Definite Fraud?
Hugo van der Kooij
hvdkooij at vanderkooij.org
Fri Feb 8 05:48:21 GMT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mark Nienberg wrote:
| Jay Chandler wrote:
|> I'm sure this has been rehashed before, but...
|>
|> *MailScanner has detected definite fraud in the website at
|> "tinyurl.com". Do /not/ trust this website:* http://tinyurl.com/blah
|> <http://tinyurl.com/2b5l4w>
|>
|> Obviously it's detecting the 301 redirect, but that doesn't
|> necessarily bespeak fraud. There are a lot of non-fraudulent things
|> that it could be, ranging from shock pictures to Rick Rolls to
|> inredibly long URLs.
|>
|> Has anyone discussed changing the wording here?
|
| The wording is correct. This is the message that is displayed when a
| url is found in the list /etc/MailScanner/phishing.bad.sites.conf.
|
| These are known phishing sites. This is different from the case where a
| link target and text do not match, which is described as a "possible"
| fraud.
|
| That said, it is a little strange that tinyurl.com is listed in
| phishing.bad.sites.conf, but it is.
These things can point everywhere. So they should be approached with
caution. But the classification should be greyish instead of pitch black.
Hugo.
- --
hvdkooij at vanderkooij.org http://hugo.vanderkooij.org/
PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc
A: Yes.
>Q: Are you sure?
>>A: Because it reverses the logical flow of conversation.
>>>Q: Why is top posting frowned upon?
Bored? Click on http://spamornot.org/ and rate those images.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
iD8DBQFHq+0jBvzDRVjxmYERAuuKAJ4rgwhzlyLtZDUMGkUB/BFTgN3oJQCeMJA8
uLEE8e3BbPi68iE0feIKp98=
=2nOb
-----END PGP SIGNATURE-----
More information about the MailScanner
mailing list