Feature Request: Phishing

Wietse Muizelaar wietse at BOUDISQUE.NL
Tue Jan 18 18:48:57 GMT 2005


    [ The following text is in the "iso-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

*grin*

I would like to test, can't wait for the beta :)

Regards,
Wietse

On Tuesday, January 18, 2005 6:49 PM [GMT+1=CET],
Julian Field <MailScanner at ECS.SOTON.AC.UK> wrote:

> Don't all rush at once now.... :-)
>
> Julian Field wrote:
>
>> How about this? Anyone want to test it for me please? I'll put out a
>> new beta if you want it.
>>
>> There is now a new configuration option:
>>
>> # There are some companies, such as banks, that insist on sending out
>> # email messages with links in them that are caught by the "Find
>> Phishing # Fraud" test described above.
>> # This is the name of a file which contains a list of link
>> destinations # which should be ignored in the test. This may, for
>> example, contain # the known websites of some banks.
>> # See the file itself for more information.
>> # This can only be the name of the file containing the list, it
>> *cannot* # be the filename of a ruleset.
>> Phishing Safe Sites File = %etc-dir%/phishing.safe.sites.conf
>>
>> The contents of the example file is this:
>>
>> #
>> # This file contains the list of all the sites which can be safely
>> # ignored in the "phishing fraud" checks.
>> # The entries here are 1 per line, and are the full hostnames of
>> # the *real* destinations of links which would be caught by the
>> checks. # So if you had HTML that looked like this:
>> #
>> #     Please tell us at <a href="http://email.bank.com/">Bank.com</a>
>> #
>> # then you should add
>> #     email.bank.com
>> # to this file.
>> #
>> # Note: Do not add any form of wildcard, regular expression or
>> anything #       other than a fully qualified hostname to this file.
>> It won't work.
>>
>> www.example.com

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!




More information about the MailScanner mailing list