how to write an anti-phishing ruleset (and test?)

Leif Neland mailscanner-user at NELAND.DK
Thu Nov 18 00:20:45 GMT 2004

    [ The following text is in the "iso-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

Jeff A. Earickson <jaearick at COLBY.EDU> wrote:
> Gang,
> Our alumni office uses one of these click-thru counter services for
> the alumni newsletter.  They sent out their monthly newsletter a
> couple of days ago and all of their URLs got marked as phishing
> attempts by MailScanner.  They were peeved at me.  Now I need to write a
> ruleset to exempt the click-thru service and then be able to test it.
> A sample bit of URL code is:
> <p>See more at <a
> href="|363543|CLY-20041117090021"></a>.</p>
What is the problem? It is a phishing attempt, and MailScanner is detecting 

> If I email myself this snippet, I can't get MailScanner to bark like
> it did for the real message (which came from  Why?  How to test
> a ruleset?

Are you whitelisting yourself?


------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ ( and
the archives (

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list