On 06/12/2017 11:29, Kevin A. McGrail wrote:
I've added these rules to KAM.cf and would appreciate feedback.
<snip> Hi,All 14 variations from the MailSploit website apart from #5 triggered the rule. This is expected as the From: in #5 is simply:
From: "po...@whitehouse.gov" <d...@mailsploit.com>
I.e. there doesn't seem to be an exploit in it ;)
Regards
Ian
--
