how to write an anti-phishing ruleset (and test?)

Jeff A. Earickson jaearick at COLBY.EDU
Wed Nov 17 16:51:07 GMT 2004


Our alumni office uses one of these click-thru counter services for
the alumni newsletter.  They sent out their monthly newsletter a
couple of days ago and all of their URLs got marked as phishing attempts
by MailScanner.  They were peeved at me.  Now I need to write a
ruleset to exempt the click-thru service and then be able to test it.
A sample bit of URL code is:

<p>See more at <a href="|363543|CLY-20041117090021"></a>.</p>

If I email myself this snippet, I can't get MailScanner to bark like it
did for the real message (which came from  Why?  How to test
a ruleset?

What would a sample anti-phishing ruleset look like?  Something like:

    #---exempt from> from anti-phishing tests
    From: and To:     no

    #---everybody else gets tested
    Default: yes

An example in the etc/rules/EXAMPLES file would be nice.

Jeff Earickson
Colby College

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ ( and
the archives (

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list