Hi!
Loads of phishing is done that way.
Having a shtml with a post command to whatever they want from you… usually
banking/dhl …
With kind regards,
Raymond Dijkxhoorn
> Op 12 mrt 2024 om 20:37 heeft Jared Hall via users
> het volgende geschreven:
>
> Is there a use case for emailing .shtm
Hello Michael,
No. Which is fine, because there are usually no URIs in headers, and when
there are, they are likely to be standard List-* headers, which are unlikely
to be useful.
Dont agree with that. We see many usecases for header checks...
We see many spams with a from domain inside SURBL
Hi!
Yes, I am running SA4 and have been for probably more than a year. What
am I doing wrong that RBL checks wouldn't be checking the FQDN?
Could be several reasons but will contact you offlist.
uniabujaedung-my[.]sharepoint[.]com[.]multi[.]surbl[.]org
has address 127.0.0.64
Meaning its l
Hello All,
RBL checks for FQDN not just domains would be a good idea...
>X-Spam-Status: No, score=1.102 tagged_above=-200 required=5
>tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
>DKIM_VALID_EF=-0.1, DMARC_PASS=-0.1, FMBLA_HELO_OUTMX=-0.01,
>FMBLA_RDNS_OUTMX=-0.0
legit subdomains you definately don’t want to
block.
With kind regards,
Raymond Dijkxhoorn
> Op 26 aug. 2022 om 00:40 heeft Benny Pedersen het volgende
> geschreven:
>
> Raymond Dijkxhoorn via users skrev den 2022-08-25 23:45:
>> Benny,
>> Sorry for the top p
Benny,
It’s not a redirector in that sense.
The 2ld is correct and SHOULD be used.
It’s abused subdomains of page.link that we see and list.
I don’t see samples of the base domain beeing used and abused as a redirector.
Could it be that that one is added mistakenly?
With the 2ld listing S
Benny,
Sorry for the top posting.
SURBL doesn’t list that base domain. And please check on the SURBL page not on
some third party site that might even be acl’ed.
https://www.surbl.org/surbl-analysis
page.link is NOT listed
SURBL lists the subdomains, and we list many of them. It’s a firebase
