Customers Who Use MailScanner

Some of our customers who use MailScanner to detect phishing have been getting odd notices within their emails. Following is from Interspire, a knowledge base website:

Recipients are seeing phrases like "MailScanner has detected a possible fraud attempt from..."

This warning text is generated by MailScanner, a virus/spam/security filter that may be used by a number of your recipients.

In an attempt to warn against possible "phising" attacks, it compares the link text to the actual link. For example:

The following link will NOT trigger a MailScanner warning:
<a href="http://www.example.com">www.example.com</a>

The following link-tracked link generated by IEM WILL trigger a MailScanner warning:
<a href="http://www.example.com/link.php?C=1&L=1&M=928hfg8032r4nlsdf">www.google.com</a>

The following link-tracked link will NOT trigger a MailScanner warning:
<a href="http://www.example.com/link.php?C=1&L=1&M=928hfg8032r4nlsdf">Search Google</a>

Notice that if you have a website address in your link text, MailScanner will try check whether the actual link (at least the domain portion) is the same as the text.

To avoid this issue, you can either:
  • turn off link tracking, or
  • stop using a URL as the link text.

Please follow these steps and if you continue to have problems please contact us at support@studiohelper.com




Feedback and Knowledge Base