[Micronet] CalMail problems this morning

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[Micronet] CalMail problems this morning

Bernie Rossi
On November 22, 2010 at 10:07AM, a malformed anti-phishing rule was
automatically loaded into CalMail from our PhishTank data feed, which
resulted in emails containing the string "http" to be marked as  phishes
and rejected during inbound SMTP connections to CalMail.  The rule was
manually pulled from production at 10:24AM.

Senders of emails that hit this bogus rule received a bounce message
indicating a delivery failure with the text "Message contains malware
(ClamAV:HTML.Phishing.PhishTank-1081869.UNOFFICIAL)".  Since the rule
has now been pulled from production, bounced emails can can be resent
and will be delivered normally.

We've modified our PhishTank scripts to handle this specific failure,
and we've added more stringent parsing to URLs received via the
PhishTank feed.  We'll also be escalating this issue to the PhishTank
administrators today.

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.