Phishing & MailScanner has detected a possible fraud attempt
from ...
Scott Silva
ssilva at sgvwater.com
Fri Oct 13 18:44:04 IST 2006
MJ Thomas spake the following on 10/13/2006 8:39 AM:
> Hi,
>
> I have reviewed the MailScanner documentation and some of the support
> lists, but I can't find an answer to my question.
>
> I am deploying an enewsletter for our client using 3rd party email
> deployment software. In order to track links, the email deployment
> software wraps the original HTTP links within a different URL. For example:
>
> <a href="http://dcm5.com/t?ctl=7445D:9D6302
> <BLOCKED::http://dcm5.com/t?ctl=7445D:9D6302>"
> target=_blank>www.thinkmcmillan.com</a>
>
> For links like www.thinkmcmillan.com
> <BLOCKED::http://www.thinkmcmillan.com>, the following message is
> displayed when the email is deployed to those email addresses who use
> MailScanner: *MailScanner has detected a possible fraud attempt from
> "dcm5.com" claiming to be* www.thinkmcmillan.com
> <BLOCKED::http://www.thinkmcmillan.com>.
>
> Does MailScanner have a recommendation on how to handle legitimate
> wrappers that are used for tracking purposes? Is there some way of
> associating dcm5.com and bridgewatersystems.com so MailScanner does not
> flag this link as a possible fraud attempt?
>
> Thanks,
>
But that is exactly what the fraud detectors are supposed to do. It detects
when the displayed url is different then the actual url. You would have to get
the two url's (www.thinkmcmillan.com and dcm5.com) to match better, or
convince Julian that it is legitimate so he can add it to his list of OK sites.
--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!
More information about the MailScanner
mailing list