phishing.bad.sites.conf v ScamNailer

Robert Lopez rlopezcnm at gmail.com
Fri Dec 18 23:57:20 GMT 2009 

On Fri, Dec 18, 2009 at 10:54 AM, Kai Schaetzl <maillists at conactive.com> wrote:
> Mark Sapiro wrote on Fri, 18 Dec 2009 08:36:26 -0800:
>
>> /usr/sbin/update_phishing_sites
>
> we need /usr/sbin/update_bad_phishing_sites. Unfortunately,
> it contains a bad CVS id (the same as the update_phishing_sites script).
> What happens if you run it?
>
> Today I get a slightly different output:
> /usr/sbin/update_bad_phishing_sites
> Reading status from
> /var/spool/MailScanner/quarantine/phishingupdate/status
> Checking that /var/spool/MailScanner/quarantine/phishingupdate/cache/2009
> -504 exists... no - reseting..... ok
> Checking that /var/spool/MailScanner/quarantine/phishingupdate/cache/-1.0
> exists... ok
> I am working with: Current: 2009-505 - 1 and Status: -1 - 0
> This is base update
> Unable to retrieve http://www.mailscanner.tv/.2009-505 :500 Can't connect
> to www.mailscanner.tv:80 (connect: timeout)
> Update required
> Retrieving http://www.mailscanner.tv/2009-505.1
> Failed to retrieve http://www.mailscanner.tv/2009-505.1 at
> /usr/sbin/update_bad_phishing_sites line 198.
> Unable to open base file
> (/var/spool/MailScanner/quarantine/phishingupdate/cache//2009-505)
>
> Looks like the update mechanism is still legit, but I'm getting blocked?
> This script was running hourly as per MS default setup. Now it's not
> running at all.
> Jules, are you listening? Should this work or not?
>
> Kai
>
> --
> Kai Schätzl, Berlin, Germany
> Get your web at Conactive Internet Services: http://www.conactive.com
>
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>

I have /usr/sbin/update_phishing_sites which updates the save sites only.
It is the exact same file posted by Mark Sapiro.
I did just run it and I did get a newer file than the one I had before.

I do not have /usr/sbin/update_bad_phishing_sites
Locate (updatedb) does not find update_bad_phishing_sites any place.

According to my notes, I took out the cron job to run
update_phishing_sites when I installed the jkf.anti-spear-phishing
stuff.
That now appears to be a mistake. I have to now put that back in.

-- 
Robert Lopez
Unix Systems Administrator
Central New Mexico Community College (CNM)
525 Buena Vista SE
Albuquerque, New Mexico 87106

More information about the MailScanner mailing list