Phishing Filter Question
Denis Beauchemin
Denis.Beauchemin at USherbrooke.ca
Mon Mar 19 14:46:29 CET 2007
am.lists a écrit :
> I'm currently fighting some usability issues surrounding the phishing
> filter.
>
> The perfect example to share is Google Alert emails. Every link is
> flagged due to the way that the email is crafted. (sample screenshot:
> http://tinyurl.com/27yx68 )
>
> In reading the phishing filter file, I understand how it works, but
> the way Google Alerts works, in particular, and combined with phishihg
> sites being updated daily, this seems to be quite a problem. How can I
> be more forgiving without losing the functionality? If I turn off
> highlighting, how can users still know that there is suspicious (but
> maybe harmless) content?
>
> I don't want to lose the functionality and security that this
> provides, but I don't want to alienate my users by continually
> alerting them to things that are actually harmless.
>
> My settings are:
>
> Find Phishing Fraud = yes
> Also Find Numeric Phishing = yes
> Use Stricter Phishing Net = yes
> Highlight Phishing Fraud = yes
> Phishing Safe Sites File = %etc-dir%/phishing.safe.sites.conf
>
> This is MailScanner 4.58.9
>
>
> Best,
>
> Angelo
Angelo,
Why don't you use a ruleset for "Find Phishing Fraud" with the value
"false" for "googlealerts-noreply at google.com" (assuming this is the
envelope sender) and true as default?
Denis
--
_
°v° Denis Beauchemin, analyste
/(_)\ Université de Sherbrooke, S.T.I.
^ ^ T: 819.821.8000x62252 F: 819.821.8045
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3595 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20070319/68564407/smime.bin
More information about the MailScanner
mailing list