[Dovecot] 64.31.19.48 attempt to break into my computer
Robert Schetterer
robert at schetterer.org
Thu Sep 22 17:42:43 EEST 2011
Am 22.09.2011 16:36, schrieb Ralf Hildebrandt:
> * Rick Romero <rick at havokmon.com>:
>
>> There are additional 'non-official' ClamAV signatures that are meant
>> to detect phishing attempts.
>> They do work, but aren't perfect.
>
> Got a link? Or are you thinking of the SaneSecurity Signatures?
>
>> I'm fortunate enough to be on the phishing list, so I wrote a quickie
>> perl script that will grep the logs for all the recipients and then
>> scan their INBOX for the phishing email and remove it before they
>> read it.
>
> I usually use doveadm for this.
>
why not simply use clamav-milter with sanesecurity sigs
( works like charme here )
so the stuff dont pass ever in mailboxes, if you dont like reject , then
hold for manual human admin interaction
--
Best Regards
MfG Robert Schetterer
Germany/Munich/Bavaria
More information about the dovecot
mailing list