On Mon, 19 Jul 2004 23:25:40 -0700, Loren Wilton <[EMAIL PROTECTED]> wrote: > > > Well YOUR message didn't trigger the minimum, but who knows what the > > > spam would have scored. > > > I think you are missing the point here. You are quoting one line from the > phish message that happens to be the bogus url. That is good for a few > points from SURBL or the like. > > However, the WHOLE MESSAGE, with headers, could quite possibly trigger quite > a bunch of rules, even if the body text looks virtually correct. Its been > my experience that the headers will trip up a phish about 95% of the time, > without ever looking at the body of the message at all.
Add to this a well trained BAYES DB - we have a corpus of phishing messages which we regularly train bayes from in order to ensure we catch as many of the critters as possible. Bayes is incredibly good @ catching this stuff. The long and the short of it is that no one rule is ever going to solve the problem, you need to have multiple angles of attack to ensure that you are covering all bases, not just the immediately obvious ones. -- Regards, David Hooton
