Beta 4.52.1 released
ka at pacific.net
Mon Mar 27 18:00:09 IST 2006
Julian Field wrote:
> I think the answer is "nothing but log it", but test it out and let me
Looks like there may be a parsing problem in the phishing code.
MailScanner logs this:
Found phishing fraud from www.bizrate.com claiming to be
Here's the html in the email that triggered this:
<A href="http://www.bizrate.com/mkt.xpml?eml_id=134000" style="color:
#000000;text-decoration:none;">For a limited time, get up to 30% off on
all Dwell Bedding and Pillows at Wrapables.com. Pay only $5 to ship
everything! Click now and save!</a>
> Ken A wrote:
>> That sounds like a nice improvement. I had turned off the phishing
>> code due to false positives with it, but will give it a shot with "Use
>> Stricter Phishing Net = no".
>> If I have Phishing Modify Subject = no, and Highlight Phishing Fraud =
>> no, what does MailScanner do when it finds a phishing attempt? I'm
>> hoping the answer is "nothing but log it", so that I can use this
>> configuration for testing.
>> Ken A
>> Julian Field wrote:
>>> I have just released a new beta version 4.52.1.
>>> There is 1 new feature in this release, but it will be important to
>>> some of you, so please read on. It affects the phishing net, and may
>>> give you pretty good protection against phishing scams, while having
>>> a much lower false alarm rate than the full phishing net code that
>>> has been there so far.
>>> You can now set "Use Stricter Phishing Net = no" which will make the
>>> phishing net just check the name of the company owning the website,
>>> with any country code of course. There is a configuration file
>>> a list of all the 2nd and 3rd level domain names in use by all
>>> it lists domain endings such as "org.uk" which are used by a country to
>>> describe a whole type of websites within their country. So if the
>>> is "www.hello.company.com" it knows to check just company.com, whereas
>>> given "www.byebye.charity.org.uk" it will check charity.org.uk.
>>> The configuration file "Country Sub-Domains List" lists all the entries
>>> required for this to work in any country, 1 per line. You shouldn't
>>> to touch this file.
>>> I hope you find this new feature useful, and it may enable some of
>>> you (particularly large ISPs) to provide your customers and users
>>> with a high level of protection against phishing scams.
>>> Let me know how you get on.
More information about the MailScanner