On Thursday, August 12, 2004, 8:09:21 AM, William Stearns wrote:
On Thu, 12 Aug 2004, Jeff Chan wrote:
Thanks for checking since some may possibly be FPs. Some probably aren't.
This was apparently a first pass of some a data collection method and it may be imperfect. I certainly agree with you and Steve about the pill spammer, etc. And David Hooton already commented on some of the phishing hits.
I kind of doubt for privacy reasons that we'll be able to get the original messages. The person I got them from is on this list so perhaps they can let me know off list.
Then I might put a general request to that individual. Can youthink of a way to provide some support to the entries you've submitted? We're in a bind here because we truly want to remove FP's. And again, we really _do_ appreciate your taking the time to help out.
Thanks everyone for checking these.
I heard back from the source and they won't be able to provide the original messages, for privacy reasons as we thought might be the case.
They may try to correlate these possible whitelist entries against honeypots, etc.
The phishers may have been due to: meta discussion about phishers, spammers deliberately unjunking their phishing messages, a successfully confusing fraud, data or processing errors, etc.
I hope this has been somewhat educational for everyone and that we caught some legitimate FPs. We'll try to get some better qualified entries from them next time.
Jeff C.