Google sites still in phishing.bad.sites.conf?

Jerry Benton jerry.benton at mailborder.com
Fri Oct 30 00:27:25 UTC 2015 

Ummm … I was checking this out. Here is the results:

cat phishing.bad.sites.conf|grep -i google.com

gmail-google.com.mx
79.docs.google.com
accounts.google.com.katabasis.ca
drive.google.com
accounts.google.com.gmailreverificationonline89754serversecured.stephanielassalle.com
verify.google.com.drive.viewdocument.buyers-exporters.com
www.google.com-document-view.alibabatradegroup.com
drive-google-com.grc.com.my
drive-google-com.fanalav.com
drive-google-com.aceclb.com
www.google.com-update.session8738974983749734879ad9awd0dasd34wdawdaad.cafeask.com
doc.google.com.xtraview.esjfsdjfedjfsdjfn.sjdfnjsf832943848sdsbdhfuyebfcn.sian83492921hdsdnfvc9339221.dogwalkingpoulton.co.uk



www.google.com is not in there. 

?

-
Jerry Benton
www.mailborder.com



> On Oct 29, 2015, at 12:13 PM, Jerry Benton <jerry.benton at mailborder.com> wrote:
> 
> when I get a chance I will hard code the generator to leave Google off
> 
> -
> Jerry Benton
> www.mailborder.com
> Sent from my iPhone
> 
>> On Oct 29, 2015, at 11:53, Paul Sand <pas at unh.edu> wrote:
>> 
>> * Jerry Benton <jerry.benton at mailborder.com> [2015-10-29 11:34]:
>>> add Google to your custom phishing safe sites
>> 
>> That is not working for me, Jerry. As I said:
>> 
>>>> The phishing.safe.sites.conf file contains (redundantly?):
>>>> 
>>>>  www.google.com
>>>>  docs.google.com
>>>>  *.google.com
>>>> 
>>>> But apparently "bad" overrules "safe": I'm still seeing "Found definite
>>>> phishing fraud" messages on innocuous links in incoming mail.
>>>> 
>>>> Adding lines to phishing.safe.sites.custom is also (apparently) not 
>>>> saving the day.
>> 
>> As near as I can tell the "Definite Fraud" check in MailScanner/Message.pm
>> (around line 7240) does not check the "safe" list. (I could be missing
>> something, doing something wrong, etc.)
>> 
>> 
>> What I have done is add a 'grep -v' to /usr/sbin/update_bad_phishing_sites:
>> 
>>   cat phishing.bad.sites.custom phishing.bad.sites.conf.master | \
>>   grep -v .google.com$ | \
>>   uniq > phishing.bad.sites.conf.new
>> 
>> But I shouldn't have had to do that.
>> 
>> -- 
>> -- Paul A Sand <pas at unh.edu>
>> -- Information Technology / University of New Hampshire
>> -- http://pubpages.unh.edu/~pas
>> -- Too big to fail.
>> 
>> 
>> -- 
>> MailScanner mailing list
>> mailscanner at lists.mailscanner.info
>> http://lists.mailscanner.info/listinfo/mailscanner
>>

More information about the MailScanner mailing list