WebView2ControlMBS flagged by mail servers

I built a small desktop app containing a container carrying a WebView2ControlMBS and a WKWebViewMBS for testing purposes. Trying to send the Win64 build created with Xojo 2022r1.1 fails on different mail servers as the zip file containing the (unsigned) app is rejected with a “clamav: virus found: “Sanesecurity.Foxhole.Zip_exe.UNOFFICIAL”” warning.
I used Keka, stripping macOS file parts if any, and PathFinder’s compression utility to zip the file. Both never produced a virus warning, so I guess it might be connected to the MBS plugin (#223).
VirusTotal says the file is unsuspicious.
Any ideas what might be wrong? A server rejection makes it hard to claim a false positive.

You may not send zip files by emails.
Put them on a website for download.

Since we use a lot of standard / open source libraries, it may be that some virus tool flags similar code in our applications as virus. That is called a false positiv.

1 Like