phishing detection not working?
Patel, Anjana
Anjana.Patel at Cranfield.ac.uk
Tue Jan 24 11:53:07 GMT 2006
Hello,
I'm having problems getting the phishing detection to work. I've
noticed from the mailing list archives that a couple of other people
also had the same problem but I didn't see a resolution.
I've upgraded Mailscanner to the latest stable (4.49.7) but after
several tests it appears that the phishing detection is still not
working. It had also failed to work in version 4.47.4.
The maillog shows that the phishing whitelist is being read:
"Read 701 hostnames from the phishing whitelist"
Here are the relevant paramaters:
Dangerous Content Scanning = yes
Find Phishing Fraud = yes
Also Find Numeric Phishing = yes
Highlight Phishing Fraud = yes
Phishing Safe Sites File = %etc-dir%/phishing.safe.sites.conf
Phishing Modify Subject = yes
Phishing Subject Text = {FRAUD?}
./MailScanner --version
Running on
Linux mailgate-1 2.6.9-11.ELsmp #1 SMP Fri May 20 18:26:27 EDT 2005 i686
i686 i386 GNU/Linux
This is Red Hat Enterprise Linux AS release 4 (Nahant Update 2)
This is Perl version 5.008005 (5.8.5)
This is MailScanner version 4.49.7
Module versions are:
1.00 AnyDBM_File
1.16 Archive::Zip
1.03 Carp
1.119 Convert::BinHex
1.00 DirHandle
1.05 Fcntl
2.73 File::Basename
2.08 File::Copy
2.01 FileHandle
1.06 File::Path
0.16 File::Temp
1.32 HTML::Entities
3.48 HTML::Parser
2.35 HTML::TokeParser
1.21 IO
1.10 IO::File
1.123 IO::Pipe
1.71 Mail::Header
3.07 MIME::Base64
5.419 MIME::Decoder
5.419 MIME::Decoder::UU
5.419 MIME::Head
5.419 MIME::Parser
3.07 MIME::QuotedPrint
5.419 MIME::Tools
0.11 Net::CIDR
1.08 POSIX
1.77 Socket
0.08 Sys::Syslog
1.02 Time::localtime
Optional module versions are:
0.17 Convert::TNEF
1.809 DB_File
1.08 Digest
1.01 Digest::HMAC
2.33 Digest::MD5
2.07 Digest::SHA1
0.44 Inline
0.17 Mail::ClamAV
3.001000 Mail::SpamAssassin
missing Mail::SPF::Query
missing Net::CIDR::Lite
0.55 Net::DNS
0.31 Net::LDAP
1.94 Parse::RecDescent
missing SAVI
missing Sys::Hostname::Long
2.42 Test::Harness
0.47 Test::Simple
1.95 Text::Balanced
1.30 URI
I don't think the settings for these are relevant but I have included
them as extra information
Allow IFrame Tags = yes
Allow Form Tags = yes
Allow Script Tags = yes
Allow WebBugs = yes
Allow Object Codebase Tags = yes
Convert Dangerous HTML To Text = no
Any advice would be appreciated.
Thanks
Anjana
More information about the MailScanner
mailing list