[Dovecot] 126.96.36.199 attempt to break into my computer
robert at schetterer.org
Thu Sep 22 17:42:43 EEST 2011
Am 22.09.2011 16:36, schrieb Ralf Hildebrandt:
> * Rick Romero <rick at havokmon.com>:
>> There are additional 'non-official' ClamAV signatures that are meant
>> to detect phishing attempts.
>> They do work, but aren't perfect.
> Got a link? Or are you thinking of the SaneSecurity Signatures?
>> I'm fortunate enough to be on the phishing list, so I wrote a quickie
>> perl script that will grep the logs for all the recipients and then
>> scan their INBOX for the phishing email and remove it before they
>> read it.
> I usually use doveadm for this.
why not simply use clamav-milter with sanesecurity sigs
( works like charme here )
so the stuff dont pass ever in mailboxes, if you dont like reject , then
hold for manual human admin interaction
MfG Robert Schetterer
More information about the dovecot