On Thu, Dec 06, 2007 at 11:52:30AM -0500, Rosenbaum, Larry M. wrote:
> Some time ago (and more than once) there have been discussions on this list
> about email containing hyperlinks where the link text is a URL that doesn't
> match the URL in the link HREF, and the pros and cons of testing for a
The URL mismatch that seemed like a sure thing to us was showing the
reader "https" but really linking to "http"!
Believe it or not major financial institutions send mail with these
fraudulent (I would say) links. Very sad.
OK, well, then say as long as the https and http links go to the
same
Randal, Phil wrote:
Unfortunately, people who should know better (e.g. McAfee) do this all
the time.
There'd have to be a huge whitelist of safe URLs to make this workable.
We use MailScanner, which has this sort of phishing detection built
in, flagging suspicious links.
Cheers,
Phil
N
On Thu, 6 Dec 2007, DAve wrote:
> I would think if you scored based on mismatched URLs you would tag
> the same messages incorrectly.
You could mitigate that bby using it in a meta along with rules that
hit on phishing-like text, and leave the score for a single mismatched
URL low, like 0.1 or so
twork Engineer
Herefordshire Council
Hereford, UK
From: Rosenbaum, Larry M. [mailto:[EMAIL PROTECTED]
Sent: 06 December 2007 16:53
To: users@spamassassin.apache.org
Subject: Mismatched URLs revisited
Some
Rosenbaum, Larry M. wrote:
> Some time ago (and more than once) there have been discussions on this
> list about email containing hyperlinks where the link text is a URL that
> doesn’t match the URL in the link HREF, and the pros and cons of testing
> for and scoring these mismatched links. My man
Some time ago (and more than once) there have been discussions on this list
about email containing hyperlinks where the link text is a URL that doesn't
match the URL in the link HREF, and the pros and cons of testing for and
scoring these mismatched links. My management has raised this issue.
