phishing detection bug
Julian Field
MailScanner at ecs.soton.ac.uk
Fri Feb 18 17:04:37 GMT 2005
[ The following text is in the "ISO-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
Both problems fixed. Patch for latest Message.pm attached.
Aren't I nice to you lot :-)
Off to the bar shortly, well-earned drink needed.
John Wilcock wrote:
> Julian Field wrote:
>
>> Okay, a simple trap for this one would be that the real URL must contain
>> at least one "." character. How about that?
>
>
> What about octal IP-based hostnames?
>
> What about an intranet case, where a hostname only, with no domain part,
> could be perfectly valid? Then again this wouldn't be phishing fodder.
>
> To be sure though, how about requiring either a "." or a "/"?
>
> Apart from that, what about relative URLs used with a <BASE HREF=...>
> tag? Does your phishing net currently trap these anyway? If not, perhaps
> it should.
>
> John.
>
> --
> -- Over 2500 webcams from ski resorts around the world - www.snoweye.com
> -- Translate your technical documents and web pages - www.tradoc.fr
>
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
> Support MailScanner development - buy the book off the website!
>
--
Julian Field
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
[ Part 2, Application/X-GZIP 1KB. ]
[ Unable to print this part. ]
More information about the MailScanner
mailing list