John,
> Because I think that suppressing that behavior for valid TLDs would be
an appropriate modification to avoid potential URIBL FPs
fully agree. SA should not append .com if the domain has a valid tld and
a domain label. We know of at least one FP related to "www.ch" when (the
expanded
On Sun, 8 Nov 2020, Daryl Rose wrote:
I'm getting obvious phishing attempts. This one was made to look like it
was from Wells Fargo with an obvious spoofed email address. However, when
I examined the headers, the From Address was this garbage:
*=?utf-8?B?V+G7hWxsc+G4nmFyZ28gQmFuaw==?= *
Daryl Rose skrev den 2020-11-08 23:00:
I'm getting obvious phishing attempts.
report to https://phishtank.com/ then
This one was made to look like
it was from Wells Fargo with an obvious spoofed email address.
so what did spamassassin say about that ?
However, when I examined the
Daryl,
Can you please post a copy of the raw email message - with headers -
perhaps with your own user's email address (and name?) masked out
(change to "") - to pastebin, or to a similar site - then reply
here with the link. It is difficult to give specific suggestions without
I'm getting obvious phishing attempts. This one was made to look like it
was from Wells Fargo with an obvious spoofed email address. However, when
I examined the headers, the From Address was this garbage:
*=?utf-8?B?V+G7hWxsc+G4nmFyZ28gQmFuaw==?= *
I received another one that was meant to be