I have try to prevent sending Suspicious File Alert emails which contain:
File: /tmp/netatop-0.5/netatop.init
Reason: Script, starts with #!
File: /tmp/netatop-0.5/mkversion
Reason: Script, starts with #!
by adding
exe:/tmp/netatop-0.5/netatop.init
exe:/tmp/netatop-0.5/mkversion
to the csf.pignore file but somehow those two lines are not getting excluded from the alert emails.
Any clue what is going on?