Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] precious memories

On Tue, Aug 09, 2016 at 04:46:43PM -0700, steve wrote:
> This is a phish, right??

To software eyes it's quite obvious:

	Content analysis details:   (5.1 points, 5.0 required)

	 pts rule name              description
	---- ---------------------- --------------------------------------------------
	-0.7 RCVD_IN_DNSWL_LOW      RBL: Sender listed at, low
															[ listed in]
	 3.3 RCVD_IN_SBL_CSS        RBL: Received via a relay in Spamhaus SBL-CSS
															[ listed in]
	 0.0 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail
															domains are different
	 0.0 HTML_MESSAGE           BODY: HTML included in message
	-0.0 BAYES_40               BODY: Bayes spam probability is 20 to 40%
															[score: 0.2394]
	 1.7 URIBL_BLACK            Contains an URL listed in the URIBL blacklist
	 0.8 RDNS_NONE              Delivered to internal network by a host with no rDNS

I've always had good success with spamassassin even when used on local
accounts and rarely see a phishing or spam mail unless I look into the
spam folder.  Maybe it would be beneficial to install it on
mailing lists to get rid of this kind of stuff for good.

For the record, OpenBSD has a very nice spam daemon called spamd(8) [1]
which does not inspect message bodies but works with black, grey and
white lists. It would have caught on to the above phishing also. There
is a iptables port [2] but I'm not sure how well maintained it is.


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links