I'm using a modified version of a shortener decoder. I've modified it to be able to handle a few extra shortener services that don't use a http header and were being used in unrecognised spam. With this running and combined with all other url checks (retrieved urls are returned to SpamAssassin to be scanned by other rules and plugins), I've completely disabled the built in Mailscanner fraud detector.<br>
<br>I can share the source if anyone is interested.<br><br><div class="gmail_quote">On 15 November 2011 18:55, Scott Silva <span dir="ltr"><<a href="mailto:ssilva@sgvwater.com">ssilva@sgvwater.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">on 11/15/2011 8:43 AM John Baker spake the following:<div class="im"><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
HI all,<br>
<br>
I had a complaint to day with mail scanner putting" MailScanner has detected<br>
definite fraud in the website at" in a perfectly legitimate link using google<br>
domain shorteners. Does anybody have any ideas on how to keep fraud checking<br>
on but allowing domain shorteners?<br>
</blockquote></div>
The trouble is, you can't be sure that EVERY shortened domain is going to be legitimate...<br><font color="#888888">
<br>
<br>
<br>
-- <br>
MailScanner mailing list<br>
<a href="mailto:mailscanner@lists.mailscanner.info" target="_blank">mailscanner@lists.mailscanner.<u></u>info</a><br>
<a href="http://lists.mailscanner.info/mailman/listinfo/mailscanner" target="_blank">http://lists.mailscanner.info/<u></u>mailman/listinfo/mailscanner</a><br>
<br>
Before posting, read <a href="http://wiki.mailscanner.info/posting" target="_blank">http://wiki.mailscanner.info/<u></u>posting</a><br>
<br>
Support MailScanner development - buy the book off the website! </font></blockquote></div><br>