Randy Ramsdell wrote:
Bookworm wrote:
I'm starting to see some new phishing/scam attempts.
What I was thinking was that it might be worthwhile to add a rule to not
so much check links, but count periods.
I was going to put in the web address that I received as an example,
but I think that's why this is a second attempt - the first one never
went through.
Basically, it's a 'colonial bank' scam - it uses eleven sections to
the domain name - 10 periods. (What would that be - I mean, we have
TLD for the .com/net/etc, second level domain names for the bleah.com
domains.. what would you say it is for an 11th level?)
In general, you see fewer than four periods in a domain name - but I've
seen this sort of behavior in spams before.
Thoughts?
(I'm just a general administrator. I use other people's rules, I
haven't had time to learn to make my own)
BW
I noticed you started a thread a few days ago with he exact same body
and a changed subject. There are 10-20 replies to that thread so I am
not sure why start a new exactly the thread a week later.
My suggestion would be to read that thread.
Because I'm not seeing the thread at all - I even searched for the
information through all 10,790 emails that I have in my SpamAssassin
folder, and double checked against the original email I sent out.
(before resending)
