oauth email proxy identified as pomal trojan

Question

oauth email proxy identified as pomal trojan

Closed this issue 9 months ago · 1 comments

Eds1989 commented 9 months ago

Recently, WIndows Defender has started detecting the executable for the oauth email proxy as the Win32/pomal trojan.

Are you aware of this, and are you able to amend the code so it is not detected as such?

I have whitelisted the executable for the time being, as it kept quarantining it causing my service for this to stop and cease functioning.

Answer 1 · 2025-01-30T09:10:09.000Z

Unfortunately this is a relatively common issue with pre-built executables made by PyInstaller. See, e.g., #265, #306, #309, #320.

There is very little that can be done about it from the proxy's side. The executable is built automatically from source, so there's no possibility for malicious tampering, and it is safe to ignore the warning. If it helps you are welcome to report this false positive to the various virus scanners (e.g., see this previous discussion).