On Tue, 24 Oct 2017, Rupert Gallagher wrote:
Easy one. The Message-ID is not well formed / RFC compliant. We reject such
junk upfront.
Sent from ProtonMail Mobile
On Tue, Oct 24, 2017 at 8:32 PM, Alex <mysqlstud...@gmail.com> wrote:
Hi all, I'm wondering if someone has some ideas to handle bank fraud
phishing emails, and in particular this one:
https://pastebin.com/wxFtKK16 It doesn't hit bayes99 because we haven't
seen one before, and txrep subtracts points.
It also doesn't hit any blacklists. Ideas for blocking these, and more
general advice for blocking banking fraud/phish
attacks would be appreciated.
I'm sorry, what RFC does that message-id fail to comply with?
It's of the form :
"Message-ID: <alphanum*@alphanum*.alphanum*.alphanum*.alphanum*>"
Looks darned correct to me.
It's a bit on the long side but I've seen worse and is still not too long.
The fact that there's folded-whitespace in there is totally permissable as long
as done correctly, which it looks like it is.
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
