1. use noprocessing for real paypal addresses. I think whitelisting this is bad, because it can skew your ham corpus to positively favor paypal and other phishing.
2. Use SPF softfail 3. use the paypal examples for the bombRe that are in the bombRe wiki article to take care of paypal phishing from non-paypal adresses. -- ME2 (mobile) -----Original Message----- From: "Robert Temple" <[EMAIL PROTECTED]> Date: Thursday, Mar 1, 2007 9:29 am Subject: [Assp-user] Stopping PayPal phishing email ASSP is doing a great job for my servers, but I've noticed Paypal phishing email keeps getting through. I have paypal.com set up in the whitelist to make sure legitimate paypal email gets through. I have SPF filtering on and notice the phishing scams fail the softfail validation, and have enabled the 'fail softfail validation' but they still get through. It looks like the whitelisting give them a free pass on the softfail. I am concerned that if I remove paypal.com from the whitelist, legitimate paypal email will get filtered. I am running version 1.2.6. Tha[Assp-user] Stopping PayPal phishing email"Robert Temple" <[EMAIL PROTECTED]>To: [email protected] Reply-To: Questions and Answers for users of AS ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
