* Jeff Chan [2008-10-31 02:36-0400]:
> On Thursday, October 30, 2008, 12:56:53 PM, Micah Anderson wrote:
>
> > I keep getting hit by phishing attacks, and they aren't being stopped by
> > anything I've thrown up in front of them:

>
> [...]
> > I've got spamassassin 3.2.5 with URIBL plugin loaded (which I understand
> > pulls in the 25_uribl.cf automatically, right? Or do I need to configure
> > that? if its automatic, that pulls in SURBL phishing).

>
> Increase the score on:
>
> URIBL_PH_SURBL
>
> The current SpamAssassin rules scoring process gives it an
> artificially low score which is counterproductive IMO. If you
> want to stop more phishing spams, consider increasing the score.


Thanks, I will do so... however the phishing emails I am getting are
of two types:

. generalized phishes, which I would expect SURBL to be able to detect a
large percentage of
. targetted phishing to my domain where the phisher attempts to
impersonate the 'admins' and ask for usernames/passwords. These I dont
think will get hits on SURBL, because they are specific to my domain,
and these are actually the more damaging because users are more likely
to be fooled by something that is claiming to come from 'us'.

Micah

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkkLXDUACgkQ9n4qXRzy1ipAiQCfdzkfBpyKQ6 houJvxrbQ6BGBx
shYAniQYIFxoua//MhcYsnxvm+Wk6Oe/
=Mfp1
-----END PGP SIGNATURE-----