phishing net suggestion
Mark Nienberg
mark at TIPPINGMAR.COM
Tue Feb 22 19:23:08 GMT 2005
[ The following text is in the "ISO-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
Hmm. Maybe. I'm currently running 4.37.7. Are there more options in
the latest version or should I just play with the two settings in
"languages.conf" (PossibleFraudStart and PossibleFraudEnd)?
Julian Field wrote:
> Good idea. How much of this can actually be achieved by customising the
> currently available options and text strings (languages.conf) ?
>
> Mark Nienberg wrote:
>
>> Is there any chance an option could be added to the phishing net feature
>> so when MailScanner dectects something like this:
>>
>> <a href="http://www.phishing.link">http://www.display.link</a>
>>
>> it replaces it with somethng like this:
>>
>> <a
>> href="http://www.mydomain.com/warning.php?link=www.phishing.link&display=www.display.link">http://www.display.link</a>
>>
>>
>>
>> Then, if the user clicks on the link, he or she will be taken to a
>> dynamically generated (php or a perl cgi) page on our own website that
>> will explain the potential phishing attack, show the link as it
>> displays, and show the actual link. It could include a working link to
>> the actual link in case the user really wants to go there (or in case of
>> false positive). Help desk info, etc could also be included.
>>
>> It has the advantage that false positives are not even noticeable unless
>> the user clicks on the link. It allows a much better explanation of
>> what the possible problem is. It could include links to general
>> information on the internet regarding phishing, etc.
>>
>> I suppose someone who runs a high volume website could even have a
>> generic page for other mailscaner admins to use if they don't have their
>> own webserver set up.
>>
--
Mark Nienberg, SE
Tipping Mar + associates
1906 Shattuck Ave
Berkeley, CA 94704
http://www.tippingmar.com
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list