On 25.02.23 15:34, hg user wrote:
The last time I was hit by a not-recognized phishing campaign, no Ips nor
domains were present in RBL. When I took action one hour later I found that
several of them were listed.
So my idea is; is it possible to replay the queries one/two hours later?
you can scan mail every time you want, the question is how do you want to do
that.
I envision two methods:
- logging the queries, with Message-ids
- storing a copy of the message
If the second run hits new RBL, report to me, to take action.
this could work, this way you could feed all mail multiple times to SA,
which would apparently increase usagfe of DNSBLs, they could block you then.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Microsoft dick is soft to do no harm
