Fred,

You need to use a RegEx (Regular Expression)

Dan S.

I filter ALL "dotted IP" in an http link in email.  If you have a ligit site, put real DNS on it ... thats my attatude.  Also,  I have a lot of nice strong trees and some very good rope ... for the Spammers of course.

Dan S.

Ok...now I just got one for ebay.com along the same lines ROFL.  Think the same method will work for it too?  Perhaps I should check with ebay.com.  This is nuts..lol.  I did a tracert of the IP address in the fake link on both of them and sent abuse notices to the ISP's being used and in ebay's case, I also sent a copy to ebay.com.  I'm sure even if it does get shutdown though it'll pop up somewhere else soon.

I have a word for describing these people along with spammers and spyware authors but I'll refrain from saying it on such a public forum. :-)

FYI,  I just recieved a response to a Buyer Complain I sent in to PayPal and their response from service@paypal.com did not have the SSL link you mentioned.  The only link in the email was to their unsecured Security Tips page.

Fred,

The idea popped into my head while I was in the shower of all places but I also spent some time on the phone with PayPal and thats where the idea solidified so don't feel too bad!

Dan S.

Nice idea on the surface but .... once paypal supports SPF, the issue should reduce.  Also, my strategy, which is working so far is as follows:

In my Blocked From list:

*@paypal.com

in my KeywordWhiteList:

https://www.paypal.com

If there is an actual link to an SSL page at paypal, then I accept the message.   I have received no more paypal scams as a result and all my customers still get valid paypal email because ALL seem to have that link somewhere in the message body.

Just my input.

Dan S.