Phishing net behaving strangely

Denis Beauchemin Denis.Beauchemin at USHERBROOKE.CA
Fri Apr 8 16:46:11 IST 2005 

    [ The following text is in the "ISO-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

Denis Beauchemin wrote:

> Hello,
>
> I am testing the phishing net for the first time.  I use MS 4.40.11 on 
> a brand new machine.  Language.conf contains:
> PossibleFraudStart = <font color="red"><b>MailScanner soup&ccedil;onne 
> le lien
> PossibleFraudEnd = d'&ecirc;tre une tentative de fraude de la part 
> de</b></font>
>
> Here is what I sent to test (I added some underscores to make sure my 
> message would not be trapped again):
> <a href="http_:_//_132_._210_._0_._0/">bad tag</a><br>
>
> Here is what I got:
> <a href="http_:_//_132_._210_._0_._0/"><font 
> color="red"><b>MailScanner soup&ccedil;onne le lien "132.210.244.102" 
> d'&ecirc;tre une tentative de fraude de la part de</b></font> pas le 
> bon</a><br>
>
> Which makes MS' message appear as a link.  The message translates to: 
> MS believes the link "132.210.0.0" to be a phishing fraud attempt from 
> bad tag.
>
> Is this normal behaviour?
>
I just tried it again after changing MS' setup to English and the 
results are the same: MS' warning is inside the link...  so I guess it 
is normal behaviour...

I just noticed Martin's answer.  I noticed the setup for IP addresses 
and I think it should be on on my servers.

Thanks!

-- 
   _
  °v°   Denis Beauchemin, analyste
 /(_)\  Université de Sherbrooke, S.T.I.
  ^ ^   T: 819.821.8000x2252 F: 819.821.8045



------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

    [ Part 2, "S/MIME Cryptographic Signature"  ]
    [ Application/X-PKCS7-SIGNATURE  4.4KB. ]
    [ Unable to print this part. ]

More information about the MailScanner mailing list