phishing from same domain?
Dennis Willson
taz at TAZ-MANIA.COM
Thu Dec 29 00:42:39 GMT 2005
[ The following text is in the "ISO-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
Yes, that would be a great option!
Ken A wrote:
> Hello,
>
> Is there any way to tell the phishing code to ignore matches like this I
> see in the log now and then?
>
> MailScanner[4228]: Found phishing fraud from email.capitalone.com
> claiming to be www.capitalone.com in jBT0Dh5c006095
>
> I'd like it if MailScanner had an option so it would decide something
> was phishing ONLY if the domain name didn't match, but ignore the
> hostname. This assumes that most people can control hosts within their
> own domain, but I think it would be a nice option.
>
> The text of the email:
>
> You can view our privacy policy and contact information at <a
> href="http://email.capitalone.com/TBXX034D3DDDDDD10614XX"
> target="_blank"><font color="red"><b>MailScanner has detected a possible
> fraud attempt from "email.capitalone.com" claiming to be</b></font>
> http://www.capitalone.com</a>.
>
> Thanks,
> Ken A
>
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the Wiki (http://wiki.mailscanner.info/) and
> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
> Support MailScanner development - buy the book off the website!
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list