Phishing phailure

Martin Sapsed m.sapsed at BANGOR.AC.UK
Thu Nov 4 16:44:42 GMT 2004


John Wilcock wrote:
> On Thu, 4 Nov 2004 14:53:49 +0000, Martin Sapsed wrote:
>
>>I put 4.35.9 up yesterday with
>>
>>Find Phishing Fraud = yes
>>
>>and yet the attached message got through without being detected (or
>>picked up by the Clam definitions).
>
> Huh? It *was* detected:
>
> | <a href=3D"http://3duser.co.kr/b.html"><font color=3D"red"><b>MailScanner
> |  has detected a possible fraud attempt from "3duser.co.kr" claiming to be
> | </b></font> https://ibank.barclays.co.uk/fp/1_2x/online/1,,logon,00.html<
> | /a>

By your system and by Julian's, yes, but not by mine! Those red bits
weren't in the message I sent. There's obviously something amiss on my
installation - question is, what? I used install.sh in the tar
installation, HTML::Parser is up to scratch. Phishing detector is
apparently on in MailScanner.conf.

Cheers,

Martin

--
Martin Sapsed            "I've got 8 little fingers and only 2 thumbs,
Microcomputer Support                      won't you leave me in peace
Information Services                        while I get the job done?"
University of Wales, Bangor             Chris Rea, "I'm working on it"

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).




More information about the MailScanner mailing list