Re: Flag phishing attempts
This is a discussion on Re: Flag phishing attempts within the mailing.postfix.users forums, part of the Mail Servers and Related category; Wietse Venema: > Danny: > > On Thu, 7 Oct 2004 21:34:31 -0400 (EDT), Wietse Venema > > &...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
10-08-2004
|
|||
|
|||
Re: Flag phishing attempts
Wietse Venema:
> Danny: > > On Thu, 7 Oct 2004 21:34:31 -0400 (EDT), Wietse Venema > > <wietse@porcupine.org> wrote: > > > Barry Jeung: > > > > > > > > > > I'm running out the door as a write this, but after some food I plan to > > > > give it some thought. Just contemplating the feasibility of creating a > > > > body_check that would compare the href to the text in a link and flag it > > > > as a possible phishing attempt. Is this possible? > > > > > > That's not easy, but a numerical hostname should be enough of a > > > tip-off that the mail is not kosher. > > > > Can you please post an example of this? > > ;http://[0-9.%]+/; reject > ;http://[0-9.%]+/; hold > ;http://[0-9.%]+/; filter foo:bar > > man 5 regexp_table > man 5 pcre_table > man 5 body_checks Note: that is not a complete list. To also catch http://host:port/, change the above to ;http://[0-9.%]+[:/]; mumble Wietse 
|
Linear Mode
