MailScanner Website

Randal, Phil phil.randal at
Tue Aug 26 08:59:30 IST 2014

Short URLs are probably best handled by SpamAssassin plugins like Steve Freegard's DecodeShortURLs:



From: mailscanner-bounces at [mailto:mailscanner-bounces at] On Behalf Of Jerry Benton
Sent: 24 August 2014 14:31
To: MailScanner discussion
Subject: Re: MailScanner Website


You have presented what you see as a problem, yet have not presented a solution. If you have a better way to do it, write it and send it to me or this list and I will be happy to implement it. If you think it is overkill to blacklist an entire domain, again, provide an alternate solution and if it makes sense and is sustainable I will be happy to implement it.

The current build uses domains instead of URLs because the list from the current source at<>, which uses URLs, was somewhere around 30,000 items the last time I checked. That is way too big for a config file. Therefore, the current build script scrubs those and gets it under 1,000 items. This is done by evaluating all of the URLs and pulling the domains from them. This is not like blacklisting a /16 CIDR. There is (should be) a hell of a lot more control of what content gets posted on a domain's website. If there is malicious content anywhere on a website, the whole thing should be blacklisted until they fix it. This isn't mystifying. Google does the same thing with its search results.

Requirements for a new solution:

- A source for the bad sites.<> is currently used. It is actively maintained. If you know of a better resource, feel free to let me know.
- A new cron to replace the current version. I am aware it is very basic and needs to be updated. What we need is either a cron that will read a custom section of phishing.bad.sites.conf or we can add an additional file called something like phishing.bad.sites.custom.conf that can be read and merged with phishing.bad.sites.conf during the build.
- The same thing for
- A source for the safe sites if you think the current source is a bad one.
- The same cron logic as stated above for the bad sites.

So what would be the most helpful thing at the moment would be a cron that addresses the above issue regarding custom entries. It would need to evaluate your "safe" entries and remove it from the dynamic "bad" entries if present. It would then need to append the custom "safe" entries to

Jerry Benton<>

On Aug 24, 2014, at 12:07 AM, Nick Edwards <nick.z.edwards at<mailto:nick.z.edwards at>> wrote:

Would it not be better to first fix the

I find it a bit ridiculous that you list URI shortners, like and
others (yet strangely not
its for that reason we dont and wont as an ISP, use your list. other
mailscanner users in my group were also mystified why, and wont use it

It's kind of like the old spews, list a /16 because of one or two
spammers, complete overkill

just sayin...

On 8/12/14, Jerry Benton <jerry.benton at<mailto:jerry.benton at>> wrote:


I would like to have content dynamically updated at some point. An example
would be an optional Phishing updates, ScamNailer updates (after we fix it),
etc. Also, versioning for content, a better wiki with better authoring
control, etc. The debate has already gone back and forth over this mailing
list regarding static vs CMS, so we don't need to rehash the same debate.

Jerry Benton<>

On Aug 11, 2014, at 11:55 AM, Richard Siddall <richard.siddall at<mailto:richard.siddall at>>

Hristo Benev wrote:


    Based on navbar-fixed-top

I've created this

Is CMS really needed? How many pages are changed and how frequently?
AFAIK most of the changes are in the wiki.

Development and version control could be done via GIT (or other VCS).

"Build A Blog With Jekyll And GitHub Pages"

Might suit a developer better than installing WordPress and a
Bootstrap-based theme.

Do you have any comments?



MailScanner mailing list
mailscanner at<mailto:mailscanner at>

Before posting, read

Support MailScanner development - buy the book off the website!

MailScanner mailing list
mailscanner at<mailto:mailscanner at>

Before posting, read

Support MailScanner development - buy the book off the website!

Hoople Ltd, Registered in England and Wales No. 7556595
Registered office: Plough Lane, Hereford, HR4 0LE

"Any opinion expressed in this e-mail or any attached files are those of the individual and not necessarily those of Hoople Ltd. You should be aware that Hoople Ltd. monitors its email service. This e-mail and any attached files are confidential and intended solely for the use of the addressee. This communication may contain material protected by law from being passed on. If you are not the intended recipient and have received this e-mail in error, you are advised that any use, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. If you have received this e-mail in error please contact the sender immediately and destroy all copies of it."
-------------- next part --------------
An HTML attachment was scrubbed...

More information about the MailScanner mailing list