phishing.bad.sites.conf v ScamNailer
mark at msapiro.net
Fri Dec 18 16:36:26 GMT 2009
Kai Schaetzl wrote:
> Mark Sapiro wrote on Thu, 17 Dec 2009 09:50:41 -0800:
>> I don't get it. When I installed the 4.79.4 rpm, it installed a
>> /etc/MailScanner/phishing.bad.sites.conf.rpmnew and
>> update_phishing_sites runs regularly and gets an aproximately 290K
>> What's the problem?
> Hm, thanks for *this* info!
> I have an older version (June) and Robert may have as well.
> I suppose something must have changed since then (e.g. retrieval of the
> hostnames like the scamnailer paackage does it?).
> I get this output from running the script:
> Reading status from
> Checking that /var/spool/MailScanner/quarantine/phishingupdate/cache/2009
> -503 exists... no - reseting..... ok
> Checking that /var/spool/MailScanner/quarantine/phishingupdate/cache/-1.0
> exists... ok
> I am working with: Current: 2009-504 - 0 and Status: -1 - 0
> This is base update
> Unable to retrieve http://www.mailscanner.tv/.2009-504 :500 Can't connect
> to www.mailscanner.tv:80 (connect: timeout)
> Update required
> Updating live file /etc/MailScanner/phishing.bad.sites.conf
> cp: cannot stat
> `/var/spool/MailScanner/quarantine/phishingupdate/cache//2009-504': No
> such file or directory
> and this leaves one without a phishing.bad.sites.conf as this has been
> moved to phishing.bad.sites.conf.old which will get eventually overwritten
> with an empty file on the next run.
Now I'm really confused. That looks like output from a ScamNailer type
script, yet my, presumably current, /usr/sbin/update_phishing_sites
script doesn't do anything like that (and it's ID is $Id:
update_phishing_sites 3982 2007-06-26 09:00:39Z sysjkf $ indicating it
hasn't changed in years). It is attached as update_phishing_sites.txt
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
-------------- next part --------------
# MailScanner - SMTP E-Mail Virus Scanner
# Copyright (C) 2002 Julian Field
# $Id: update_phishing_sites 3982 2007-06-26 09:00:39Z sysjkf $
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
# The author, Julian Field, can be contacted by email at
# Jules at JulianField.net
# or by paper mail at
# Julian Field
# Dept of Electronics & Computer Science
# University of Southampton
# SO17 1BJ
# United Kingdom
if [ -d /etc/MailScanner ]; then
logger -p mail.warn -t update.phishing.sites Cannot find MailScanner configuration directory, update failed.
echo Cannot find MailScanner configuration directory.
echo Auto-updates of phishing.safe.sites.conf will not happen.
wget http://www.mailscanner.info/phishing.safe.sites.conf.master || \
curl -O http://www.mailscanner.info/phishing.safe.sites.conf.master || \
( logger -p mail.warn -t update.phishing.sites Cannot find wget or curl, update failed. ; echo Cannot find wget or curl to do phishing sites update. ; exit 1 )
if [ -s phishing.safe.sites.conf.master ]; then
cat phishing.safe.sites.conf.master phishing.safe.sites.conf | \
sort | uniq > phishing.safe.sites.conf.new
cp -f phishing.safe.sites.conf phishing.safe.sites.conf.old
mv -f phishing.safe.sites.conf.new phishing.safe.sites.conf
chmod a+r phishing.safe.sites.conf
logger -p mail.info -t update.phishing.sites Phishing safe sites list updated
logger -p mail.info -t update.phishing.sites Phishing safe sites list update failed!
rm -f phishing.safe.sites.conf.master
More information about the MailScanner