Koozali.org: home of the SME Server

Obsolete Releases => SME Server 7.x => Topic started by: pizzaco on November 08, 2012, 03:24:46 PM

Title: Phishing - Visible hyperlink doesn't match actual URL
Post by: pizzaco on November 08, 2012, 03:24:46 PM

Hello,
We received a phishing email that contains link where the visible link indicates it goes to one URL, but the underling URL goes to totally different site.

In the past, these types of emails have been blocked because of the misleading link text. I'm not sure what part of the stack did the blocking but it was part of the SME standard setup (not a contrib or anything).

I trying to figure out why this wasn't blocked. Not sure if this is a change in functionality, a different scenario, or a bug.

Thanks!

Title: Re: Phishing - Visible hyperlink doesn't match actual URL
Post by: Jean-Philippe Pialasse on November 14, 2012, 02:15:11 PM

this should be part of the qpsmtp package and on of its plugins.

Mostly spamassassin.

Have you changed your server ? Modified something ? upgrade fron 7 to 8 ?

Title: Re: Phishing - Visible hyperlink doesn't match actual URL
Post by: pizzaco on November 14, 2012, 03:07:25 PM

No on all three.

Title: Re: Phishing - Visible hyperlink doesn't match actual URL
Post by: janet on November 19, 2012, 07:05:04 AM

pizzaco

Quote

I trying to figure out why this wasn't blocked.

New exploits are always being created and released, and at some point in time your sme server virus & spam databases do not know about these (new exploits). When the sme server databases get updated daily (from external sources), then the new exploit will be identified & treated as spam or a virus etc and rejected or moved to junkmail folder.

Sometimes it takes a day or two for your sme server to catch up with the world.

Title: Re: Phishing - Visible hyperlink doesn't match actual URL
Post by: pizzaco on November 19, 2012, 03:43:49 PM

OK. I won't worry about it for now. Thanks.