Differences between revisions 1 and 2
Revision 1 as of 2006-03-16 18:39:00
Size: 962
Editor: JustinMason
Comment: add a FAQ entry about this idea
Revision 2 as of 2009-09-20 23:17:30
Size: 966
Editor: localhost
Comment: converted to 1.6 markup
Deletions are marked like this. Additions are marked like this.
Line 5: Line 5:
Take a look at [http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4255 bug 4255] in our Bugzilla -- this idea has been tried in many forms, and mostly unsuccessfully. A lot of nonspam senders use this, for some reason. Take a look at [[http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4255|bug 4255]] in our Bugzilla -- this idea has been tried in many forms, and mostly unsuccessfully. A lot of nonspam senders use this, for some reason.
Line 18: Line 18:
If you'd like to comment further, please do so [http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4255 on bug 4255]. If you'd like to comment further, please do so [[http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4255|on bug 4255]].

Anti-phish 'fake URL' rule idea

I have a great idea for an anti-phishing rule, detecting links that claim to be linking to a different URL than their real target! Will it work?

Take a look at bug 4255 in our Bugzilla -- this idea has been tried in many forms, and mostly unsuccessfully. A lot of nonspam senders use this, for some reason.

Here are some examples of real-world false positives:

  <a href="http://www65.americanexpress.com/clicktrk/Tracking?mid=MESSAGEID&msrc=ENG-
ALERTS&url=https://www.americanexpress.com/estatement/?12345">https://
www.americanexpress.com/estatement/?12345</a>

  <A HREF="http://echo.epsilon.com/WebServices/EchoEngine/T.aspx?l=ID">https://www.hilton.com/
en/ww/email/tab_email_subscriptions.jhtml</A>

If you'd like to comment further, please do so on bug 4255.

AntiPhishFakeUrlRule (last edited 2009-09-20 23:17:30 by localhost)