Google sites still in phishing.bad.sites.conf?
Jerry Benton
jerry.benton at mailborder.com
Thu Oct 29 16:13:18 UTC 2015
when I get a chance I will hard code the generator to leave Google off
-
Jerry Benton
www.mailborder.com
Sent from my iPhone
> On Oct 29, 2015, at 11:53, Paul Sand <pas at unh.edu> wrote:
>
> * Jerry Benton <jerry.benton at mailborder.com> [2015-10-29 11:34]:
>> add Google to your custom phishing safe sites
>
> That is not working for me, Jerry. As I said:
>
>>> The phishing.safe.sites.conf file contains (redundantly?):
>>>
>>> www.google.com
>>> docs.google.com
>>> *.google.com
>>>
>>> But apparently "bad" overrules "safe": I'm still seeing "Found definite
>>> phishing fraud" messages on innocuous links in incoming mail.
>>>
>>> Adding lines to phishing.safe.sites.custom is also (apparently) not
>>> saving the day.
>
> As near as I can tell the "Definite Fraud" check in MailScanner/Message.pm
> (around line 7240) does not check the "safe" list. (I could be missing
> something, doing something wrong, etc.)
>
>
> What I have done is add a 'grep -v' to /usr/sbin/update_bad_phishing_sites:
>
> cat phishing.bad.sites.custom phishing.bad.sites.conf.master | \
> grep -v .google.com$ | \
> uniq > phishing.bad.sites.conf.new
>
> But I shouldn't have had to do that.
>
> --
> -- Paul A Sand <pas at unh.edu>
> -- Information Technology / University of New Hampshire
> -- http://pubpages.unh.edu/~pas
> -- Too big to fail.
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/listinfo/mailscanner
>
More information about the MailScanner
mailing list