Definite Fraud?

Hugo van der Kooij hvdkooij at vanderkooij.org
Fri Feb 8 05:48:21 GMT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mark Nienberg wrote:
| Jay Chandler wrote:
|> I'm sure this has been rehashed before, but...
|>
|> *MailScanner has detected definite fraud in the website at
|> "tinyurl.com". Do /not/ trust this website:* http://tinyurl.com/blah
|> <http://tinyurl.com/2b5l4w>
|>
|> Obviously it's detecting the 301 redirect, but that doesn't
|> necessarily bespeak fraud.  There are a lot of non-fraudulent things
|> that it could be, ranging from shock pictures to Rick Rolls to
|> inredibly long URLs.
|>
|> Has anyone discussed changing the wording here?
|
| The wording is correct.  This is the message that is displayed when a
| url is found in the list /etc/MailScanner/phishing.bad.sites.conf.
|
| These are known phishing sites.  This is different from the case where a
| link target and text do not match, which is described as a "possible"
| fraud.
|
| That said, it is a little strange that tinyurl.com is listed in
| phishing.bad.sites.conf, but it is.

These things can point everywhere. So they should be approached with
caution. But the classification should be greyish instead of pitch black.

Hugo.

- --
hvdkooij at vanderkooij.org               http://hugo.vanderkooij.org/
PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc

	A: Yes.
	>Q: Are you sure?
	>>A: Because it reverses the logical flow of conversation.
	>>>Q: Why is top posting frowned upon?

Bored? Click on http://spamornot.org/ and rate those images.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHq+0jBvzDRVjxmYERAuuKAJ4rgwhzlyLtZDUMGkUB/BFTgN3oJQCeMJA8
uLEE8e3BbPi68iE0feIKp98=
=2nOb
-----END PGP SIGNATURE-----


More information about the MailScanner mailing list