www.google.com in phishing.bad.sites.conf?

Paul Sand pas at unh.edu
Thu Sep 3 17:54:42 UTC 2015

* Jerry Benton <jerry.benton at mailborder.com> [2015-09-03 13:17]:
> Are you using the updater from here?
> http://phishing.mailborder.com/update_phishing_sites

Not quite, but close. The version I have uses the --compressed option to
curl on line 53-4; that's the only significant change.

[Similar difference on update_bad_phishing_sites]

> Add www.google.com to the phishing.safe.sites.custom in /etc/MailScanner
> after running this script once. 

Done, thanks.

(I see "*.google.com" in phishing.safe.sites.conf, but that doesn't
seem to override the explicit www.google.com in phishing.bad.sites.conf.
Is it supposed to?)

> I will look into why it is making the list. It should not be. (Even though
> a ton of malware is being hosted on Google Docs.) 

Our user was innocently trying to send a link to directions
on Google Maps. She was pretty sure she was doing something wrong; so was I,
before I tried it myself.

-- Paul A Sand <pas at unh.edu>
-- Information Technology / University of New Hampshire
-- http://pubpages.unh.edu/~pas
-- Some restrictions apply.

More information about the MailScanner mailing list