subject:"\[clamav\-users\] Finding the spoofed domain"

Re: [clamav-users] Finding the spoofed domain

2015-12-15 Thread Al Varnell

On Tue, Dec 15, 2015 at 06:21 PM, Alex wrote: > >>> Steve Basford wrote: I've posted the email here: http://pastebin.com/n4WRjmzE >>> Got a match: f.email.americanexpress.com/ with /moc.sserpxenacirema Before inserting .: .f.email.americanexpress.com Lookup result: in

Re: [clamav-users] Finding the spoofed domain

2015-12-15 Thread Alex

Hi, > I've posted the email here: > http://pastebin.com/n4WRjmzE > Got a match: f.email.americanexpress.com/ with /moc.sserpxenacirema > Before inserting .: .f.email.americanexpress.com > Lookup result: in regex list > Phishcheck:host:.r.smartbrief.com > Phishing: looking up in whitelist: >

Re: [clamav-users] Finding the spoofed domain

2015-12-15 Thread Alex

Hi, >> Steve Basford wrote: >>> I've posted the email here: >>> http://pastebin.com/n4WRjmzE >> >>> Got a match: f.email.americanexpress.com/ with /moc.sserpxenacirema >>> Before inserting .: .f.email.americanexpress.com >>> Lookup result: in regex list >>> Phishcheck:host:.r.smartbrief.com >>>

Re: [clamav-users] Finding the spoofed domain

2015-12-15 Thread Kris Deugau

Alex wrote: > Steve Basford wrote: >> I've posted the email here: >> http://pastebin.com/n4WRjmzE > >> Got a match: f.email.americanexpress.com/ with /moc.sserpxenacirema >> Before inserting .: .f.email.americanexpress.com >> Lookup result: in regex list >> Phishcheck:host:.r.smartbrief.com >>