On Friday, September 17, 2004, 2:47:57 PM, Bill Landry wrote:
This is a list that MailPolice hosts and I have been running it for a few hours and it has already flagged some phish and fraud e-mails. Here is some info about the list: http://rhs.mailpolice.com/#rhsfraud
This is my configuration for SA 2.64 with the SpamCopURI plug-in:
uri MP_URI_RBL eval:check_spamcop_uri_rbl('fraud.rhs.mailpolice.com','127.0.0.2') describe MP_URI_RBL URI's domain appears in MailPolice fraud list tflags MP_URI_RBL net score MP_URI_RBL 2.0
And for SA 3.0 with the URIDNSBL plug-in:
urirhsbl URIBL_MP fraud.rhs.mailpolice.com. A header URIBL_MP eval:check_uridnsbl('URIBL_MP') describe URIBL_MP URI's domain appears in MailPolice fraud list tflags URIBL_MP net score URIBL_MP 2.0
Bill
Let's ask more people to test the mailpolice fraud list in their SURBL installations as Bill, David and others are doing.
If the results of additional testing are good we may merge this data into our phishing list, PH in multi.
In particular we'd like to know if anyone gets any false positives. We're not expecting any FPs, but it's good to do some testing before we include this data officially.
As noted earlier, unlike SURBLs the mailpolice lists take the entire URI including subdomains, host names, etc., but since the SURBL client code tries to reduce URIs to base domains before checking them against the list, these should not causes matches resulting in FPs.
So please give it a try, and share what you find.
Thanks,
Jeff C.