in phishing.bad.sites.conf?

Paul A Sand pas at
Tue May 31 19:44:44 UTC 2016

* Peter Farrow <peter at> [2016-05-31 15:21]:
> Also, make no mistake here, it is not an "alleged phish", it was a real phish.
> I would deem this company by its inaction to be a risk, and therefore warrants
> the listing.

We can agree to disagree on that. Erring on the side of caution is
understandable. The trade-off is recipients getting that "definite fraud"
hit-the-panic-button MailScanner notice on messages that aren't fraud
at all. I don't think that's accurately communicating "risk".

And, perhaps you're seeing something I'm not:

> > >

Following the links therein, all I can find is a notice that the survey
(allegedly from eBay) has expired, which doesn't seem to be suspicious
by itself.  Maybe it was obvious phishing back in December, but I don't
know that. (The phishtank "vote" on whether it was phishing or not
was only 78%-22% positive, not exactly a slam dunk.)

-- Paul A Sand <pas at>
-- Information Technology / University of New Hampshire
-- Made from 100% recycled electrons.

More information about the MailScanner mailing list