Google sites still in phishing.bad.sites.conf?
pas at unh.edu
Thu Oct 29 15:53:24 UTC 2015
* Jerry Benton <jerry.benton at mailborder.com> [2015-10-29 11:34]:
> add Google to your custom phishing safe sites
That is not working for me, Jerry. As I said:
> > The phishing.safe.sites.conf file contains (redundantly?):
> > www.google.com
> > docs.google.com
> > *.google.com
> > But apparently "bad" overrules "safe": I'm still seeing "Found definite
> > phishing fraud" messages on innocuous links in incoming mail.
> > Adding lines to phishing.safe.sites.custom is also (apparently) not
> > saving the day.
As near as I can tell the "Definite Fraud" check in MailScanner/Message.pm
(around line 7240) does not check the "safe" list. (I could be missing
something, doing something wrong, etc.)
What I have done is add a 'grep -v' to /usr/sbin/update_bad_phishing_sites:
cat phishing.bad.sites.custom phishing.bad.sites.conf.master | \
grep -v .google.com$ | \
uniq > phishing.bad.sites.conf.new
But I shouldn't have had to do that.
-- Paul A Sand <pas at unh.edu>
-- Information Technology / University of New Hampshire
-- Too big to fail.
More information about the MailScanner