitelist.ign2- Mike Abraham
• » [sanesecurity] Re: Procedure to add to signwhitelist.ign2 - Bill Landry
• » [sanesecurity] Re: Procedure to add to signwhitelist.ign2- Mike Abraham

1. Home
2. sanesecurity
3. Archive
4. 06-2010

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---