Fraud and Phishing detection

Julian Field mailscanner at
Wed Aug 16 20:59:02 IST 2006

Hash: SHA1

DAve wrote:
> Michele Neylon:: wrote:
>> DAve wrote:
>>> I have looked through the wiki and the website. I found
>>> but nothing more.
>>> Can anyone tell the rules/logic used for detecting Fraud and Phishing
>>> attempts in a message? Or is this a read the source moment?
>>> Thanks,
>>> DAve
>> If you enable it and watch what it does to a phishing email it'll make
>> more sense :)
> I did, and I have. But I only get to see the page *after* MS has 
> disabled it.
> I have clients asking "Why?". They are not complaining, just asking how 
> it works, they are glad we are disabling suspected fraud. I would like 
> to say what the system is looking for and provide a valid example in 
> before and after states.
> The bottom line, it works, and works well. But I don't want to sound 
> stooopid because I can't explain how it works with confidence.

I have just updated to contain a pretty accurate 
description of the latest version of the net, along with an explanation 
of how the "less strict" version of the net works.

I strongly recommend you take a look at it.

- -- 
Julian Field
Buy the MailScanner book at

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
For all your IT requirements visit

Version: PGP SDK 3.7.0
Charset: ISO-8859-1


This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
For all your IT requirements visit

More information about the MailScanner mailing list