So, I received an email from "service.intl@paypal.com", Subject "Your
PayPaI account has been limited". This is clearly a phishing attempt and
not a legitimate email from paypal.
I analyzed the headers, the message comes from a server here in the United
States, the spam score is 5, and Spamassassian says "No Spam". Yea!!
Only not yea, because it's clearly a phishing attempt.
Normally I just add the email address to a blacklist_from.cf file and stop
it that way, but adding "service.intl@paypal.com" to the blackfrom list
would block any legitimate email from PayPal.
So how does a person write a rule for something like this? I've never
written rules before and not really sure how to.
Thanks
Daryl
PayPaI account has been limited". This is clearly a phishing attempt and
not a legitimate email from paypal.
I analyzed the headers, the message comes from a server here in the United
States, the spam score is 5, and Spamassassian says "No Spam". Yea!!
Only not yea, because it's clearly a phishing attempt.
Normally I just add the email address to a blacklist_from.cf file and stop
it that way, but adding "service.intl@paypal.com" to the blackfrom list
would block any legitimate email from PayPal.
So how does a person write a rule for something like this? I've never
written rules before and not really sure how to.
Thanks
Daryl