On Thu, 14 Feb 2019 at 11:58, Ken O'Driscoll via mailop
wrote:
> On Thu, 2019-02-14 at 10:09 +0100, Stefano Bagnara wrote:
> > So, before I propose to use local whitelisting I'd like to understand
> > the global blacklisting causes :-)
> > (If there is some malicious activity going on we better fi
On Thu, 2019-02-14 at 10:09 +0100, Stefano Bagnara wrote:
> So, before I propose to use local whitelisting I'd like to understand
> the global blacklisting causes :-)
> (If there is some malicious activity going on we better find it,
> instead of working around it)
I understand. The following, in
On Tue, 12 Feb 2019 at 12:55, Ken O'Driscoll via mailop
wrote:
> From recollection, Sophos used to use McAfee's engine in some of their
> products so maybe try https://trustedsource.org/ but my info might be out
> of date.
Interesting! I checked the URL there and it says:
- Status: Categorized U
On 2/12/19 5:13 AM, Stefano Bagnara wrote:
>
> The URL is just a CNAME host pointing to our click tracking host (we
> are VOXmail a small italian ESP) and the target url is simply the
> homepage of the sender.
>
Is the target URL a query string parameter? If so, I would check your
logs to make s
On Tue, 2019-02-12 at 11:13 +0100, Stefano Bagnara wrote:
> I'm pretty sure it's a false positive as we have no other report about
> malicious contents on our site or the site of the sender, but I never
> seen this Sophos "Time of Click" protection before: do you know if
> there is a lookup website
