Hi guys,
Please could someone assist, I can't seem to whitelist the above signature,
as I'm getting quite a few false positives.
I did manage to whitelist a sig called
"Sanesecurity.Malware.27218.XmlHeur.Gfx" so I know my whitelist file
(/opt/zimbra/data/clamav/db/sigwhitelist.ign2) is working, but no matter
what I do to the Yara rule it still gets blocked.
I have tried adding it without the UNOFFICIAL as well.
Thank you.
Regards.
Neil Wilson.