problem with phishing fraud

Julian Field MailScanner at ecs.soton.ac.uk
Sat May 20 17:47:35 IST 2006


padma at eis.iisc.ernet.in wrote:
>
>
> I have installed MailScanner-4.52  on a FC2 with f-prot. Mailscanner 
> seems to detect a genuine URL as phishing Fraud. In this case though 
> both scitation.aip.org and ecsdl.org resolve to the same IP address 
> but donot have a CNAME to each other. Any way to prevent this happen 
> again ?
Yes, very easily. You need 4.54. You can then put in the numerical IP 
address of their outgoing mail server into phishing.safe.sites.conf and 
it will whitelist all domains coming from that IP address. I added this 
in to 4.53 at the request of a commercial email marketing company (but 
not a true "spammer"). But 4.53 has other issues so I recommend you use 
the latest 4.54 release which works rather better.

And don't worry about the nightly update to your 
phishing.safe.sites.conf file. All local changes and additions to it 
will be kept through the update.

If you want to know how, it does this:
    cat phishing.safe.sites.conf.master phishing.safe.sites.conf | \
    sort | uniq > phishing.safe.sites.conf.new
which will safely keep all new extra lines added into the file.

-- 
Julian Field
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.



More information about the MailScanner mailing list