I need to refresh my brain on using blacklists with SA, before looking
more deeply into why this got through.
Today a email slipped through with a very low score that was clearly
phishy. A url in question, posing as another, hits no less that 6
blacklists. I was going to look at clamav that is in use here, as I had
just been tuning that a bit and realized that that may be using a hammer
to drive a screw. so to speak.
Or are they passe these days?
more deeply into why this got through.
Today a email slipped through with a very low score that was clearly
phishy. A url in question, posing as another, hits no less that 6
blacklists. I was going to look at clamav that is in use here, as I had
just been tuning that a bit and realized that that may be using a hammer
to drive a screw. so to speak.
Or are they passe these days?