On Tue, 24 Oct 2017, Rupert Gallagher wrote:
Easy one. The Message-ID is not well formed / RFC compliant. We reject such
junk upfront.
How so?
<sn1pr0601mb161608603664931c0d08805aa8...@sn1pr0601mb1616.namprd06.prod.outlook.com>
That looks totally valid to me... < dot-atom-text @ dot-atom-text >
The line break between the header and the ID is unusual, but not invalid.
That might potentially be a usable spam sign.
On Tue, Oct 24, 2017 at 8:32 PM, Alex <mysqlstud...@gmail.com> wrote:
Hi all, I'm wondering if someone has some ideas to handle bank fraud
phishing emails, and in particular this one:
https://pastebin.com/wxFtKK16 It doesn't hit bayes99 because we haven't
seen one before, and txrep subtracts points. It also doesn't hit any
blacklists. Ideas for blocking these, and more general advice for
blocking banking fraud/phish attacks would be appreciated.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
People seem to have this obsession with objects and tools as being
dangerous in and of themselves, as though a weapon will act of its
own accord to cause harm. A weapon is just a force multiplier. It's
*humans* that are (or are not) dangerous.
-----------------------------------------------------------------------
208 days since the first commercial re-flight of an orbital booster (SpaceX)
