I just received a (valid) email notification from a Web service that got a score of 7/5.
It contained the following scores 2.5 FORGED_OUTLOOK_HTML Outlook can't send HTML message only 3.4 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook That seems a bit of a double-whammy doesn't it? I mean if SA think it's forged Outlook (the 3.4), then shouldn't the 2.5 be dropped? If that isn't the case, then why not just give FORGED_MUA_OUTLOOK a score of 5.9? -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
