On Sat, 27 Feb 2010 11:23:53 +0000, Steve Basford <steveb_clamav@xxxxxxxxxxxxxxxx> wrote: > > > micah anderson wrote: > > Ok, so the *real* false positive I wanted to report earlier was > > confusing, because the entire issue is confusing. So have a look at this > > URL: > > > > http://micah.riseup.net/pastes/2010-02-26T112912 > Fixed (in the next update in about 30 mins) Confirmed. > > 3. More strange is that Sanesecurity.Junk.10689 has the same domain > > string in it, although without the odd binary characters at the > > front. Are these supposed to be duplicates? If so, the issue in #2 needs > > to be fixed in this signature as well. > > > The Junk signature has now been fixed as well. Confirmed. > 4. Even more strange, another email with the same string in it, was > blocked on the 24th, but the rule that was returned as used to block the > email was totally different, it was Sanesecurity.Junk.10690: > http://micah.riseup.net/pastes/2010-02-26T190808.fXDy0GYauH Confirmed. > If you grab the updates again, say in a couple of hours, try a re-scan > on your samples and see if the problem has now been fixed. Looks all good! > Sorry again for the confusion, No problem, thanks for the quick reply! micah