[SOLVED] whitelist locally clamav?

[killmasta93]

Hi,
I was wondering if someone else accomplished to whitelist a signature on clamav?

i tried the following

root@mail:/var/lib/clamav# touch local_whitelist.ign2

then

 echo “PUA.Pdf.Trojan.EmbeddedJavaScript-1” >>  local_whitelist.ign2

then a reboot

but not seem to be working any ideas?

 

[killmasta93]

Bump anyone?

 

[killmasta93]

solved:

echo "PUA.Pdf.Trojan.EmbeddedJavaScript-1" | sudo tee /var/lib/clamav/whitelist.ign2

then reboot

 

[KatyComputer]

This wasn't working for me, so I looked at /var/lib/clamav/sigwhitelist.ign2

cat /var/lib/clamav/sigwhitelist.ign2
Dummy.Whitelist.Signature
{HEX}Malware.Expert.3xpl01t_ma.configs.dumper.0
PhishTank.Phishing.5603443
Porcupine.Malware.43226
PhishTank.Phishing.6645510
PhishTank.Phishing.6698671
PhishTank.Phishing.6686540
PhishTank.Phishing.6688600
PhishTank.Phishing.6801210

It appears .ign2 files want "Source.Category.Sig#", nothing else.

I made this change, we will see what happens. Previously, I was using:

echo "Sanesecurity.Spam.12741.PdfSpam.UNOFFICIAL" >> /var/lib/clamav/KatyComputer.ign2

Now I am doing:
echo "Sanesecurity.Spam.12741" >> /var/lib/clamav/KatyComputer.ign2

Followed by:

pmgconfig sync --restart 1 ; spamassassin --lint

 

[killmasta93]

after testing again your right it was not working your method where do you get the sig number?