Hi,
I'm curious what people use to avoid malware executable being bypassed
because their extensions are typically associated with file types that
are not normally executable?
https://twitter.com/jepayneMSFT/status/969742842410094593
Do you just rely on clamav? Do you do any types of checks of th
On 03/03/2018 23:45, David Jones wrote:
> On 03/03/2018 05:54 AM, Noel Butler wrote: On 03/03/2018 11:40, John Hardin
> wrote:
>
> On Sat, 3 Mar 2018, Noel Butler wrote:
>
> On 03/03/2018 04:40, John Hardin wrote:
>
> On Fri, 2 Mar 2018, Sebastian Arcus wrote:
>
> -0.2 RCVD_IN_IADB_RDNS
John Hardin skrev den 2018-03-03 19:28:
This is why the DecodeShortURLs plugin has an explicit limit of 10
lookups (and penalizes such with a total of 8 points).
I’d guess more than one redirect is highly suspicious and more than
two is probably a waste of time, just score 5.0 and be done with
On Sat, 3 Mar 2018, @lbutlr wrote:
On Feb 26, 2018, at 09:55, sha...@shanew.net wrote:
This is why the DecodeShortURLs plugin has an explicit limit of 10
lookups (and penalizes such with a total of 8 points).
I’d guess more than one redirect is highly suspicious and more than two is
probabl
On 03/03/2018 05:54 AM, Noel Butler wrote:
On 03/03/2018 11:40, John Hardin wrote:
On Sat, 3 Mar 2018, Noel Butler wrote:
On 03/03/2018 04:40, John Hardin wrote:
On Fri, 2 Mar 2018, Sebastian Arcus wrote:
-0.2 RCVD_IN_IADB_RDNS RBL: IADB: Sender has reverse DNS record
[199.127.240.84
On Feb 26, 2018, at 09:55, sha...@shanew.net wrote:
>
> This is why the DecodeShortURLs plugin has an explicit limit of 10
> lookups (and penalizes such with a total of 8 points).
I’d guess more than one redirect is highly suspicious and more than two is
probably a waste of time, just score 5.0
On 03/03/2018 11:40, John Hardin wrote:
> On Sat, 3 Mar 2018, Noel Butler wrote:
>
> On 03/03/2018 04:40, John Hardin wrote:
>
> On Fri, 2 Mar 2018, Sebastian Arcus wrote:
>
> -0.2 RCVD_IN_IADB_RDNS RBL: IADB: Sender has reverse DNS record
> [199.127.240.84 listed in iadb.isipp.com]
> -0.1