[Dovecot] 64.31.19.48 attempt to break into my computer
Rick Romero
rick at havokmon.com
Thu Sep 22 17:39:08 EEST 2011
Quoting Ralf Hildebrandt <Ralf.Hildebrandt at charite.de>:
> * Rick Romero <rick at havokmon.com>:
>
>> There are additional 'non-official' ClamAV signatures that are meant
>> to detect phishing attempts.
>> They do work, but aren't perfect.
>
> Got a link? Or are you thinking of the SaneSecurity Signatures?
Yep. The SaneSecurity Sigs.
>
>> I'm fortunate enough to be on the phishing list, so I wrote a quickie
>> perl script that will grep the logs for all the recipients and then
>> scan their INBOX for the phishing email and remove it before they
>> read it.
>
> I usually use doveadm for this.
I'm slow to adopting new technology :) I would definitely do it if I
wasn't still running plain old Maildir.
Rick
More information about the dovecot
mailing list