spamassassin-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Edwards <nick.z.edwa...@gmail.com>
Subject phishing rules
Date Mon, 24 Aug 2015 03:14:41 GMT
Hey,

Kind of had enough of regular URIBL's not getting this stuff, so
wondering has anyone wrote any rules they want to share on/off list to
match on mismatched URI links,

example
the displayed version in mail might be www.example.com, but the actual
URI when you highlight or click on it, is foobar.example.net

I want to score all mismatches rather high (i'm not interested in "oh
you shouldnt do that .. reason" type replies, sorry :) but have given
this long though and the pros  do outweigh the cons.

SA usually catches the phishing stuff, there is often many get through
of late, so the collateral damage is acceptable by our risk
assessments.

ciao

Mime
View raw message