MailScanner has detected definite fraud in the website at "youtu.be"

jerry.benton at mailborder.com jerry.benton at mailborder.com
Mon Jan 21 23:20:44 UTC 2019


I just answered that. Every domain in the list is a legitimate domain, and a
lot of them are used for abuse. That is why they show up on the list. 

The list is automated. I wrote a script that updates it every 4 hours. If
you know someone that is willing to put a sanity check on the list every 4
hours by reviewing all ~16,000 entries, I am game to give them the access. 


--
Jerry Benton
www.mailborder.com
+1   (843) 800-8605
+44 (020) 3883-8605


-----Original Message-----
From: MailScanner
<mailscanner-bounces+jerry.benton=mailborder.com at lists.mailscanner.info> On
Behalf Of Nerijus Baliunas
Sent: Monday, January 21, 2019 18:15
To: MailScanner Discussion <mailscanner at lists.mailscanner.info>
Subject: Re: MailScanner has detected definite fraud in the website at
"youtu.be"

Why is it in phishing.bad.sites.conf? It's a legitimate youtube domain.

On Mon, 21 Jan 2019 18:00:19 -0500 Shawn Iverson via MailScanner
<mailscanner at lists.mailscanner.info> wrote:

> "youtu.be" is in the phishing.bad.sites.conf, which is what is firing off
> that alert.
> 
> You can add "youtu.be" to phishing.safe.sites.custom to whitelist it and
> then execute ms-update-phishing to pull it in to the new config.
> 
> On Mon, Jan 21, 2019 at 5:54 PM Nerijus Baliunas <
> nerijus at users.sourceforge.net> wrote:
> 
> > It's not my messages marked such, I cannot ask other people to always
> > send non-shortened version of the URL. Is it possible to whitelist a
domain
> > (youtu.be for example)?
> >
> > On Mon, 21 Jan 2019 22:39:34 +0000 Peter Farrow
<peter.farrow at togethia.net>
> > wrote:
> >
> > > Use the non-shortened version of the URL
> > > such as  https://www.youtube.com/watch?v=LmlBbbcWElA
> > > Then it works fine,
> > > P
> > > On 21/01/2019 22:36, Nerijus Baliunas wrote:
> > >
> > > I have 2 messages where From: addresses are detected as possibe fraud
> > attempt.
> > > But they are sensitive, I do not want to send them to the list.
> > > On Tue, 22 Jan 2019 00:23:12 +0200 Nerijus Baliunas <
> > nerijus at users.sourceforge.net> wrote:
> > >
> > >
> > > Hello,
> > > A simple youtube link attached makes MailScanner think it is a fraud.
> > The message body is this:
> > >
> > >
> > >
> > > --
> > >
> > >
> > >
> > > --
> > > MailScanner mailing list
> > > mailscanner at lists.mailscanner.info
> > > http://lists.mailscanner.info/mailman/listinfo/mailscanner
> >
> > Regards,
> > Nerijus
> >
> >
> > --
> > MailScanner mailing list
> > mailscanner at lists.mailscanner.info
> > http://lists.mailscanner.info/mailman/listinfo/mailscanner



-- 
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5530 bytes
Desc: not available
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20190121/be1969a3/attachment.bin>


More information about the MailScanner mailing list