There is at present no method to whitelist specific files / directories from the Suspcan suspicious files check.
I use clamav antivirus together with the Sane security plugin which, when called from clamassassin, scans my emails.
The Sane Security plugin seems to need to create two working log files in /var/tmp. These two files are reported as suspicious (score 230) by Suspscan.
Warning: File '/var/tmp/clamdb/SCAM-UpdateSession.log' (score: 230) contains some suspicious content and should be checked.
Warning: File '/var/tmp/clamdb/PHISH-UpdateSession.log' (score: 230) contains some suspicious content and should be checked.
I am reasonably satisfied that these files are legitimate (unless you can tell me otherwise) and would like to exclude them from the scan. It would be good therefore to be able to whitelist these two known and specific files.
Thank you for a great product.