John Hardin wrote ... (4/25/2009 12:06 PM): >> A phisher would send emails to a large number of people saying, >> literally, "I am your email administrator, your account is to be >> suspended, please send me your username and password". >> >> DKIM will not work, > > BAYES should work quite well. >
Actually it doesn't. The message text varies too much. While you can mass learn a single version during a particular campaign, we often see a dozen or more variations every day. BAYES can't cope with that. The SaneSecurity ClamAV DB's have been the best defense I've found to date..
