What Bill Cole said! Agreed. For example, here's an almost impossible
phish to block (at least, without blocking legitimate PayPal
transactional emails!). This is a PayPal phishing spam, sent from
PayPal's own server! It was sent by PayPal. I only changed the intended
recipient address (to protect the innocent), and changed the "=" at the
end of lines MIME-formatting to regular lines, for better readability
when looking through the email body for links. Otherwise, not altered.
https://pastebin.com/v80qMF99
However - there are always very helpful improvements that can be made
for minimizing the number of phish that get into the inbox. It's a
constant battle!
Rob McEwen, invaluement
------ Original Message ------
From "Bill Cole" <sausers-20150...@billmail.scconsult.com>
To users@spamassassin.apache.org
Date 2/21/2023 2:11:02 PM
Subject Re: May I get to 0 phishing?
On 2023-02-21 at 13:51:09 UTC-0500 (Tue, 21 Feb 2023 19:51:09 +0100)
hg user <mercurialu...@gmail.com>
is rumored to have said:
I was wondering if it is possible to reach the goal of 0 phishing.
Nope. There are people who find it profitable and they will continue to find
ways to trick all the usable programmatic mechanisms deployed to stop it.
With 2 layers of paid protection, and a third layer realized with
spamassassin with a lot of hand made rules, I'm able to catch a lot of spam
and if some reaches the mailboxes, no problem.
But when phishing is able to reach the mailboxes, it is more dangerous, and
I'd like to bring it to a minimum.
I'd like to know if you, despite all the barriers, still, although rarely,
have phishing go through, and how do you handle the situation.
Eternal vigilance and user education.
The world is an imperfect place.
-- Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
